Partner Article

NCC Group launches Supplier Assured service

More than 40% of corporate IT security breaches are related to third party suppliers, according to new research from global information assurance firm, NCC Group.

100 CIOs from companies with over 1000 employees were questioned as to their security practices with third party suppliers, which could range from accountants or lawyers to web designers or software providers. A hefty 76% of those surveyed said that their suppliers had access to their customer data, while 43% of those who had suffered an IT security breach knew that it was due to third parties.

Malicious hackers can exploit weak links in the supplier security chain to harvest customer contact or financial details, which are then used to commit fraud. They can also use third party weaknesses to gain direct access to the clients’ own networks, stealing sensitive data or intellectual property. Last year US military contractor, Lockheed Martin, faced disruption to its computer networks that was linked to the hacking of one of its suppliers, RSA, weeks earlier.

Rob Cotton, CEO at NCC Group, comments: “This is a major problem, and one that needs addressing now. Too many businesses are exposed to serious risk through sloppy practices beyond their walls. Without strong security technologies and procedures in place throughout the entire supply chain, the chances of suffering either amalicious cyber attack or an accidental data breach are significant.”

NCC Group is addressing the grim realities of supply chain security with a new proactive security service, called Supplier Assured.

Supplier Assured draws on NCC Group’s unique breadth and depth of digital and physical security expertise in order to provide a detailed examination of clients’ supply chains. The Supplier Assured team undertakes a detailed audit of suppliers’ security policies and procedures, measuring them against industry best practice standards. On completion, clients receive a management report detailing any identified security issues and recommended actions.

“Through Supplier Assured, we’re offering businesses a fully managed service, so all third parties are thoroughly audited,” Rob explains. “Many businesses appreciate that third party suppliers are a weak link, but don’t always have the resource to audit them individually.”

This was posted in Bdaily's Members' News section by Nathan Cracknell .