Fears over Supply Chain Security

Thursday, April 21, 2016 @ 05:04 PM gHale


In today’s manufacturing environment, the supply chain remains a vital security concern.

Along those lines, 47 percent of respondents to a just released survey said they are not confident in the security of their business partners and suppliers.

RELATED STORIES
Understanding Security Gap for Execs
Modernization Offers Security Challenges
Insider Threats in All Companies: Report
Hacking Costs on Decline

That flies in the face of what companies are saying about themselves where 81 percent of IT professionals are confident in their ability to protect sensitive customer data, according to the study conducted for Tripwire by Dimensional Research. Study respondents included over 320 IT professionals who have visibility into the security of their organization’s supply chain.

“Every organization needs to evaluate the security risks associated with their business partners,” said Tim Erlin, director of IT security and risk strategist for Tripwire. “Partnerships provide an important growth mechanism for organizations today, but they also introduce risk. Organizations must invest in securing their points of interaction with partners.”

Additional findings from the study include:
• 81 percent f IT professionals are confident in their ability to protect sensitive customer data. However, this assurance does not extend to their organization’s business partners.
• 47 percent are not confident in the security of their business partners and suppliers.
• While 95 percent of respondents believe a supplier or partner security breach could expose valuable data, 61 percent said they were unconcerned or have bigger concerns.
• 44 percent said their organizations require partners and suppliers to pass security audits before they sign a contract with them.
• 34 percent use partners and suppliers that fail to meet their security standards.
• 25 percent admitted their organizations do not evaluate whether suppliers met their security requirements.
• 50 percent said they make exceptions or offer different standards for some partners.

Weaknesses in business partner and supplier cyber security can have disastrous impacts on businesses. Vulnerabilities in third-party security may have played a key role in many high profile security breaches, such as the Target breach.

Click here for the entire survey.