Are Data Breaches the result of poor outsourcing decisions?

Trustwave Global Security Report

Security element is essential in industries and it is something more than just a paper-based practice. Typically, industries today do not give due consideration to security risks when making outsourcing decisions and fail to integrate security in their procurement processes.  This eventually gives rise to data breaches

Companies today are keen on cutting costs and seldom realize the problems which may arise by compromising security for money. Companies are at a higher risk when it comes to data breaches, and need to be diligent enough to enquire into the security considerations of their third parties. Outsourcing as such is nothing untoward, but companies who get breached are found to have made some pretty bad decisions in outsourcing.

Trustwave Report

A security firm Trustwave had released a report which says that two-thirds of data breaches are a result of negligent outsourcing decisions. The report named Trustwave Global Security Report 2013 which encompasses a study of 450 global security breaches shows that 63% of the cases were related to third-party content of IT system administration.  Investigations unveil the fact that all these breaches were caused due to lack of security measures that were to be adopted by third-party IT system support.

Trustwave also revealed that about 50% of FTSE 100 companies hinted about cyber risks. These risks include data loss in their principal or annual reports.  According to the report majority of organizations depended heavily on third parties as they lack knowledge and efficiency to set up and organize their own systems. As a result, these organizations place a high trust on these service providers in maintaining security.  The service providers in turn are either naïve about security requirements or casually ignore the same in a move to reduce costs.

Recommendations of the Trustwave Security Report

The report seriously recommends that organizations should analyze the importance the third party gives to security. It is for organizations to ensure whether the third party is learned and trustworthy when it comes to security requirements. Organizations should be alert enough to check whether the service provider offers them assurance of Payment Card Industry Data Security Standard, PCI DSS from a renowned Security Assessor. Security should remain a prime factor in procurement and it should also be ensured that all requests for proposals involve security elements in it.




Latest Columns

Near shore outsourcing options for US insurance firms

September 27, 2011: It is the banking and insurance related job always outsourced to the offshore market, but it seems that the trend is gradually changing. Today the near shore market service providers have become quite efficient to provide business solutions even better than the vendor in the offshore. Putting up a trend is Nova […]

IT Outsourcing Market in Philippines expected to double by 2016

According to latest industry reports, the Information Technology outsourcing market in Philippines is expected to double by the end of 2016. Outsourcing business in Philippines is heading towards a new direction with an increase in the number of call centres in Philippines. Abundance of skilled talents at a lower cost is one of the dominant […]

Speak Your Mind

*