Cybersecurity Risk Concentration Threatens Global 2000 Companies
99% of Top Public Companies Exposed to IT Vendor Vulnerabilities
BLACK HAT 2024 - Las Vegas, NV - August 10, 2023 -
A new report released today at BLACK HAT 2024 by SecurityScorecard and The Cyentia Institute reveals that 99% of the world's most profitable public companies rely on IT vendors that have recently experienced security breaches. This concentration of risk poses a significant threat to these companies, with an estimated cost of between $20 billion and $80 billion in breach-related expenses within 15 months.
The report, "Vendor Risk Concentration: A Global 2000 Perspective," analyzes the IT vendor relationships of the Global 2000, a group of the world's largest and most influential companies. The research found that the top eight most widely deployed vendors are used by at least 80% of Global 2000 companies, with 90% of these companies relying on at least four of these vendors. This concentration of risk creates a situation where a single vendor breach could have a devastating impact on multiple Global 2000 companies.
"The concentration of risk in the IT vendor ecosystem is a major concern for Global 2000 companies," said Aleksandr Yampolskiy, CEO of SecurityScorecard. "This report highlights the need for companies to take a more proactive approach to vendor risk management. By understanding their vendor relationships and the risks associated with them, companies can take steps to mitigate their exposure and protect themselves from potential breaches."
The report recommends a number of steps that Global 2000 companies can take to mitigate their vendor risk exposure, including implementing vendor risk management programs, conducting thorough due diligence on vendors, and monitoring vendors for security breaches.
"Vendor risk management is an essential part of any comprehensive cybersecurity program," said Ryan Toohil, Director of Security Research at The Cyentia Institute. "By following the recommendations in this report, Global 2000 companies can take steps to reduce their exposure to vendor-related risks and protect their businesses from the financial and reputational damage that can result from a breach."
Komentar