< Back to Blog
Top 5 Ways to Minimize the Risk of Third-Party Breaches
Security Best Practices & Advice

Top 5 Ways to Minimize the Risk of Third-Party Breaches

By Demi Ben-Ari Aug 07, 20192 min read

Third-party breaches are on the rise. According to a recent report by the Ponemon Institute, over 60% of US companies experienced a data breach caused by one of their third parties in 2018, up from 49% in 2016. 

The consequences of such breaches can be devastating: Besides losing consumer confidence and loyalty, companies can face costly penalties for violation data privacy regulations. To prevent such cyber incidents, security professionals must demand that suppliers demonstrate and maintain a strong cyber posture

What steps should you take to mitigate third-party security risk? Here are our top five recommendations:

1. Evaluate the supplier’s security posture

It’s important to consider security posture on the perimeter level, including CMS version, mail server, domain hijacking, SSL certificates and security technologies in place. Checking these systems will help uncover cyber gaps and vulnerabilities, giving you a good idea of a supplier’s overall cyber posture. 

2. Remediate security gaps

Once security gaps have been identified, your suppliers should be expected to achieve a reasonable level of security. Be sure to engage with the supplier and pinpoint the issues so that they become aware of the problem, understand the issue and know how to fix it.

3. Secure supplier interaction

Take steps to secure interaction with suppliers you wish to work with that don’t have good security postures. This includes being more vigilant about the information being shared and how it is shared. For example, the demand and enforcement of data removal after a certain period or limited access to various systems.

4. Continuously monitor

Hackers constantly use new methods to exploit vulnerabilities and suppliers frequently add new assets and software that can create new cyber gaps. For these reasons, it’s essential to continuously monitor the cybersecurity posture of suppliers and receive live alerts on any significant changes. In case of a change, you should alert your supplier of these issues. 

5. Minimize risk based on relationship

Consider minimizing data breach risk based on the relationship level that the company has with the supplier. For instance, a company might decide to sever all open network connections with the supplier while another company might add dedicated auditing for the supplier network communications. 

Want to learn more about how Panorays can help your company minimize the risk of third-party breaches? Contact us today. 

Demi Ben-Ari

Demi Ben-Ari is CTO and Co-Founder of Panorays. He’s a software engineer, entrepreneur and international tech speaker, and takes #CyberSelfies like nobody else can.

You may also like...
Securing Your Suppliers: Building the Right Password Policy
Oct 14, 2020 Securing Your Suppliers: Building the Right Password Policy Demi Ben-Ari
Securing Your Suppliers: Preventing Phishing Attacks
Oct 06, 2020 Securing Your Suppliers: Preventing Phishing Attacks Demi Ben-Ari
Third-Party Cyber Risk: 6 Facts Every CISO Should Know
Jul 28, 2020 Third-Party Cyber Risk: 6 Facts Every CISO Should Know Demi Ben-Ari
Get our latest posts straight to your inbox Subscribe

We use cookies to ensure you get the best experience on our website. Visit our Privacy Policy for more information.