Organizations have a large blind spot to cyber risks arising from third parties and their supply chains, according to a new survey by consulting firm PwC.
Only 41 per cent of Canadian survey respondents — and 40 per cent of those questioned globally — said they thoroughly understand the risk of data breaches through third parties, using formal enterprise-wide assessments, according to a report released Tuesday.
“Nearly a quarter in Canada and globally said they have little or no understanding at all of these risks — a major blind spot of which cyber attackers are well aware and willing to exploit,” PwC’s Global Trust Insight report said.
The results were part of a survey of 3,602 C-suite executives in organizations around the world, including 114 Canadian respondents, on a number of cyber-related issues.
The issue of third-party risks has been around for some time but took heightened importance with the revelation that attackers had compromised the update mechanism of SolarWinds’ Orion network management suite and were stealing data through Accellion’s FTA file transfer application.
Among other findings in the report:
- Over 80 per cent of Canadian executives…
