Businesses require better visibility into third-party risks to reduce third-party cyber risk and its possible consequences. This necessitates a thorough understanding of both the vendor and the cyber threat landscape.
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf
1. 6/14/22, 2:53 PM Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022
https://itsecuritywire.com/featured/four-third-party-risk-cyber-gaps-that-businesses-need-to-be-aware-of-in-2022/ 1/2
Four Third-Party Risk Cyber Gaps that Businesses
Need to be Aware of in 2022
Businesses require better visibility into third-party risks to reduce third-party cyber risk and its possible
consequences. This necessitates a thorough understanding of both the vendor and the cyber threat landscape.
If organizations do not address third-party risk, they will remain vulnerable. Today’s businesses don’t operate in
isolation; instead, they collaborate with experts and suppliers to better their products and services. While this
strategy has a lot of advantages, it also has a lot of drawbacks. Every organization in the digital supply chain faces
cybersecurity threats if just one provider is unsure about information security.
As a result, understanding existing third-party cybersecurity vulnerabilities is critical before deciding on the best
method for managing third-party risk.
Partnering with vendors can result in an expanded attack surface. There are numerous vulnerabilities associated
with vendor relationships, so here are a few of the most important ones to be aware of.
Unpatched and Vulnerable Technology
One of the most common third-party cyber vulnerabilities is the use of unpatched technologies. These products
are rarely updated, and the versions in use currently may contain multiple known vulnerabilities and exploits.
Businesses that handle production technology patching understand that their enterprises are impacted mainly by
legacy resources with known cybersecurity flaws. On the other hand, the updated versions include significant
enhancements and patches to data privacy and security flaws.
Open Ports
Ports are essential in the internet connection model since they allow for communication. Specific ports are used
by internet services to receive and transfer data.
By Prangya Pandab - June 13, 2022
2. 6/14/22, 2:53 PM Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022
https://itsecuritywire.com/featured/four-third-party-risk-cyber-gaps-that-businesses-need-to-be-aware-of-in-2022/ 2/2
Developers use these file transfer protocols to transmit data between hosts and create encrypted tunnels between
devices. Launching additional services on that port becomes difficult when a service uses a specific port.
When security flaws allow attackers to exploit legitimate services or introduce harmful services through malware
or social engineering, open ports represent a cybersecurity gap. By deploying such services on open ports, threat
actors can get unauthorized access to sensitive data.
Also Read: Addressing Multicloud Network Security with Proactive Network Object Management
Third-Party Service Providers that are Not Known
It is common for businesses to operate without being aware of their connected vendors, posing a serious
cybersecurity risk. In a large company, with many suppliers, there will be ones that the company is unaware of,
posing a considerable threat to the security controls.
It’s obvious that if a company doesn’t know its third parties, it’s challenging to prevent cyber-attacks. Companies
that fail to monitor their vendor relationships on a regular basis will be unable to identify any cybersecurity flaws
that can be addressed in terms of Third-Party Risk Management (TPRM).
Human Error
In many vendor relationships, human error is a significant cybersecurity flaw. Most businesses overlook activities
that could open doors for malicious software to enter their IT infrastructures. Exposed credentials and file sharing
are the most common vulnerabilities related to human behavior.
This can be a possibility If employees fail to use peer-to-peer exchange protocols while sharing media and
software. As a result, the network can be more vulnerable to cyber-attacks such as malware infections.
For more such updates follow us on Google News ITsecuritywire News
Prangya Pandab
https://itsecuritywire.com/
Prangya Pandab is an Associate Editor with OnDot Media. She is a seasoned journalist with almost
seven years of experience in the business news sector. Before joining ODM, she was a journalist with
CNBC-TV18 for four years. She also had a brief stint with an infrastructure finance company working for
their communications and branding vertical.