A new study has found that companies suffer the most damage as a result of a cyber incident relating to their partners.
The study, conducted by Kaspersky Lab, found that incidents affecting infrastructure hosted by a third party cost small businesses on average £106,000, with large enterprises losing nearly £1.5m as a result of breaches affecting third parties.
These findings indicate that while companies need to focus heavily on investing in their own robust security, but also need to pay close attention to that of their business partners. If one member has weak IT security measures in place, you both are bound to suffer.
Among other things, the study found that while organizations IT Security budgets are increasing, the overall IT budget has shrunk substantially. But we all know that while budgets may shrink, the cost associated with falling victim to a breach is only on the rise. In 2017, SMEs are paying £66,800 on average worth of costs associated with a breach, while enterprises are facing costs of up to £756,000.
Governments across the globe are introducing legislation requiring organizations to provide information about how they share and how they protect personal data belonging to consumers. Take for example the General Data Protection Regulation or GDPR. Under this legislation, companies will be required to prove that they’ve ensured ‘appropriate security and confidentiality of personal data.’ For those found non-compliant, fines of up to €20 Million, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher, will be administered. NNT suggests organizations strike now, and make sure you’re in compliance before the May 2018 deadline.
Read this article on InfoSecurity Magazine