10 Cybersecurity Lessons Learned In 2015
8. Third Parties As Attack Vectors
It isn’t just your own environment that’s at risk -- third-party vendors can present a massive risk, as well. Big breaches that have become synonymous with the security threat, including Target and Home Depot, as well as some of the biggest breaches of 2015, including OPM, Experian and the Army National Guard, have been the result of third-party security breaches. Citing the 2015 Verizon Data Breach Report, which found that 70 percent of attacks have affected a secondary victim, BitSight CTO Stephen Boyer said the impact of third-party attacks is a trend that will continue from 2015 into the years to come.
"2015 has proven that attackers are targeting vulnerable third parties and are using those third parties as a springboard to broader ecosystem compromise," Boyer said. "In the years ahead, it will become increasingly important to not only monitor your company’s internal security posture, but also to manage the risk and security practices of third-party vendors."