Home » Fraud Prevention » Minimizing Fraud Procedures

Suppliers and partners are biggest cybersecurity risk

The average cost of a cybersecurity incident is growing – and the most costly breaches are due to failures of third parties such as suppliers or business partners.

The share of IT budgets that is being spent on IT security is growing and is almost a quarter (23 per cent) of the IT budget in large corporations, according to a report by Kaspersky Lab and B2B International: IT Security: cost-center or strategic investment? But the study also found that IT budgets are being slashed – meaning that overall spending on IT security is actually falling. The study puts the average IT security budget at $13.7 million this year – almost half of the average budget last year ($25.5 million).

The report also said that the cost of a cybersecurity breach is rising. It put the average cost of a breach in 2017 for a small or medium enterprise (SME) at more than $87,000, while larger companies could face costs as high as $992,000 – costs that are significantly higher than in 2016.

Perhaps most importantly, the report underlines that the worst cybersecurity losses are due to incidents involving third parties and their cyber-failures. It says incidents affecting infrastructure hosted by a third party could cost SMEs up to $140,000. Larger corporates meanwhile are paying up to $1.8 million as a result of breaches stemming from suppliers that they share data with, and $1.6 million due to insufficient levels of protection from providers of 'Infrastructure-as-a-service'.

In its statement about the report, Kaspersky Lab said: “As soon as a business gives another organization access to its data or infrastructure, weaknesses in one may affect them both. This issue is becoming increasingly important as governments worldwide rush to introduce new legislations, requiring organizations to provide information about how they share and protect personal data.”

This item appears in the following sections:
Fraud Prevention
Minimizing Fraud Procedures
Minimizing Payment Fraud
Risk Management
Financial Risk Management

Also see


No comment yet, why not be the first?

Add a comment