Skip to main content

Businesses don't really trust their partners' security practices

Businesses might be certain of their own security practices, but when it comes to their partners, thery're not so sure. A new report from Tripwire, based on research done by Dimensional Research, says that assurance in protecting sensitive customer data does not extend to the business partners.

Even though basically everyone (95 per cent of surveyed businesses) confirmed that a partner's security breach could compromise their customers' sensitive data, 61 per cent said they were unconcerned, or had bigger things to worry about.

Businesses might not be certain of their parnters' security practices, but still 44 per cent ask their future partners to pass security audits before doing any work together. More than a third (34 per cent) work with partners that don't meet their security standards, and 25 per cent said they don't even evaluate the security practices of their partners.

Half of responding businesses said they make exceptions or offer different standards to different partners.

“Every organization needs to evaluate the security risks associated with their business partners,” said Tim Erlin, director of IT security and risk strategist for Tripwire. “Partnerships provide an important growth mechanism for organizations today, but they also introduce risk. Organizations must invest in securing their points of interaction with partners.”

Compromised passwords, insider threats and phishing and scams are the biggest security threats to businesses nowadays, who are getting increasingly targeted by ransomware – malware which encrypts all the data on a network and requires the victim to pay ransom in Bitcoin in order to get its data back.

Photo Credit: Dr. Cloud/Shutterstock