SecureLink has recently issued a report calling for organizations to strengthen their cybersecurity. SecureLink is an organization that helps organizations to ensure their systems and digital information are protected through secure access management solutions. In their latest report, SecureLink researched how organizations implement cybersecurity practices and third-party risk management. The survey consisted of 600 companies from a variety of sectors including IT, finance, and healthcare. The report found that the number of cyberattacks have continued to increase in 2022. In this year alone, several major cyberattacks on vendors of healthcare organizations. Cybercriminals typically target vendors like managed service providers to access the company’s client networks.
The report found that organizations are beginning to understand how to ensure the security of their data. Despite this, the number of cyberattacks continues to increase. Approximately 55% of healthcare organizations have suffered a third-party data breach in the last 12 months. This percentage was narrowly beaten by the finance industry, with 58% of companies reporting a third-party breach. Only 65% of healthcare organizations reported full confidence in the ability of their IT systems to prevent third-party data breaches. “We’re seeing the trend of organizations struggling to innovate their cybersecurity as quickly as other aspects of their operations (remote work, IoT, internal software), instead relying on outdated practices and software instead of implementing granular access management,” said SecureLink
The report also indicated that in 2021, organizations had spent $365 million on their IT systems. With roughly a fifth of the budget being spent on cybersecurity. Despite organizations’ spending, 54% were subject to a data breach. SecureLink maintains that organizations are required to manage third-party vendors relative to the risk to security they pose. In 2022, almost half of organizations reported having an extensive inventory of all third parties with access to their data. SecureLink identifies this as cause for concern, “while there is a statistically significant increase in terms of identifying third parties, that number is hovering under 50% while the reliance on third parties and a remote workforce is trending upwards. And while there is an increase in those measures, organizations are still finding managing third-party access to be overwhelming. All those numbers add up to a major risk point.”
According to SecurLink, the biggest challenge that organizations face is having the appropriate number personnel to oversee third-party identities and their associated cyber risks. SecureLink insists on the use of automated systems and workflows to ensure access is easier to oversee. They state, “automation and efficiency are key factors in a successful cybersecurity strategy. Using security technology to streamline operations creates efficiency, which in turn, will be more effective in mitigating threats and pulling in/retaining talent to manage cybersecurity.”