New Research: Unsecured Vendor Access Creates Perfect Storm for Cyber Attacks

Today Bomgar released the Vendor Vulnerability Index, new research that finds third-party vendors can create significant security risks if their access to IT systems is not properly monitored or managed. The survey of more than 600 IT and Security professionals explores the visibility, control, and management that organizations in the US and Europe have over external parties accessing their IT networks.

The report revealed that while most organizations place a high level of trust in third party vendors, they have a low level of visibility of vendor access to IT systems. 92% of respondents say they trust vendors completely or most of the time, although two-thirds admit they tend to trust vendors too much. Surprisingly, only 34% know the number of log-ins to their network attributed to third-party vendors, and 69% admit they had definitely or possibly suffered a security breach resulting from vendor access in the past year.

The Vendor Vulnerability Index also found that an average of 89 third-party vendors access a typical company’s network each week, and that number is likely to grow. 75% of those polled stated the number of third-party vendors used by their organization has increased in the last two years, and 71% believe the numbers will continue to increase in the next two years.

Finally, 69% of respondents report they definitely or possibly suffered a security breach resulting from vendor access within the last year, and 77% believe their company will experience a serious information breach within the next two years as a result of vendor activity on their networks.

This all points to a clear gap in the ability of many organizations to mitigate cyberattacks that stem from vendor vulnerabilities, even when they’re aware of the threat. Organizations that lack the ability to granularly control and monitor third-party access are exposing themselves to a very common threat vector. Once an attacker compromises a vendor’s access to your network, they can often move laterally to your most critical systems and data completely undetected.

That’s why Bomgar is helping organizations large and small to better secure and manage vendor access with our Secure Access solutions. For example, Horizon Beverage has not only increased visibility and control of its vendors, they’ve also improved efficiency. “Now that we have Bomgar Privileged Access Management in addition to Bomgar Remote Support, I can more efficiently manage our vendors and support reps as separate entities, but with consistent technology,” said Scott Pepi, tech support manager at Horizon Beverage. “This addition was seamless for us. Bomgar just works, all the time.”

Download a free copy of the Vendor Vulnerability Index to read the full results and see how your organization stacks up.  

Liz Shulof is the SVP of Marketing at Bomgar