Are Data Breaches the result of poor outsourcing decisions?

Trustwave Global Security Report

Security element is essential in industries and it is something more than just a paper-based practice. Typically, industries today do not give due consideration to security risks when making outsourcing decisions and fail to integrate security in their procurement processes.  This eventually gives rise to data breaches

Companies today are keen on cutting costs and seldom realize the problems which may arise by compromising security for money. Companies are at a higher risk when it comes to data breaches, and need to be diligent enough to enquire into the security considerations of their third parties. Outsourcing as such is nothing untoward, but companies who get breached are found to have made some pretty bad decisions in outsourcing.

Trustwave Report

A security firm Trustwave had released a report which says that two-thirds of data breaches are a result of negligent outsourcing decisions. The report named Trustwave Global Security Report 2013 which encompasses a study of 450 global security breaches shows that 63% of the cases were related to third-party content of IT system administration.  Investigations unveil the fact that all these breaches were caused due to lack of security measures that were to be adopted by third-party IT system support.

Trustwave also revealed that about 50% of FTSE 100 companies hinted about cyber risks. These risks include data loss in their principal or annual reports.  According to the report majority of organizations depended heavily on third parties as they lack knowledge and efficiency to set up and organize their own systems. As a result, these organizations place a high trust on these service providers in maintaining security.  The service providers in turn are either naïve about security requirements or casually ignore the same in a move to reduce costs.

Recommendations of the Trustwave Security Report

The report seriously recommends that organizations should analyze the importance the third party gives to security. It is for organizations to ensure whether the third party is learned and trustworthy when it comes to security requirements. Organizations should be alert enough to check whether the service provider offers them assurance of Payment Card Industry Data Security Standard, PCI DSS from a renowned Security Assessor. Security should remain a prime factor in procurement and it should also be ensured that all requests for proposals involve security elements in it.

Latest Columns

Spending on home-based customer care BPO market in US increasing: IDC

According to a latest report published by International Data Corporation (IDC), spending on customer care outsourcing using home-based delivery is growing at a compounded annual growth rate of 25.1%. As per the estimates released by the research firm, the spending on customer care BPM will reach $ 6.1 billion in 2017. Currently, the spending is […]

It is time for next gen talent management in IT/ITES firms in India

The aim of any business is to provide top quality services to its customers, and more often this makes the business complicated. The success of business in delivering quality service depends on the talent management by organizations, and when it comes to Indian companies especially IT/ITES, many of them are still following the second generation […]

Speak Your Mind