We’ve all heard the horror stories of companies hacked via penetrations of their vendors and partners.
“’A company can take out insurance for third parties, but we don’t see a lot of those premiums tied directly to the number of third parties a company has under contract,’ (Jerry Caponera, general manager of risk quantification at ThreatConnect) says. ‘The effectiveness of third-party vendors’ security doesn’t play into the cost of a cyber insurance premium.’”
Strategies to address this risk range from requiring MFA when vendors access the systems of their larger customers to demanding third parties have their own cyber insurance.
But given the challenges even large companies have keeping their systems secure, and the higher relative expense of cyber insurance for SMBs, vendors and partners will remain a vector for hacks and therefore a significant risk factor for many enterprises.
Source: Cyber Insurance Costs Lead to Scrutiny of Business Partners