Information Services Sector Has 2.5 Times the Number of Third-Party Relationships than the Overall Average; Finance Sector Claims the Fewest Third-Party Relationships
NEW YORK, February 01, 2023–(BUSINESS WIRE)–SecurityScorecard, the global leader in cybersecurity ratings, and The Cyentia Institute, an independent cybersecurity research firm, today published research that found 98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years. The study, Close Encounters of the Third (and Fourth) Party Kind, also found that 50 percent of organizations have indirect relationships with at least 200 breached fourth-party vendors in the last two years.
"An organizations’ attack surface spans beyond just the technology that they own or control, " said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard. "Organizations need visibility into the security ratings of their entire third and fourth party ecosystem so that they can know in an instant whether an organization deserves their trust and can take proactive steps to mitigate risk."
The study, which analyzed data from over 235,000 (primary) organizations across the globe and more than 73,000 vendors and products used by them directly (third-parties) or used by their vendors (fourth-parties), offers an in-depth examination of how the interdependence of modern digital supply chains impacts organizational cyber risk exposure.
Key Report Findings:
Security Suffers The More Third- and Fourth-Parties You Have
For every third-party vendor in their supply chain, organizations typically have indirect relationships with 60 to 90 times that number of fourth-party relationships. Research showed that compared to the primary organization, third-party vendors are five times more likely to exhibit poor security. Approximately 10% of third-party vendors receive an F rating among organizations that earn an A rating for their own security posture.
Information Services Leads in Third-parties
The research revealed the Information Services sector maintained an average of 25 vendors– 2.5 times the number of third party-relationships than the overall average of 10. The Finance sector was on the other end of the spectrum averaging 6.5 third-party relationships. The healthcare sector averaged 15.5 vendors per organization and the Insurance sector averaged 11 vendors. "Each of these third-party relations represents exposure to risk," continued Baker. "In some cases due to compromised third-party code, or in others due to usage of an insecure hosting provider."
Exposing Data to International Third-parties Increases Regulatory and Security Requirements
While examining the regional dimension of third-party relationships, SecurityScorecard found that 59% of organizations have vendors from five or fewer countries, while roughly 14% work with vendors spanning 10 or more countries.
"SecurityScorecard’s data demonstrates why managing cyber risk across the digital supply chain is absolutely critical as threat actors work to exploit any vulnerabilities an organization may have. Identifying and continuously monitoring all partners and customers within the digital supply chain is key to staying ahead of any potential risk," said Wade Baker, partner and co-founder at The Cyentia Institute. "By having full visibility into the security posture of their third and fourth parties, organizations can work with their vendors to address any cybersecurity gaps they may have in their infrastructure and, in turn, reduce their own level of cyber risk."
Additional resources:
Access the full report, "Close Encounters of the Third (and Fourth) Party Kind"
Read our blog to better understand what can organizations do to minimize risk stemming from their business ecosystems
Register for the informational webinar, presented by SecurityScorecard and the Cyentia Institute.
Learn more about how Automatic Vendor Detection enables organizations to identify the products and vendors in their third- and fourth-party ecosystem to identify potential risk, automate their workflows, and drive targeted data-driven decisions.
About SecurityScorecard
Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.
About The Cyentia Institute
The Cyentia Institute is a research and data science firm working to advance cybersecurity knowledge and practice. Cyentia pursues this goal through data-driven studies like this one and through a growing portfolio of analytic services. Learn more at www.cyentia.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230201005038/en/
Contacts
Derek Delano
SecurityScorecard
ddelano@securityscorecard.io
(646) 457-4513
Ryan Olohan, a married dad of seven, was fired from Google after 15 years allegedly for not being "inclusive" after a female exec retaliated against him for denying her sexual advances.
Yahoo Finance Live anchors discuss FedEx's job cut plans and how the stock is reacting.
Yahoo Finance automotive reporter Pras Subramanian explains Rivian's recent round of layoffs amid pressures to ramp up its EV production targets.
Tech titans including Google parent Alphabet, Microsoft, Meta (META) IBM (IBM) and Amazon (AMZN) have announced thousands of job cuts in recent months, as the sector attempts to meet a changing macro environment. While layoffs continue, however, companies such as Alphabet Inc. (GOOGL) (GOOG) and Microsoft Corp. (MSFT) are also increasing their efforts around AI, reflecting a broader trend in tech. Microsoft, for its part, is making a multiyear, multibillion-dollar investment in OpenAI, maker of the ChatGPT tool.
If you find yourself with $1.5 million in retirement savings, you're doing more than five times better than the average retiree, who only has $279,997. It is true that $1.5 million can last indefinitely in retirement if you don't spend … Continue reading → The post How Long Will $1,500,000 Last in Retirement? appeared first on SmartAsset Blog.
These growth stocks are down more than 50%, creating an attractive buying opportunity for patient investors.
Yahoo Finance’s Daniel Howley joins the Live show to discuss quarterly earnings for AMD, the drop in PC sales and shipments, and the outlook for AMD.
(Bloomberg) — FedEx Corp. is cutting global officer and director jobs by more than 10%, the courier’s latest cost-saving step as economic concerns and waning e-commerce weigh on demand for package delivery.Most Read from BloombergMerck Covid Drug Linked to New Virus Mutations, Study SaysPorsche Blunder Puts $148,000 Sportscar on Sale for Just $18,000Plenty of Americans Are Drinking Bleach, Still for Sale on AmazonNational Archives Releases Records Tied to Trump Classified Documents8,000 Layoffs
With Ford earnings due Thursday, the automaker updated its Mach-E pricing and EV production strategy.
WASHINGTON (Reuters) -The White House on Tuesday expressed outrage on Tuesday at Exxon Mobil Corp's record net profit in 2022 of $56 billion, a historical high not just for the company but for the entire Western oil industry. Oil majors are expected to break their own annual records due to high prices and soaring demand, pushing their combined take to near $200 billion. The scale has brought renewed criticism of the oil industry and sparked calls for more countries to levy windfall profit taxes on the companies.
Costco Wholesale Corp. shares ticked higher in the extended session Wednesday after the warehouse club reported rising sales during January, even with a headwind from an earlier Lunar New Year this year.
The group, which sells software to automakers, planemakers and industrial firms, guided for an annual revenue of between 5.93 billion euros and 5.98 billion euros ($6.59 billion to $6.53 billion) compared with 5.67 billion euros in 2022. Including currency fluctuation, the company expects annual growth at around 5%.
Thermo Fisher Scientific Inc (NYSE: TMO) has posted Q4 revenue of $11.45 billion, up 7% Y/Y, beating the consensus of $10.43 billion. Organic revenue was 3% lower, Core organic revenue growth was 14%, and COVID-19 testing revenue was $0.37 billion. Revenue from Life Sciences Solutions Segment declined by 27% to $3.05 billion. Analytical Instruments Segment sales were up 8.9% to $1.88 billion. Specialty Diagnostics Segment revenues decreased by 22.9% to $1.12 billion, and Laboratory Products and
The token at the heart of perhaps the most consequential lawsuit in the cryptocurrency industry is riding a month-long surge.
Exxon Mobil posted mixed fourth-quarter financial results Tuesday, beating earnings estimates but missing on revenue views. Exxon Mobil stock edged lower Wednesday. This drove Exxon Mobil and Chevronand other energy stocks to the head of the stock market, with the companies posting record profits.
When it comes to retirement, timing is everything. And for retirees, good timing doesn't just have to do with threading the needle on Social Security start dates or savvily initiating required minimum distributions (RMDs). It also has to do with … Continue reading → The post These Charts Shows Why You Shouldn't Retire in a Down Market – 2023 Study appeared first on SmartAsset Blog.
Adani Group's market losses swelled to more than $100 billion on Thursday, sparking worries about their potential systemic impact, a day after its flagship company abandoned a $2.5 billion stock offering. The withdrawal of Adani Enterprises' share sale marks a dramatic setback for founder Gautam Adani, the school dropout-turned-billionaire whose fortunes rose rapidly in recent years but have dwindled in just a week after U.S.-based short-seller Hindenburg published a critical research report. Adani stocks plunged, opposition lawmakers called for a wider probe and the central bank sprang into action to check on banks' exposure.
LOS ANGELES (Reuters) -FedEx Corp on Wednesday said it would cut its officer and director ranks by more than 10% as part of a broad cost-reduction effort that has reduced staffing at the delivery giant by 12,000 workers since June, a spokeswoman said. Shares in FedEx rose 3.4% to $200.52 as investors applauded the move, which signals progress on the company's plan to slash expenses by $3.7 billion this year. FedEx informed employees about the senior-level layoffs in a memo, which did not say how many positions would be affected.
“There is a window of opportunity to gain share…and 2023 is a pivotal year that will establish the winners and losers in this EV landscape,” Wedbush tech analyst Dan Ives says amid the industry's price cuts.
C.H. Robinson is a top-tier non-asset-based third-party logistics provider with a significant focus on domestic freight brokerage (57% of 2021 net revenue), which reflects mostly truck brokerage but also rail intermodal. Additionally, the firm also operates a large air and ocean forwarding division (34%), which has grown organically and via tuck-in acquisitions. The remainder of revenue consists of the European truck-brokerage division, transportation management services, and a legacy produce-sourcing operation.