Partner Article

Abta hack highlights third party risk

Following the news that the travel trade organisation Abta has fallen victim to a cyber-attack via a web developer partner, Richard Henderson, global security strategiest at Absolute, argues that this breach highlights the growing third party threat.

“The exploitation of third party security vulnerabilities is without doubt a growing threat – as this attack shows,” Henderson claims. “Hackers are extremely persistent and will explore every avenue to gain access to information such as those stolen from Abta, and a third party is often the easiest option. Big companies like Abta will likely have comprehensive security tools in place, but this isn’t always the case for smaller partners or suppliers. If a hacker can bypass the weaker security defences of a large company’s partner, then they can end up gaining access to the big guys – their prime targets that hold reams of valuable data they can sell. Third parties are essentially low hanging fruit for hackers.

He goes on to point out that as GDPR comes into force next year, businesses will be under growing pressure to protect all of their assets.

“As this threat rises, businesses are under growing pressure to not only support and protect their own network, but also that of their partners’ – the financial and reputational risks are simply too high not to,” continues Henderson. “Unsurprisingly, this is causing multiple headaches for IT departments, which will ultimately turn to migraines once GDPR is enforced next year. These regulations will see security efforts tightened, particularly around endpoints and applications, to ensure that every access point is locked down. Indeed, as the attack surface continues to expand with the growing number of partners and endpoints, it’s crucial that businesses take responsibility when protecting their critical assets and have full insight into who holds their data and where.”

This was posted in Bdaily's Members' News section by Absolute .