IT Pros Underestimate Impact of Business Partner Security, Report Says

A quarter of respondents admitted their organizations do not evaluate whether suppliers met their security requirements.

PORTLAND, Ore. – A new study that assessed the challenges that business partners bring to cybersecurity found that 81% of IT professionals are confident in their ability to protect sensitive customer data. However, this assurance does not extend to their organization’s business partners. Nearly half (47%) of the respondents are not confident in the security of their business partners and suppliers.

The study was conducted by Tripwire, based here, a provider of endpoint detection and response, security, compliance and IT operations solutions for enterprises, service providers and government agencies.

“Every organization needs to evaluate the security risks associated with their business partners,” said Tim Erlin, director of IT security and risk strategist for Tripwire. “Partnerships provide an important growth mechanism for organizations today, but they also introduce risk. Organizations must invest in securing their points of interaction with partners.”

READ NEXT: How to Protect Wireless Intrusion Systems From Cyber Threats

Additional findings from the study include:

  • While 95% of respondents believe a supplier or partner security breach could expose valuable data, 61% said they were unconcerned or have bigger concerns.
  • Less than half (44%) said their organizations require partners and suppliers to pass security audits before they sign a contract with them.
  • 34% use partners and suppliers that fail to meet their security standards.
  • A quarter of respondents admitted their organizations do not evaluate whether suppliers met their security requirements.
  • Half said they make exceptions or offer different standards for some partners.

Weaknesses in business partner and supplier cybersecurity can have disastrous impacts on businesses, Tripwire suggests. Vulnerabilities in third-party security may have played a key role in many high profile security breaches, such as the Panama Papers incident and the Target breach.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author


Although Bosch’s name is quite familiar to those in the security industry, his previous experience has been in daily newspaper journalism. Prior to joining SECURITY SALES & INTEGRATION in 2006, he spent 15 years with the Los Angeles Times, where he performed a wide assortment of editorial responsibilities, including feature and metro department assignments as well as content producing for Bosch is a graduate of California State University, Fresno with a degree in Mass Communication & Journalism. In 2007, he successfully completed the National Burglar and Fire Alarm Association’s National Training School coursework to become a Certified Level I Alarm Technician.

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters