Security standards
How High Are Your Suppliers’ Security Standards?
New research shows that organizations could do more to ensure their business partners and suppliers’ security standards. Here’s where channel partners can help.
High Confidence
81% of IT professionals are confident in their ability to protect sensitive customer data.
Uncertain Security
47% of respondents are not confident in the security of their business partners and suppliers.
Reality Gap
95% of respondents believe a supplier or partner security breach could expose valuable data, yet 61% were unconcerned or have bigger concerns.
Security Audits
44% of organizations require partners and suppliers to pass security audits before they sign a contract with them, 34% do not require them to pass security audits and have no plans to, and 23% do not require audits but have plans to.
Bad Practice
However, 34% of organizations use partners and suppliers that fail to meet their security standards.
Security Laggards
25% of organizations do not evaluate whether their suppliers meet their security requirements.
Lack of Resources
65% of respondents said the primary reason for not checking to make sure suppliers meet their security requirements is lack of resources, followed by they haven’t thought about it (33%). Meanwhile, 19% said they don’t see suppliers as a risk to their security.
Exceptions to the Rule
50% of organizations use the same security standards for all vendors, 26% said they make exceptions for some partners, and 24% said they have clear guidelines for smaller partners.
Partner Breach Impact
67% said the biggest impact of a serious data breach by one of its partners is reduced customer confidence, followed by brand damage (59%), fines from a regulator or government agency (44%), loss of contracts (40%) and lower share price (24%). A surprising 20% expect a minimal impact.
Cost of a Breach
83% said the biggest impact of a serious data breach at their organization is reduced customer confidence, followed by brand damage (77%), fines from a regulator or government agency (59%), loss of contracts (56%) and lower share price (32%). Only 7% expect a minimal impact.