Are your vendors your biggest risk?

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

A cybersecurity startup exposed a hospital’s data without permission.  The company used the hospital’s network to demo their software, and by doing so, it exposed sensitive information.  What’s more, they never had permission to use the hospital in any way for demonstration purposes.

Sadly, your vendors may be your biggest risk – even if they are under contract to protect you.  Our cyber security assessments and compliance audits often find unsecured connections used by IT consultants, web developers, accountants, and other third-parties when we review our client’s networks.

While the most well-known example of data exposure by a vendor is probably the Target breach, no organization is immune, regardless of size.  A breach was reported in March by a healthcare company that discovered that its service providers were emailing files containing PII and health data without encryption, resulting in the company having to report the exposure and notify 644 patients.

Don’t forget to inventory the vendors who have access to your network or protected data.  Having each vendor attest to their level of security and cyber practices may check the compliance requirement box, but we can assist with determining if additional testing should be required for vendors who create a major risk of exposure to your organization.

Foresite admin
Website | + posts

Sign Up For Our Blog

Get our latest content delivered to your inbox.

partner with foresite consulting to become a More Effective Leader

Develop the skills and strategies you need to take your company to the next level of success.

Foresite Cybersecurity Announces Pivot to Open XDR & Compliance Platform