The Ponemon Institute and SecureLink report “A Crisis in Third-party Remote Access Security” shows the gaps between stated third-party access threats and the security measures an organization actually uses. The report notes the threat surface increase due to remote access over the last 12 months. Among other key findings: 44% of respondent organizations experienced a breach in the last 12 months, with 74% faulting too much-privileged access among third parties. Also, 63% state that the third party’s reputation is the reason they’re not evaluating those privacy and security practices; 61% said their third-party management program does not define or rank risk levels; and 63% don’t know who has what level of access and permissions, and 54% don’t regularly monitor the security and privacy practices of third parties that they share sensitive or confidential information with.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.