New Research Measures “Third Party” Risks to Businesses
A new survey points to widespread uncertainty around IT security risks as companies turn to outsourced offerings as a means of building up their value propositions – a trend that has gained momentum amid Covid-19 and labor shortages. The report says that expansion has broadened attack surfaces as threat actors target weaker vendors with strong market penetration to quietly surveil and paralyze systems.
According to a recent survey from CRA Business Intelligence, the research and content arm of cybersecurity information services company CyberRisk Alliance, 60% of respondents experienced an IT security incident in the past two years due to a third-party partner with access privileges and were most likely to have sensitive data stolen or suffered some type of business outage. While 52% of those who experienced third-party related attacks indicated they less lost less than $100,000 in damages, another 45% incurred higher costs, with a few paying $1 million or more. More than 70% believed that tracking components, sub-assemblies, and final products are very or critically important. But respondents lamented that such visibility is severely limited.
More than three out of four (76%) IT leaders and influencers rated managing third- party risk as a high or critical priority at their organizations—for most respondents (74%) this priority has increased in importance since 2020, when the pandemic created major micro and macro business disruptions, including supply and workforce shortages.
“Having started my compliance career in third-party vendor management in 2003, I’m still surprised at the lack of visibility into the risk that third-party suppliers pose to organizations,” said Matt Alderman, EVP of CyberRisk Alliance’s Business Intelligence Unit. “This research confirms that third-party risk is a critical component of your overall risk management program, especially considering recent attacks. With increasing damages and outages, it’s time for organizations to manage the risk of their third-party suppliers.”
The survey was conducted in late fall 2021 among more than 300 IT and cybersecurity decision-makers and influencers who use third parties.
Companies have little visibility into the security of the third parties they use, and partners may be in a prime position to mitigate those risks.
IBM and SAP Strengthen Partnership to Help Clients Engage Cloud
IBM is teaming with SAP to provide a portfolio of solutions and consulting services that help accelerate and amplify the journey to SAP S/4HANA Cloud. Built on a scalable platform, the solutions and services use intelligent workflows to streamline operations, and provide an engagement model that helps plan, execute and support business transformation. Clients can thereby migrate SAP solution workloads to the public cloud with the support of deep industry expertise.
Intended benefits include projected revenue increases as high as 90%, reduced operational costs, and improved productivity.
“We are thrilled to advance our long-standing partnership through RISE with SAP,” said John Granger, Senior Vice President, IBM Consulting. “Our shared commitment is to meet our clients, especially those in highly regulated industries, where they are in their digital journey, while giving them choices for migrating or modernizing their mission-critical workloads with a hybrid cloud approach.”
IBM and SAP have worked with hundreds of clients globally on thousands of individual projects to help customers leverage the cloud. Recent examples include Coca-Cola European Partners, Parle Products, Harmont & Blaine, Puravankara Ltd and Virgin Megastore KSA.
The alliance expands US-based As clients look to adopt hybrid cloud strategies, moving the workloads and applications that are the backbone of their enterprise operation requires a highly secured and reliable cloud environment. With the launch of this initiative, clients will have the tools to help accelerate the migration of their on-premise SAP software workloads to IBM Cloud.
NetWitness Launches New Partner Program to enhance Cybersecurity Skills
NetWitness, a Bedford, Massachusetts-based cybersecurity company, has rolled out a new partner program designed to better meet the needs of the broad range of channel partners, including resellers, distributors, and managed security service providers (MSSPs).
“As the needs and concerns of customers have progressed and become more advanced, we realized there was an opportunity to revamp how we work with our partners so that we can continue providing the insight, visibility, and access that our customers require,” said Dave Govan, Chief Revenue Officer of NetWitness. “Our partners play an integral role in enabling enterprises to detect threats and take action to mitigate them, and our new program is now better positioned to support them in this mission.”
New program benefits include increased investment in technical training for partners, including additional educational material, instructor-led training sessions, on-demand sessions, and an improved path to certification to enhance partner familiarity and proficiency with the vendor’s offerings; several options for hands-on product demonstrations and trials, both on premise and in the cloud; and simplified rules, protocols, and processes.
An RSA company, NetWitness provides scalable threat detection and response capabilities. Its platform promises complete visibility combined with applied threat intelligence and user behavior analytics to detect, prioritize, investigate threats, and automate response.
The new program is tailored for partners working to help their customers respond to and prepare for cyberthreats that are constantly growing in frequency, scale, and sophistication.