Empower Your Suppliers Against Attack The average business shares data with a complex network of third parties, depending on their operational needs. In a survey of security and risk professionals, Forrester learned that the average business has 4,700 third-party partners with some access to corporate data. Third-party relationships extend your attack surface in ways that are hard to monitor and control. Just 14 percent of the respondents to Forrester’s survey said they were confident they could effectively track all their third parties. Among the most insidious and potentially damaging of these threats is account takeover (ATO), where cybercriminals obtain email and password combinations and use them to gain unauthorized access to corporate networks. This provides criminals a springboard for a variety of attack types. Data collected from the criminal underground suggests there is a constant risk of ATO to large enterprises. SpyCloud research into risk among Fortune 1000 companies showed a total of 23 million exposed corporate credentials with a high rate of password reuse. It’s important for businesses of all sizes to not only view their suppliers’ attack surface as their own but also extend some of their security protections to them. Doing so empowers suppliers to remediate the risks that threaten partner organizations. Here is a rundown of 3 attack types that pose a risk to your business via your third-party ecosystem: Business Email Compromise 2019 saw significant…
http://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard http://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2019-12-03 09:00:002019-12-03 09:00:00Supply Chain Account Takeover: How Criminals Exploit Third-Party Access
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com