“A well-considered approach to cyber security often brings an organisation’s ecosystem into the fold. We need to look into building secure business interactions with partners, vendors and any other intermediaries.”
When it comes to a business’ cyber hygiene, it pays to secure your extended ecosystem and ensuring best practices are followed with all the partners, vendors or any other intermediaries that you work with on a regular basis.
From a report dated in July 2020, VMware survey findings reported that 80% of Singaporean business respondents have reported being the target of a cybersecurity breach. The survey also noted that the average organisation experienced 1.67 breaches during the 12-month period that the survey looked at.
Of all the documented breaches, the leading cause was OS vulnerabilities at 20%, followed by breaches originating from third party applications at 15% and attacks on web applications. OS vulnerabilities may have occupied the top spot, but third-party application breaches are a cause for concern. Third-party breaches saw a two-fold increase in business impact from the previous year, and a lot of these attacks were attributed to island-hopping as an attack vector.
Increasingly, the extended business environment is becoming a factor that cannot be ignored. Third-party risks on the supply chain represent additional endpoints from which malicious actors can move through laterally to gain unauthorised access to your assets.
Written by Breton Chan,
Privasec's Marketing Executive
About Privasec's Cyber Security Health Checks
Privasec’s assessments follow the globally accepted security best practice standard ISO 27001 and the ISO 27002 best practice guideline. These are high level enough to cover all the security domains and can be easily mapped to any other framework of interest to the organisation. Based on the industry or geography that the organisation operates in, additional frameworks like NIST, APRA CPS 234, CIS etc. will be used along with ISO 27001 for the assessment.
A health check does not significantly disrupt the normal business operations. We have experienced security consultants who will conduct onsite workshops with your key subject matter experts, to review the organisation’s business and technology risk management practices. Our consultants take the time to understand how these are applied across the business to identify the systems and information assets that are critical to the business.
Health checks are a great value add to the business as it is cost effective and has a quick turnaround time of a few weeks, which will give you the responses you need fast, allowing you to move forward.
Contact us here to find out more.