The expanding attack surface
The security threat posed by third-party vendors is far from diminishing. The Mobile Guardian breach in Singapore serves as one of many cautionary tales about the risks of outsourcing critical functions to third-party providers, as evidenced by the impact on 13,000 students. Recent research has also revealed that 98% of organisations have experienced a breach through a third party – with third-party attacks responsible for 29% of all breaches. This is worrying, especially as ransomware attacks hit a record high in 2023, with a 49% increase in victims globally compared to the previous year.
In today’s digital-first landscape, an organisation’s security is only as strong as its weakest link. With third-party identities becoming more deeply integrated into core operations, the potential for a breach has never been greater. As the number of individuals accessing an organisation’s resources increases, so too does the risk of compromised credentials, providing cybercriminals with potential entry points.
