A Secure Supply Chain survey conducted by CybSafe has found there are increasing cybersecurity requirements being placed on businesses supplying enterprise customers.
The combination of new technology models and greater reliance on technology in business is changing how companies approach security. This has resulted in additional opportunities for the channel, as well as an increased requirement for the channel to secure themselves.
CybSafe ran a survey of 250 IT decision-makers at small and medium-sized suppliers to enterprise and found that 60 percent of businesses had to report on their cybersecurity measures as part of the contract or RFP process. This is up from 52 percent in 2017.
Also, 63 per cent of businesses are being asked to fill out cybersecurity questionnaires, and two-thirds have been asked about their cybersecurity training. Just over a third of organisations have been required to achieve a recognised cybersecurity standard by their enterprise customers before securing contracts. This is up compared to CybSafe’s 2017 study where only 28 percent were obliged to prove compliance with such standards.
Oz Alashe, CEO and founder of CybSafe, said: “The cyber security bar for suppliers is being raised every year. While lax cyber security precautions may have gone relatively unnoticed a few years ago, suppliers are now losing out on lucrative deals specifically because of security concerns. With enterprise customers more conscious than ever of the authorities, GDPR, and reputational damage, suppliers will need to alter their practices accordingly to stand a chance of becoming a trusted supplier. Most organisations, according to our research, are seeking advice and guidance, and that presents a huge opportunity for the channel. Our Secure the Channel campaign is designed to both help our channel partners secure themselves and also to enable them to make the most of the current market opportunity.”
Caution from enterprise customers seems to be justified. Currently, only half of businesses are using cybersecurity training to ensure staff have the skills to avoid cyber attacks, and 55 percent of companies selling to enterprise admitted they had suffered a data breach within the last five years. Almost a third of those surveyed had lost a contract with a customer due to cybersecurity or fraud in the last 12 months.
Alashe commented: “No company is an island, and the necessity of working with third-party suppliers can open up critical vulnerabilities in an organisation’s line of defence. It is no longer enough for businesses to ensure that their network is secure, as any supplier, or supplier of a supplier, poses a risk to the entire operation.”
Adam Davison, Director of Sales and Marketing at Cloud Distribution added: “This survey highlights the requirement on the channel to combine technology, processes and education to help their clients – there is a clear opportunity. The channel’s role has evolved in recent years and customers are now looking for expert guidance. To do this, the channel needs to ensure it is addressing its own risk, as well as understanding the people element to provide the advice businesses are seeking. CybSafe is offering the channel free access to its platform to support this.”