"Third Parties Caused Data Breaches at 51% of Organizations"

Researchers from Ponemon Institute and third-party remote access provider SecureLink conducted a new study and published their findings in a report titled “A Crisis in Third-party Remote Access Security." The researchers stated that organizations expose their networks to non-compliance and security risks by not taking action to reduce third-party access risk. The researchers found that almost half (44%) of organizations have experienced a security breach within the last 12 months. Of those organizations, three-quarters (74%) said that the breach had occurred because too much privileged access had been given to third parties.  The researchers also found that organizations are not doing the necessary security checks before sharing data access with third parties. Just over half (51%) of organizations said they had not been assessing all third parties' security and privacy practices before granting them access to sensitive and confidential information. Other key findings were that 54% of organizations do not have a comprehensive inventory of all third parties with access to their network, and 65% of organizations have not identified the third parties with access to their organization's most sensitive data.

Infosecurity reports: "Third Parties Caused Data Breaches at 51% of Organizations"