No Compensation After a Cyberattack in the Absence of Third-party Policy

Security Brief | February 10, 2020

  • Kaspersky's report revealed that 71% of enterprises with a third party policy reported receiving monetary recompense after an incident, compared to only 22% who did not have regulations in place.

  • Damage from incidents is estimated to cost $2.57m on average, with data breaches among the three costliest problems faced by enterprises.

  • One of the main benefits of implementing third party policies is that they solve issues around accountability.


Kaspersky IT Security Economics report took almost 5,000 business decision-makers willing to share their thoughts on cybersecurity and their firms’ attitudes about cyberthreats.



The results emphasize on the importance of dedicated policies and protocols for third-party contractors working with IT companies.



Does the concern make any sense?


According to Gartner's research, 71% of organizations have more third parties in their network than they had three years ago – and the same amount expect this number to grow in the next three years. For subcontractors to fulfill their work obligations, companies often allow them access to their sensitive data and IT assets.



Kaspersky's survey laid down surprising facts. It showed that only 22% of organizations that do not have specific data usage guidelines for partners and subcontractors received compensation after a supply-chain attack, or incident that affected suppliers they share information with. In comparison, nearly three-quarters (71%) of enterprises that have specific data usage guidelines for partners and subcontractors received compensation after an incident that affected suppliers they share information with.



The results of our survey may seem rather paradoxical with enterprises with special policies saying they have experienced supply chain attacks more often. However, we can suggest that a business with a wider network of third party organizations will pay more attention to this area, which results in implementing specific guidelines.

- Sergey Martsynkyan, Head of B2B Product Marketing, Kaspersky.


The report revealed that 79% of enterprises have special policies in place explaining to partners and suppliers on how to work with shared resources and data, as well as any penalties they may incur.  The concerns do make sense.  According to the survey, damage from incidents is estimated to cost $2.57m on average, with data breaches among the three costliest problems faced by enterprises.Several sophisticated supply chain attacks including ShadowPad were discovered by the researchers.



A vast network of subcontractors may make such data breaches more likely. Besides, organizations with third party policies can more accurately determine the causes of a particular breach.

-Sergey Martsynkyan, Head of B2B Product Marketing, Kaspersky.


 

The report suggests that one of the main benefits of implementing third party policies is that they solve issues around accountability by defining the areas of responsibility for both of the organizations involved. It also increases the chance of receiving compensation from a supplier that becomes an entry point for an attack.



Third-party policies also play well for SMBs. For example, 68% of SMBs with policies in place received compensation compared to 28% of those who did not have policies.



READ MORE: A framework for measuring Infosec as a business function



The Kaspersky report makes the following recommendations:

1. Regularly update your list of all partners and suppliers, as well as the data they can access. Ensure that they only have access to the resources they need to carry out their work. Confirm that organizations that don’t collaborate with your company are excluded and cannot access or use data and assets.
2. Provide all third parties with the requirements they should follow – including compliance and security practices.


3.Kaspersky offers Kaspersky Anti Targeted Attack that can detect advanced attacks that may have gone under the radar of perimeter protection solutions, including supply chain attacks, at an early stage.

 

 

READ MORE: Nine steps to Cybersecurity

About the survey


The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) is a global survey of IT business decision makers, which is now in its 9th year. A total of 4,958 interviews were conducted across 23 countries. Respondents were asked about the state of IT security within their organizations, the types of threats they face and the costs they have to deal with when recovering from attacks. The regions covered include LATAM (Latin America), Europe, North America, APAC (Asia-Pacific with China), Japan, Russia and META (Middle East, Turkey and Africa).



Spotlight

Thanks to this video, you will learn about the different options in the drop-down menu you find by hovering over the user icon on Fluid Attacks' Attack Resistance Management (ARM) platform.

Spotlight

Thanks to this video, you will learn about the different options in the drop-down menu you find by hovering over the user icon on Fluid Attacks' Attack Resistance Management (ARM) platform.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Immuta Announces the Release of Immuta Detect for Continuous Security Monitoring

Immuta | January 20, 2023

On January 19, 2023, Immuta, a leading data security firm, announced the launch of its latest product, Immuta Detect. Immuta Detect notifies data and security teams about unsafe data access behavior with its continuous data security monitoring capabilities, therby enabling faster and more accurate risk response and improved data security posture management across advanced and modern cloud data platforms. The product is the new vital component of Immuta's comprehensive Data Security Platform that offers security and access control, data activity monitoring and sensitive data discovery. The platform uniquely integrates with the leading cloud data platforms along with existing SIEM and Managed Detection and Response (MDR) tools. As data sources and users in modern cloud settings increase, monitoring data usage and responding to threats becomes more challenging. This is critical for safeguarding against insider threats and adhering to rules and regulations. Existing strategies to solve these problems include manual and time-consuming audits of millions of log data records housed in disparate data sources. To stay up with business demands, data and security teams need improved ways for monitoring data access, address issues precisely, and quickly adjust to shifting risk appetites. With Immuta Detect, customers can swiftly surface and prioritize data usage risks, decrease time to risk mitigation, and maintain data security by utilizing the following new features: Advanced access behavior analytics - Immuta Detect consolidates data access logs, allowing data and security teams to continuously monitor and evaluate changes in user behavior and data access entitlements by source, user activity or query, as well as get insight into changes in data classification and security configuration. Sensitive data views and indicators – The company offers a detailed analysis of each user and data activity in depth, summarizing activity across multiple criteria such as time frame, data access event categorization, sensitive data indicators, and most active data sources. Risk severity detection and scoring - It automatically scores data based on its sensitivity and security, thereby enabling data and security teams to prioritize risks and receive real-time notifications about potential security incidents. About Immuta Founded in 2015 and headquartered in Boston, MA, Immuta is a leading cloud data access control provider. It offers data engineering and operations teams a unified platform for controlling access to analytical data sets in the cloud. Additionally, it helps businesses extract value from their cloud data by securing it and giving secure access. It automates access control for any type of data on any cloud service and across any computing infrastructure. The company is now trusted for data security by Fortune 500 organizations and government agencies all around the world.

Read More

DATA SECURITY, ENTERPRISE SECURITY, PLATFORM SECURITY

BlueVoyant Enhances its Cloud-Native Splunk Managed Detection & Response (MDR), Consulting, and Implementation Services

BlueVoyant | March 20, 2023

BlueVoyant, a cybersecurity company that illuminates, validates, and remediates internal and external risks in one platform, announced enhanced Splunk capabilities, with end-to-end consulting, implementation, and Managed Detection & Response (MDR) services. With the increasing adoption of cloud technologies, organizations face a complex and rapidly evolving threat landscape. The service helps clients maximize their Splunk investment whether it be on the Splunk Cloud Platform or Splunk Enterprise. "Splunk Your Way with BlueVoyant enables our clients to have industry-leading consulting, implementation, and cyber defense in a cost-effective manner," said Drew Gibson, BlueVoyant senior director for the company's Splunk Alliance. "BlueVoyant has a strong relationship with Splunk, and is known for its dynamic expertise in the company's products, helping our joint clients have greater control and visibility of their data usage and security posture." Key components of Splunk Your Way with BlueVoyant include: Enabling clients to collect, monitor, and analyze security data across on-premise, hybrid, and multi-cloud environments in a single platform Cloud-native SIEM (security information and event management) with real-time visibility to identify security threats and remediate them quickly Clients can reduce their data burden by 20% or more with a proprietary Data Readiness model that improves data quality and reduces costs Onboarding within a month for Existing Splunk users to quickly see the benefits of BlueVoyant Continuously improving client's Splunk instance by using faster security content delivery, and parity between different SIEM and EDR (endpoint detection and response) tools Availability of numerous bundles of workshops, retainers, and MDR services to help clients optimize, implement, manage, and monitor and protect their Splunk instance "BlueVoyant has the strength of our MDR for Splunk which we launched in 2021, aided by the expertise of thousands of Splunk deployments by our Concanon Professional Services division to provide a compelling service which helps the client get the most their Splunk investment, whether Splunk is installed 'on-prem' or via Splunk Cloud," said Michael Cormier, managing director for Concanon, a BlueVoyant company. BlueVoyant acquired Conanon in fall 2021 to enhance its end-to-end Splunk platform capabilities. Splunk recognized BlueVoyant as a key MSP (managed service provider) partner with the new Premier Manage designation. BlueVoyant also earned core competency badges for Cloud Migration and Cloud Migration: Co-Delivery. The company has 200 active Splunk certifications. In 2022, BlueVoyant expanded its Splunk go-to-market by including its offerings on the Amazon Web Services (AWS) Marketplace. BlueVoyant is hosting a webinar at 1 p.m. EDT Thursday, April 13 to discuss what the company has learned from our Splunk deployments and clients, and to answer questions. Current clients, security professionals, and other parties are encouraged to attend. About BlueVoyant BlueVoyant combines internal and external cyber defense capabilities into an outcomes-based cloud-native platform by continuously monitoring your network, endpoints, attack surface, and supply chain, as well as the clear, deep, and dark web for threats. The full-spectrum cyber defense platform illuminates, validates, and quickly remediates threats to protect your enterprise. BlueVoyant leverages both machine-learning-driven automation and human-led expertise to deliver industry-leading cybersecurity to more than 900 clients across the globe.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Application & Cloud Security Leader Chooses DTEX InTERCEPT to Manage Insider Risk and Prevent Data Loss

DTEX Systems | December 21, 2022

DTEX Systems, the Workforce Cyber Intelligence & Security Company™, today announced that one of the world’s leading application performance and cloud security vendors has selected DTEX InTERCEPT to secure patents, protect business process innovation, and prevent data loss. DTEX InTERCEPT™ is a first-of-its-kind Workforce Cyber Security solution that brings together the capabilities of Insider Threat Management, User and Entity Behavior Analytics, Digital Forensics, and Zero Trust DLP in an all-in-one lightweight, cloud-native platform. Only DTEX InTERCEPT delivers the behavioral context and activity intelligence that answers the Who, What, When, Where, Why, and How related to any potential insider threat situation, compromised account event or data loss scenario without invading personal privacy. In the face of changing global economic conditions, the increasing risk of corporate espionage, and a pending corporate reduction in force action, the application performance and cloud security vendor prioritized an immediate review of existing insider risk and data loss prevention technology. The vendor’s legal team was heavily involved in the RFP and vendor evaluation processes to ensure employee privacy would be protected as part of the adoption of any insider risk and data loss prevention solution in compliance with the European Union’s GDPR and California’s Privacy Rights Act (CPRA). After exhaustive review of DTEX InTERCEPT’s patented metadata collection model, the vendor’s legal, IT and, cyber security teams selected DTEX to replace its existing first-generation insider risk and data loss prevention solutions globally. DTEX InTERCEPT’s seamless integration with the application performance and cloud security vendor’s NGAV system, as well as its innovative Zero Trust approach to data loss prevention were also deciding factors in the enterprises choice to standardize on DTEX InTERCEPT across all enterprise workstations and servers. Upon selection, a senior cyber security executive said, “DTEX is a proven solution that won’t break our systems.” “It is incredibly gratifying to have our insider risk and data loss prevention technology chosen by a fellow cyber security vendor. In this case, it was again the uniqueness of our data set and ability to keep employee data private, while delivering dynamic, contextual human behavior visibility that was the deciding factor in the customer’s decision. “Likewise, a peer’s decision to adopt our technology makes a strong statement that traditional solutions focused on machine intelligence are insufficient to protect data in today’s distributed workforce reality. The difference is most definitely human.” Bahman Mahbod, CEO at DTEX Systems About DTEX Systems DTEX Systems helps hundreds of organizations worldwide better understand their workforce, protect their data, and make human-centric operational investments. Its Workforce Cyber Intelligence & Security platform brings together next-generation Zero Trust DLP, UEBA, digital forensics, user activity monitoring and insider threat management in one scalable, cloud-native platform. Through its patented and privacy-compliant meta-data collection and analytics engine, the DTEX platform surfaces abnormal behavioral “indicators of intent” to mitigate risk of data and IP loss, enabling SOC enrichment with human sensors and empowering enterprises to make smarter business decisions quickly.

Read More