A new report by (ISC)² indicates that the poor reputation of small businesses when it comes to security isn’t entirely justified. Small firms are often considered to be a supply-chain risk for larger corporations, but (ISC)² found that security breaches resulting from cooperation with a large company are slightly more common (17%) than supply-chain attacks linked to a small business partner (14%).
One in two large businesses considers all third-party partners to be a security risk, regardless of company size. Nevertheless, 94% of enterprises are confident about the cybersecurity posture of the small third parties they work with. Another striking finding is that companies frequently put themselves at risk by grating third parties unnecessary access to their resources. The degree of access given to small business partners has on occasion surprised both the large firms providing access (34%) and the small companies getting it (40%).