Nearly a quarter of UK firms do not have sufficient resources to check the security credentials of their suppliers, a new report has found.
A survey by cyber security firm Tripwire found that 22% do not have the resources to check supplier contracts to make sure that they meet their business security requirements. This means that any security risk from those suppliers could be passed on down the supply chain.
Dwayne Melancon CTO, Tripwire, said: "In the context of supply chains, security risk becomes a communicable disease. As customers become aware of this fact, they will insist that supply chain owners and participants are designing and operating with security in mind."
That lack of resource being put into checking the supply chain is despite 46% of respondents saying that they themselves would lose contracts and be fined by a regulator or government agency if one of their partners or suppliers suffered from a serious data breach
Even though 63% of those surveyed attendees said that they would refuse to use partners and suppliers that failed to meet their IT security standards, only 53% actually require partners and suppliers to pass security audits.
Firms are clearly aware of the business consequences of cyber attacks too. 63% believe that their customers would lose confidence in them if one of them suffered a serious data breach. Tripwire surveyed 160 attendees at the recent IP EXPO Europe conference.