Third-Party Cyber Security Risks: Key Findings from Risk Ledger’s Latest Report

2 mins read

Key Takeaways:

  • A new report by Risk Ledger has identified common cyber security weaknesses in the supply chain ecosystem.
  • Findings reveal that many third-party suppliers do not have a supplier security policy or conduct regular penetration tests of internal systems, putting their own and their customers’ data at risk.
  • The lack of visibility into supplier weaknesses remains a significant problem for companies, with a high proportion of suppliers failing to use basic cyber security controls.

Report by Risk Ledger Highlights Cyber Security Weaknesses in Supply Chain Ecosystem

As more businesses turn to third-party suppliers for goods and services, cyber security in the supply chain has become a critical concern for many organizations. A new report by British cyber security business Risk Ledger has shed light on the most common cyber security weaknesses in the supply chain and offered practical recommendations for improving third-party risk management strategies.

The report is based on proprietary data from over 2,500 suppliers that have shared information on their risk posture against over 200 cyber security controls with their customers on the Risk Ledger platform. It highlights the 12 most common weaknesses among suppliers and provides crucial benchmarking data. The report draws attention to the 17% of suppliers that do not enforce multi-factor authentication (MFA) on all remotely accessible services, the 23% that do not use Privileged Access Management controls to securely manage the use of privileged accounts, and the 20% that do not use a password manager.

See also  The Winds of Change: Is Your Private Company Ready for Enhanced Scrutiny?

With more than 60% of organizations having suffered a data breach through a third party, the report’s findings reveal that many third-party suppliers do not have a supplier security policy or conduct regular penetration tests of internal systems. These common cyber security weaknesses put not only the suppliers’ own data at risk but also their customers’ data, resulting in regulatory fines, data recovery costs, and loss of consumer trust.

The Lack of Visibility into Supplier Weaknesses

The report also highlights the biggest problem associated with supply chain cyber attacks – the almost total lack of visibility into prevailing weaknesses among suppliers. While there is a wealth of existing data on the tools hackers use to target companies, and on the effects of such attacks, there is a total lack of visibility into the main weaknesses in the security postures of suppliers that allow these attacks to be successful in the first place.

Risk Ledger’s new report gives unique insight into supplier weaknesses, allowing companies to better understand the most prevalent weaknesses in the wider supplier ecosystem, and focus remedial efforts on areas that need improvement. Risk Ledger’s CEO, Haydn Brooks commented: “To improve this situation, better data and insights into the most prevalent weaknesses in the wider supplier ecosystem are needed, so that remedial efforts can become more focused. This is the purpose of our report.”


Risk Ledger’s “The State of Cyber Security in the Supply Chain: Data Insights Report 2023” provides a valuable resource for companies looking to improve their third-party risk management strategies. With cyber attacks on the rise and the supply chain ecosystem becoming increasingly complex, it is essential that businesses take a proactive approach to cyber security and work to identify and address weaknesses in their supply chain. By utilizing the findings of the report, companies can better protect themselves and their customers from the devastating impact of cyber attacks. The report is available for download on Risk Ledger’s website from Tuesday, 18th April, 9am BST.

See also  Hybrid Work: The New Gold Standard for Brits, Says Currys Study!

Sign up to our newsletter & get the most important monthly insights from around the world.

Ready to Amplify Your Brand with Business Today?

Discover the power of sponsored articles and partnerships to reach decision-makers, professionals, and a dynamic audience. Learn more about our advertising opportunities and connect with us today!

Click here to explore our Promotion & Sponsored Articles page.

Are you looking to make an impact? Contact us at [email protected] to get started!

See also  The Winds of Change: Is Your Private Company Ready for Enhanced Scrutiny?

Business Today News

BusinessToday.news is an online publication committed to delivering comprehensive and insightful coverage of the latest business news, trends, and practices. With a focus on finance, technology, entrepreneurship, and other critical areas, it serves as a valuable resource for professionals seeking to stay abreast of the rapidly evolving business landscape.

Leave a Reply

Your email address will not be published.

Latest from Blog


BusinessToday.news is a premier online platform dedicated to providing the latest news and insights on a wide range of topics related to the business world, including technology, finance, real estate, healthcare, and more.


Copyright Unstructured.Media. All rights reserved. Explore our sitemap