top of page

Business Is Still Vulnerable To Third Party Software


ree

The vast majority of businesses are still not reviewing the risks posed by third party technology that they use and rely on, it’s been revealed.


Leading Dorset cyber-security company C3IA Solutions said government statistics show how vulnerable businesses remain. Despite increasing awareness, particularly among medium-sized and larger companies, only about a tenth of all enterprises review supplier risks. Software, apps and other tech can create huge vulnerabilities that hackers can exploit. And without reviewing them, it’s possible the supplied technology won’t work as it is supposed to.


Lucy Dalley, from C3IA Solutions, said:

“With the building of software and systems rapidly evolving, so are cyber-security threats. It is essential that the software we download and use is built with security in mind – as well as doing what it is supposed to."

“The National Cyber Security Centre (NCSC) has created eight principles to help evaluate and improve development practices, which are well worth reading. One further issue is that trust in computers is often absolute. In the same way that calculators’ sums are never questioned, some business leaders have the same trust in everything their computers do."


“But software and apps are programmed by people and they are fallible, and on large projects bugs and gremlins can easily be incorporated. We recommend that when downloading and using third-party applications, it is important to understand if they are protected. "


“Regular vulnerability assessments should be carried out on networks, as should code reviews and assessments, and penetration testing. Penetration testing is when experts attempt to gain access to a system to highlight its weak spots – it’s the same as getting an ex-burglar to try and break into your house."


“The Cyber Security Breaches Survey 2023 report showed that only 11 per cent of organisations carried out penetration testing to identify cyber-security risks. While figures show that cyber-security is better understood as an issue by bosses, there are still far too many organisations that don’t pay enough attention to it."


“Often we get called into a business after it has suffered a cyber-attack, and the results can be devastating. A few tips to keep you as secure as possible include: downloading applications only from approved platforms, deny permissions for non-approved apps, keep apps up-to-date, use antivirus software, enforce mobile device management (MDM) in the workplace, and delete apps that aren’t used."


“And achieving the government’s Cyber Essentials certification gives a basic level of protection as well as providing cyber insurance."


“While the understanding of threats and potential issues with third party software and applications is increasing, it is still not embedded in businesses as it ought to be".




Most Read

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

A Hampshire IT provider has acquired a ‘complementary’ firm in the East Midlands in a strategic move designed to boost nationwide growth plans. Ringwood-headquartered entrustIT has made Bedford’s DWM Technical Solutions its fifth wholly owned subsidiary.

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Responding to the Autumn Budget, Steven Martin, Senior Tax Manager at HWB Chartered Accountants, said:

“I would have liked to see more simplification in the range of tax rates and allowances. Instead, there is more complication, with fine judgements needed about marginal rates when it comes to tax planning."

Signings For AI Data Centre Capacity Trebles In Europe

Signings For AI Data Centre Capacity Trebles In Europe

Demand for data centre capacity dedicated to artificial intelligence (AI) has surged across Europe this year, as emerging AI infrastructure providers, often referred to as neoclouds, accelerate their expansion efforts amid slowing hyperscaler activity.

Categories

  • Writer: Linda Andrews - Editorial Assistant, Nuse Online
    Linda Andrews - Editorial Assistant, Nuse Online
  • Feb 1, 2024
  • 2 min read

ree

The vast majority of businesses are still not reviewing the risks posed by third party technology that they use and rely on, it’s been revealed.


Leading Dorset cyber-security company C3IA Solutions said government statistics show how vulnerable businesses remain. Despite increasing awareness, particularly among medium-sized and larger companies, only about a tenth of all enterprises review supplier risks. Software, apps and other tech can create huge vulnerabilities that hackers can exploit. And without reviewing them, it’s possible the supplied technology won’t work as it is supposed to.


Lucy Dalley, from C3IA Solutions, said:

“With the building of software and systems rapidly evolving, so are cyber-security threats. It is essential that the software we download and use is built with security in mind – as well as doing what it is supposed to."

“The National Cyber Security Centre (NCSC) has created eight principles to help evaluate and improve development practices, which are well worth reading. One further issue is that trust in computers is often absolute. In the same way that calculators’ sums are never questioned, some business leaders have the same trust in everything their computers do."


“But software and apps are programmed by people and they are fallible, and on large projects bugs and gremlins can easily be incorporated. We recommend that when downloading and using third-party applications, it is important to understand if they are protected. "


“Regular vulnerability assessments should be carried out on networks, as should code reviews and assessments, and penetration testing. Penetration testing is when experts attempt to gain access to a system to highlight its weak spots – it’s the same as getting an ex-burglar to try and break into your house."


“The Cyber Security Breaches Survey 2023 report showed that only 11 per cent of organisations carried out penetration testing to identify cyber-security risks. While figures show that cyber-security is better understood as an issue by bosses, there are still far too many organisations that don’t pay enough attention to it."


“Often we get called into a business after it has suffered a cyber-attack, and the results can be devastating. A few tips to keep you as secure as possible include: downloading applications only from approved platforms, deny permissions for non-approved apps, keep apps up-to-date, use antivirus software, enforce mobile device management (MDM) in the workplace, and delete apps that aren’t used."


“And achieving the government’s Cyber Essentials certification gives a basic level of protection as well as providing cyber insurance."


“While the understanding of threats and potential issues with third party software and applications is increasing, it is still not embedded in businesses as it ought to be".




Most Read

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

A Hampshire IT provider has acquired a ‘complementary’ firm in the East Midlands in a strategic move designed to boost nationwide growth plans. Ringwood-headquartered entrustIT has made Bedford’s DWM Technical Solutions its fifth wholly owned subsidiary.

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Responding to the Autumn Budget, Steven Martin, Senior Tax Manager at HWB Chartered Accountants, said:

“I would have liked to see more simplification in the range of tax rates and allowances. Instead, there is more complication, with fine judgements needed about marginal rates when it comes to tax planning."

Signings For AI Data Centre Capacity Trebles In Europe

Signings For AI Data Centre Capacity Trebles In Europe

Demand for data centre capacity dedicated to artificial intelligence (AI) has surged across Europe this year, as emerging AI infrastructure providers, often referred to as neoclouds, accelerate their expansion efforts amid slowing hyperscaler activity.

Categories

Family Businesses Unite To Spread Festive Cheer At London Food Parcel Event

Family Businesses Unite To Spread Festive Cheer At London Food Parcel Event

The spirit of generosity was alive and well last week as family businesses from across London and the South East came together at Hayman’s of London in Balham for the annual Family Business Festive Food Parcel event.

Close Brothers Invoice Finance Recognised As ‘Invoice Finance Lender Of The Year’

Close Brothers Invoice Finance Recognised As ‘Invoice Finance Lender Of The Year’

Close Brothers Invoice Finance is delighted to have been recognised as ‘Invoice Finance Lender of the Year’ at the prestigious NACFB Commercial Lender Awards.

Clegg Construction Stages Topping Out Ceremony On Care Home

Clegg Construction Stages Topping Out Ceremony On Care Home

Contractor Clegg Construction has staged a topping out ceremony to mark a key milestone in its delivery of a new £13 million care home near Milton Keynes.

Recent Posts

bottom of page