Countering the Surge in Third-Party Compromise
Manufacturers and their suppliers are increasingly aware that a robust cybersecurity posture is table stakes, especially when the industry is the top target for cyberattacks. It’s why they are embracing proactive strategies like continuous monitoring, regular security assessments, and incident response planning.
In 2024 third-party compromises — including vendor compromises — are becoming more prevalent and sophisticated. Companies suffer financial losses, negative publicity and regulatory penalties from third-party data breaches or cyber incidents. According to research from Prevalent, 61% of companies experienced a third-party data breach or cyber incident in 2023, a threefold increase since 2021.
With this surge in mind, it’s essential that suppliers and Original Equipment Manufacturers (OEM) understand and incorporate strategies to mitigate the risk.
Understanding third-party compromise
A third-party compromise occurs when attackers infiltrate an organization’s network by exploiting vulnerabilities in its third-party vendors, suppliers or partners.
- Vendors often have access to sensitive data, systems or networks, which makes them an attractive target for attackers seeking to bypass the primary organization’s security measures. Progress Software’s MOVEit Transfer breach is a recent example.
- In June 2023, attackers exploited a zero-day vulnerability to access sensitive data stored and transmitted via the file transfer software, causing widespread data loss and disruption.
Rise driven by shift to cloud infrastructure
Why are third-party compromise attacks on the rise?
- The migration to cloud infrastructure has come with many benefits for businesses, but it’s also a main driver in the rise of third-party compromise.
- “The shift to the cloud introduced new vulnerabilities, an expanded attack surface and greater chance for misconfigurations,” said Stephanie Hinnerschietz, Boeing Enterprise Security Supplier Incident focal. “Each third-party service integrated into your IT system is a potential entry point.”
Key steps to reduce the risk of third-party compromise
Hinnerschietz advises companies to scrutinize their current environment for weak points and work to close gaps as they find them. She suggests four steps to counter third-party compromise:
- Conduct thorough vendor assessments. Before engaging a third-party vendor, evaluate their security practices, history of breaches and overall cybersecurity posture. Check for relevant security certifications such as ISO 27001 or SOC 2, which indicate that the vendor follows industry-standard security practices.
- Review configuration for every vendor. Make sure to check configurations of what vendors have set up for you and make sure that the in-practice configuration matches what was outlined in your agreement.
- Activate multi-factor authentication on all accounts across the organization.
- Develop and practice incident response plans so that in the event of a compromise, you and your team are prepared.
“While there isn’t a magical ‘silver bullet’ to protect an organization, companies can be proactive in focusing on good asset management, vulnerability management and business continuity planning,” Hinnerschietz said.
For more on the latest in cybersecurity news and tools, visit the MxD Cyber Resource Hub.