1 in 3 firms would end contracts with unsecure suppliers
Almost a third of British businesses (31 per cent) say they would end their relationship with a supplier that caused them to become the victim of cyber crime due to poor security measures.
This is the finding of a new study by Beaming and Opinium, which also revealed that nearly one in five (17 per cent) would take legal action in order to recover any financial losses they incurred as a result of a supplier’s negligence, while 20 per cent would look to leverage the incident in order to negotiate a discount.
Just three per cent of firms say they would take no action if one of their suppliers led to them becoming a victim of cyber crime.
The survey therefore illustrates a growing recognition that cyber security is not solely an activity that is confined to within a business’ perimeter, but is something that should be seen as a shared responsibility.
Sonia Blizzard, managing director at Beaming, said: “We’ve seen for some time that hackers will seek to infiltrate one organisation as a stepping stone to then attack others. Businesses that neglect to take the steps necessary to protect themselves and their partners could find that a single breach could irreparably damage their hard earned reputations and relationships.”
Indeed, some of the largest data breaches in history have come about as a result of this ‘piggybacking’ on less-secure suppliers. US retailer Target’s 2013 incident, which affected more than 40 million people and cost the company upwards of $160 million in lost business, mitigation and reparations, was traced back to credentials stolen from one of the firm’s third-party vendors.
Beaming’s research revealed small businesses are particularly at risk of damaging the reputation and relationships through poor cyber security. For example, only half of firms with between ten and 49 employees (51 per cent) had a documented cyber security policy.
Meanwhile, just 51 percent of businesses employing fewer than ten people were using a network perimeter firewall to stop threats from reaching their systems, and just one in three (30 per cent) had intrusion detection systems to spot malicious activities or cyber security policy violations.
“For businesses, the consideration of risk must extend beyond their own boundaries to incorporate customers, partners and other organisations they come into contact with,” Ms Blizzard said. “Rather than simply guarding what’s ours, we need a cyber security culture that means we all look out for those we do business with too.”
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.