Imprivata, a digital identity company for critical industries, has released new global research with the Ponemon Institute which found that 47 percent of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network. This represents similar levels from when the study was conducted two years ago. Notably, 64 percent of respondents say these types of third-party data breaches will either increase or remain at alarmingly high levels over the next 12-24 months, indicating the problem is here to stay.
Titled The State of Third-Party Access in Cybersecurity, the report surveyed IT security practitioners and found increased awareness of the security risks associated with third-party access, likely due to organizations being impacted first-hand by a security incident. However, despite efforts to address third-party risk, it remains a challenge to do so based on inconsistent and immature security strategies.
Nearly half (48 percent) of organizations agree that third-party remote access is becoming the most common attack surface. “Third-party access is necessary to conduct global business, but it is also one of the biggest security threats and organizations can no longer remain complacent,” said Joel Burleson-Davis, Senior Vice President of Worldwide Engineering, Cyber, at Imprivata. “While some progress has been made, organizations are still struggling to effectively implement the proper tools, resources, and elements of a strong third-party risk management strategy. Cybercriminals continue capitalizing on this weakness, using the lack of visibility and uncertainty across the third-party vendor ecosystem to their advantage.”
Of the organizations that experienced a data breach or cyberattack due to third-party access over the past 12 months, the biggest consequences suffered were the loss or theft of sensitive and confidential information (53%), regulatory fines (50%), and severed relationships with the affected third-party or vendor (49%). Additionally, 34 percent say the attack involved the third-party having too much privileged access.
Specific to the manufacturing sector:
- In the last 12 months, 42 percent of industrial organizations have experienced a data breach or cyberattack that involved a third party vendor accessing the orgs network.
- Of the 37 percent of industrial institutions using artificial intelligence (AI) and machine learning (ML) to reduce privileged access abuse, 57 percent report that it improves the efficiency of efforts to manage third-party and internal privilege access abuse.
- Only 29 percent of manufacturing organizations have a strategy that is consistently applied across the entire organization to address privileged access risk.
- Subsequently, 27 percent of industrial organizations do not have a consistent strategy applied across the organization when it comes to addressing privileged access risk.
As organizations try to respond to the looming third-party threat, they are struggling. More than one-third (35%) of respondents said they were unsure how the cyberattacks they suffered were perpetrated. Organizations have limited visibility into how vendors are accessing their network, creating a massive blind spot.
In addition to lack of oversight, 41 percent of respondents say insufficient resources or budget are a top barrier to reducing third-party risk. In fact, 44 percent believe managing third-party permissions can be overwhelming and a strain on their internal resources, with organizations spending an average of 134 hours per week across IT and security teams analyzing and investigating the security of third-party access.
Today, most (58%) respondents believe their security strategy to address privileged access risks is inconsistent or non-existent, creating an immediate opportunity to address the issue head-on.
For more information, download the full report here.