A Cyber Security Breaches Survey undertaken in support with the government’s National Cyber Security Programme, reveals that whilst following the introduction of GDPR many businesses are demonstrating more robust protection around customer data, trade secrets and intellectual property most are ignoring the cyber security risk presented by their third-party suppliers.

Reducing the chance of a data breach should form a fundamental part of the procurement process. Asking potential suppliers to confirm their cyber resilience and adherence to GDPR is a good starting point.

Once the procurement process is complete businesses should map the flow, exchange and storage of critical organisational data by and with third-parties and confirm who has access to information. This enables the adoption of appropriate risk mitigation strategies, ranging from firewalling, malware protection and regular software updates, through to listing all users with admin rights and sharing best practice for staff training and health checks.

Throughout the relationship businesses should then continue to hold their suppliers to account. This might include asking them to complete self-assessments and regular audits, the level of scrutiny will depend on the sensitivity of the data and systems shared.

The handling of sensitive data at the end of a commercial relationship is equally as important and businesses should establish what actions will be taken to delete or safeguard the data once a partnership has been terminated.

With the number and size of cyber-attacks and data breaches increasing every year it is becoming more important that businesses build robust third-party data security approaches.

Prevention is always better than cure, but it is equally important that businesses should consider including Cyber Liability Insurance in their portfolio of insurance coverage. For further information on how to survive a cyber attack download our factsheet

 

Sources

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/813599/Cyber_Security_Breaches_Survey_2019_-_Main_Report.pdf

https://www.grantthornton.co.uk/news-centre/uk-mid-market-boards-ignoring-30-billion-cyber-risk/

Covid-19 Notification

We are following guidance and trying to ensure that our staff can work from home where possible. If you wish to make contact, please continue to use the direct telephone or email details for your usual contact(s).

If you are making a general enquiry or do not know your service contact(s) please call 01904 784141or send an email to info@deford.co.uk

xCenta Risk Management Portal

Our team of Risk Managers have been busy developing and building a new Microsite portal. Our aim is to update the service to ensure our risk management clients continue to have access to lots of useful risk assessment guidance, case studies, forms and templates.

To access the Resource Portal, please Click Here to log on to our xCenta system.

If you have any questions or are unsure of your Username or Password, please speak directly to our xCenta Support Team on 01777 861829.

Thank you.

Site Navigation