It has been reported that a report from ForgeRock has revealed an unprecedented 297% surge in breaches caused primarily by security issues associated with supply chain and third-party suppliers and representing almost 25% of all breaches. The report also found unauthorized access was the leading cause of breaches for the fourth consecutive year, steadily increasing to account for 50% of all records compromised during 2021. The report underscores the fact that cybercriminals continue to find new methods of attack across industries and geographies. The cost of breaches also continues to grow. In the US alone, the price of remediation from a breach has climbed annually, doubling since 2018.
If we look at the history of data breaches, we’re likely to find that many can be classified as a supply chain attack. This includes breaches of cloud providers, payment processors, logistics services and many more. Because the security of your business depends on the security of your business partners, its critical that vendor risk management practices evolve to better understand the impact of ongoing cyber security efforts. That can include any number of cyber-security efforts from vulnerability management to data flows. After all, if you’re going to trust the success of your business to a third party, that third party should have cyber security and data protection practices that are worthy of that trust.