Promo.com, an Israeli-based video marketing creation site, disclosed a data breach at the hands of an undisclosed third-party supplier that compromised the records of 22M users. The breach came to light after Promo.com found its data being given away for free on a hacker forum. Cybersecurity experts commented below on the importance of vetting third-party partners.
Experts Comments
Change passwords if they're reused anywhere, keep an eye on credit score, and send a strongly-worded email to the provider expressing their disdain.
Having 3rd parties and outsourcing elements of work is a reality in today's business world, but outsourcing any activity does not absolve an organisation of its security responsibilities. This is another incident where an organisation is stating the breach has occurred from a third party, which may be true, but it's still a breach for which they are responsible. Whenever handing over data to third parties, or allowing them access, organisations need to ensure they have adequate security.....Read More
The Promo breach serves as a reminder of the importance of vetting your third-party partners.
Your attack surface is a lot bigger than you think. The Promo breach serves as a reminder of the importance of vetting your third-party partners. If your third-party partners don’t have equal or greater security standards, they are a security risk. As your organization grows and scales, so does your list of third-party vendors, so it is in every organization’s best interest to always vet the security of their vendors.
The overarching issue with third-party security is accountability......Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Terence Jackson, Chief Information Security & Privacy Officer, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Promo has laid blame on a third party vendor. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-warn-of-vetting-third-part-partners-in-light-og-promo-com-breach
Facebook Message
@Terence Jackson, Chief Information Security & Privacy Officer, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Promo has laid blame on a third party vendor. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-warn-of-vetting-third-part-partners-in-light-og-promo-com-breach