IP Expo Survey on Supply Chain Cyber Security

By   ISBuzz Team
Writer , Information Security Buzz | Nov 03, 2015 05:00 pm PST

Only 53 percent of organisations require cybersecurity audits for business partners

Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, announced the results of a survey of 160 attendees at the IP EXPO Europ conference in London.

According to Tripwire’s survey, 63 percent of the respondents said their organisation would refuse to use partners and suppliers that failed to meet their IT security standards. Despite these concerns, only 53 percent of the respondents require partners and suppliers to pass security audits.

Additional survey findings included:

  • 62 percent of the respondents said they are required to meet their customers’ security standards, and 63 percent believe their customers would lose confidence in them if one of them suffered a serious data breach.
  • 46 percent of respondents said they would lose contracts and be fined by a regulator or government agency if one of their partners or suppliers suffered from a serious data breach.
  • 22 percent of respondents said their organisations do not have the resources to check supplier contracts and ensure they meet their businesses security requirements.

“In the context of supply chains, security risk becomes a communicable disease,” said Dwayne Melancon, chief technology officer for Tripwire. “As customers become aware of this fact, they will insist that supply chain owners and participants are designing and operating with security in mind. Customers will only trust supply chain security if we can prove that foundational security controls are in place and effective.”[su_box title=”About Tripwire” style=”noise” box_color=”#336588″]Tripwire logoTripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]