Why third-party providers pose a security risk to organizations
RiskRecon and Cyentia Institute have released a new study[pdf] that looks at the third-party security risks of organizations. The research found that the Internet surface of firms tends to be very large and complex, with almost two-thirds (65%) of Internet-facing assets sitting on a third-party network, while more than a quarter (27%) of organizations rely on 10 or more different providers to host company assets.
Furthermore, organizations often trust third-party providers to safeguard their most critical assets, as a whopping 84% of firms host crucial or sensitive assets externally. This puts companies at risks, because firms are three times as likely to have vulnerable critical assets hosted externally vs internally.