top of page

Business Is Still Vulnerable To Third Party Software



The vast majority of businesses are still not reviewing the risks posed by third party technology that they use and rely on, it’s been revealed.


Leading Dorset cyber-security company C3IA Solutions said government statistics show how vulnerable businesses remain. Despite increasing awareness, particularly among medium-sized and larger companies, only about a tenth of all enterprises review supplier risks. Software, apps and other tech can create huge vulnerabilities that hackers can exploit. And without reviewing them, it’s possible the supplied technology won’t work as it is supposed to.


Lucy Dalley, from C3IA Solutions, said:

“With the building of software and systems rapidly evolving, so are cyber-security threats. It is essential that the software we download and use is built with security in mind – as well as doing what it is supposed to."

“The National Cyber Security Centre (NCSC) has created eight principles to help evaluate and improve development practices, which are well worth reading. One further issue is that trust in computers is often absolute. In the same way that calculators’ sums are never questioned, some business leaders have the same trust in everything their computers do."


“But software and apps are programmed by people and they are fallible, and on large projects bugs and gremlins can easily be incorporated. We recommend that when downloading and using third-party applications, it is important to understand if they are protected. "


“Regular vulnerability assessments should be carried out on networks, as should code reviews and assessments, and penetration testing. Penetration testing is when experts attempt to gain access to a system to highlight its weak spots – it’s the same as getting an ex-burglar to try and break into your house."


“The Cyber Security Breaches Survey 2023 report showed that only 11 per cent of organisations carried out penetration testing to identify cyber-security risks. While figures show that cyber-security is better understood as an issue by bosses, there are still far too many organisations that don’t pay enough attention to it."


“Often we get called into a business after it has suffered a cyber-attack, and the results can be devastating. A few tips to keep you as secure as possible include: downloading applications only from approved platforms, deny permissions for non-approved apps, keep apps up-to-date, use antivirus software, enforce mobile device management (MDM) in the workplace, and delete apps that aren’t used."


“And achieving the government’s Cyber Essentials certification gives a basic level of protection as well as providing cyber insurance."


“While the understanding of threats and potential issues with third party software and applications is increasing, it is still not embedded in businesses as it ought to be".




Most Read

Azets Puts Best Foot Forward

Azets Puts Best Foot Forward

A Midlands charity that rescues surplus food and redistributes it has been given a boost thanks to the efforts of a local team of accountants.

Acquisition Success In Two Cities For Vail Williams

Acquisition Success In Two Cities For Vail Williams

Property consultancy Vail Williams has successfully acquired premises in Birmingham and Sheffield for leading intellectual property law firm Withers & Rogers.

Gebrüder Weiss Supports Woom’s European Logistics

Gebrüder Weiss Supports Woom’s European Logistics

Demand for bicycles across Europe rises sharply within a small window each spring. For manufacturers and retailers alike, timely product availability is critical during this peak season.

Categories

  • Feb 1, 2024
  • 2 min read


The vast majority of businesses are still not reviewing the risks posed by third party technology that they use and rely on, it’s been revealed.


Leading Dorset cyber-security company C3IA Solutions said government statistics show how vulnerable businesses remain. Despite increasing awareness, particularly among medium-sized and larger companies, only about a tenth of all enterprises review supplier risks. Software, apps and other tech can create huge vulnerabilities that hackers can exploit. And without reviewing them, it’s possible the supplied technology won’t work as it is supposed to.


Lucy Dalley, from C3IA Solutions, said:

“With the building of software and systems rapidly evolving, so are cyber-security threats. It is essential that the software we download and use is built with security in mind – as well as doing what it is supposed to."

“The National Cyber Security Centre (NCSC) has created eight principles to help evaluate and improve development practices, which are well worth reading. One further issue is that trust in computers is often absolute. In the same way that calculators’ sums are never questioned, some business leaders have the same trust in everything their computers do."


“But software and apps are programmed by people and they are fallible, and on large projects bugs and gremlins can easily be incorporated. We recommend that when downloading and using third-party applications, it is important to understand if they are protected. "


“Regular vulnerability assessments should be carried out on networks, as should code reviews and assessments, and penetration testing. Penetration testing is when experts attempt to gain access to a system to highlight its weak spots – it’s the same as getting an ex-burglar to try and break into your house."


“The Cyber Security Breaches Survey 2023 report showed that only 11 per cent of organisations carried out penetration testing to identify cyber-security risks. While figures show that cyber-security is better understood as an issue by bosses, there are still far too many organisations that don’t pay enough attention to it."


“Often we get called into a business after it has suffered a cyber-attack, and the results can be devastating. A few tips to keep you as secure as possible include: downloading applications only from approved platforms, deny permissions for non-approved apps, keep apps up-to-date, use antivirus software, enforce mobile device management (MDM) in the workplace, and delete apps that aren’t used."


“And achieving the government’s Cyber Essentials certification gives a basic level of protection as well as providing cyber insurance."


“While the understanding of threats and potential issues with third party software and applications is increasing, it is still not embedded in businesses as it ought to be".




Most Read

Azets Puts Best Foot Forward

Azets Puts Best Foot Forward

A Midlands charity that rescues surplus food and redistributes it has been given a boost thanks to the efforts of a local team of accountants.

Acquisition Success In Two Cities For Vail Williams

Acquisition Success In Two Cities For Vail Williams

Property consultancy Vail Williams has successfully acquired premises in Birmingham and Sheffield for leading intellectual property law firm Withers & Rogers.

Gebrüder Weiss Supports Woom’s European Logistics

Gebrüder Weiss Supports Woom’s European Logistics

Demand for bicycles across Europe rises sharply within a small window each spring. For manufacturers and retailers alike, timely product availability is critical during this peak season.

Categories

Clifton Ingram Appoints Leasehold Specialist As New Partner

Clifton Ingram Appoints Leasehold Specialist As New Partner

Leading law firm Clifton Ingram is delighted to announce the appointment of Sam Fellows as a Partner within its Dispute Resolution team, effective May 5th.

Neurodiverse Entrepreneur Builds Thriving Candle Business

Neurodiverse Entrepreneur Builds Thriving Candle Business

An Edinburgh-based entrepreneur is turning creativity into commercial success, as her handcrafted candle business continues to grow with support from Business Gateway.

Nottingham Drivers ‘In The Fast Lane’ With Official EV2 Launch

Nottingham Drivers ‘In The Fast Lane’ With Official EV2 Launch

Nottinghamshire drivers are now in pole position for electric driving after the all new Kia EV2 arrived at NK Motors in Chilwell for the first time.

Recent Posts

bottom of page