44% of data breaches are at the hands of vendors

Mackenzie Garrity - Print  | 

Although data breaches are rare, almost half – 44 percent – are caused by third-party vendors, according to an esentire survey.

Of the data breaches that happened from a vendor, only 15 percent of firms affected reported that the vendor informed them when a breach happened.

The survey was sent out to 600 information technology and security decision-makers, asking about their top concerns around supply chain and policies or procedures used to mitigate identified vendor risks.

Sixty percent of respondents said their organizations have formalized third-party policies, and most firms (90 percent) review these policies annually. While most (81 percent) find the policies effective, breaches still happen.

While almost half of data breaches were caused through a vendor, human error and stolen passwords accounted for 26 percent of breaches. Malware also played a big role in half of the cyberattacks.

Of the 250 companies that indicated a data breach had occurred, 32 percent of the data breaches affected personal identifiable data, 29 percent included payment information and 24 percent exposed proprietary business data.

To read the full report, click here.

More articles on cybersecurity:
Washington State University settles $5.26M data breach class-action suit
HHS continues to deploy strong cybersecurity solutions, report finds
Rehab center data breach exposes millions of patient records

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.