Research by CybSafe found that increasing cyber security requirements are being imposed on businesses supplying enterprise customers.
In its latest Secure the Supply Chain survey, 250 IT decision-makers at small-and-medium-sized suppliers enterprise were questioned about security requirements placed on their businesses.
It was found that 60% of businesses had to report on their cyber security measures as part of the contract or RFP process, an increase from 52% in 2017.
The survey also identified that 63% of businesses had been asked to fill out cyber security questionnaire, and 66% had been questioned about their cyber security training. Additionally before securing contracts 37% of respondents have been required to achieve a recognised cyber security standard by their enterprise customers.
Just over half of the respondents (55%) have admitted that their businesses have suffered a data breach within the last five years – to which 29.6% of those surveyed had lost a contract with a customer as a result of cyber security or fraud in the last 12 months.
Currently only 47% of businesses are utilising cyber security training to ensure staff have the skills needed to avoid cyber attacks.
Oz Alashe, CEO and founder of CybSafe, commented:
“The cyber security bar for suppliers is being raised every year. While lax cyber security precautions may have gone relatively unnoticed a few years ago, suppliers are now losing out on lucrative deals specifically because of security concerns. With enterprise customers more conscious than ever of the authorities, GDPR, and reputational damage, suppliers will need to alter their practices accordingly in order to stand a chance of becoming a trusted supplier.”
“No company is an island, and the necessity of working with third-party suppliers can open up critical vulnerabilities in an organisation’s line of defence. It is no longer enough for businesses to ensure that their own network is secure, as any supplier, or supplier of a supplier, poses a risk to the entire operation,” Alashe added.
Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.
Reserve your place today and gain access to the entire event free of charge. With all sessions available to view live or on-demand, you can build a personalised agenda based on your key focus topics and make the event fit around your work schedule.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.