top of page

High-Profile Data Breaches Highlight Significant Data Threat

ree

The NHS has become the latest organisation to be impacted by a cyber-attack on a third-party supplier providing critical services, causing huge disruption to patient care. RSM UK says this latest attack highlights the growing risk to organisations as cyber criminals continue to target third-party service providers. Last week a third-party which holds data for millions of Ticketmaster and Santander customers was hacked by the ShinyHunters hacker group, which is now threatening to sell the data.

According to RSM UK’s latest The Real Economy findings, over half (58%) of middle market businesses have had a third-party service provider suffer a data breach or cyber-attack in the last 12 months. Over a quarter of businesses surveyed (26%) confirmed that this impacted their business either financially, reputationally, or operationally, up from 17% in 2022.

Sheila Pancholi, partner at RSM UK, said: “As the technology landscape evolves, many businesses have outsourced their IT service provision, including cyber security. This shift in behaviour does not go unnoticed by fraudsters, who can see third-parties as a weak link in the security chain, which many are successfully exploiting. While outsourcing can bring the key expertise and skills a business needs, strengthen operational resilience, and scale-up quickly, it can also increase the risk of data security issues and regulatory compliance breaches.”

ree

Stuart Leach, partner at RSM UK added: “The increase in third party breaches highlights the need for formal and extensive technology and cyber due diligence when selecting a third-party supplier."


"This ensures the proper controls and cyber defences are in place to mitigate risk. These defences should be tested at least annually."


"Those who have contracted work out to third parties may be held liable for the consequences, and have their business interrupted for considerable time."


"The reputational damage and loss of trust from customers that a cyber-attack can cause may take years to rebuild.”

Businesses should focus on the following:


  • Map your cyber footprint – this is everywhere your data is, and potentially includes providers without active agreements.

  • Understand your critical providers’ threat landscape and what the motivations of a cyber attacker might be.

  • Assess the potential impact to your business if a critical third-party provider is breached.

  • Assess your and your providers’ controls to manage cyber risk given their threat landscape.

Most Read

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

A Hampshire IT provider has acquired a ‘complementary’ firm in the East Midlands in a strategic move designed to boost nationwide growth plans. Ringwood-headquartered entrustIT has made Bedford’s DWM Technical Solutions its fifth wholly owned subsidiary.

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Responding to the Autumn Budget, Steven Martin, Senior Tax Manager at HWB Chartered Accountants, said:

“I would have liked to see more simplification in the range of tax rates and allowances. Instead, there is more complication, with fine judgements needed about marginal rates when it comes to tax planning."

Signings For AI Data Centre Capacity Trebles In Europe

Signings For AI Data Centre Capacity Trebles In Europe

Demand for data centre capacity dedicated to artificial intelligence (AI) has surged across Europe this year, as emerging AI infrastructure providers, often referred to as neoclouds, accelerate their expansion efforts amid slowing hyperscaler activity.

Categories

  • Writer: Paul Andrews
    Paul Andrews
  • Jun 6, 2024
  • 2 min read
ree

The NHS has become the latest organisation to be impacted by a cyber-attack on a third-party supplier providing critical services, causing huge disruption to patient care. RSM UK says this latest attack highlights the growing risk to organisations as cyber criminals continue to target third-party service providers. Last week a third-party which holds data for millions of Ticketmaster and Santander customers was hacked by the ShinyHunters hacker group, which is now threatening to sell the data.

According to RSM UK’s latest The Real Economy findings, over half (58%) of middle market businesses have had a third-party service provider suffer a data breach or cyber-attack in the last 12 months. Over a quarter of businesses surveyed (26%) confirmed that this impacted their business either financially, reputationally, or operationally, up from 17% in 2022.

Sheila Pancholi, partner at RSM UK, said: “As the technology landscape evolves, many businesses have outsourced their IT service provision, including cyber security. This shift in behaviour does not go unnoticed by fraudsters, who can see third-parties as a weak link in the security chain, which many are successfully exploiting. While outsourcing can bring the key expertise and skills a business needs, strengthen operational resilience, and scale-up quickly, it can also increase the risk of data security issues and regulatory compliance breaches.”

ree

Stuart Leach, partner at RSM UK added: “The increase in third party breaches highlights the need for formal and extensive technology and cyber due diligence when selecting a third-party supplier."


"This ensures the proper controls and cyber defences are in place to mitigate risk. These defences should be tested at least annually."


"Those who have contracted work out to third parties may be held liable for the consequences, and have their business interrupted for considerable time."


"The reputational damage and loss of trust from customers that a cyber-attack can cause may take years to rebuild.”

Businesses should focus on the following:


  • Map your cyber footprint – this is everywhere your data is, and potentially includes providers without active agreements.

  • Understand your critical providers’ threat landscape and what the motivations of a cyber attacker might be.

  • Assess the potential impact to your business if a critical third-party provider is breached.

  • Assess your and your providers’ controls to manage cyber risk given their threat landscape.

Most Read

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

Tech Provider Enters 20th Anniversary Year With Strategic Acquisition

A Hampshire IT provider has acquired a ‘complementary’ firm in the East Midlands in a strategic move designed to boost nationwide growth plans. Ringwood-headquartered entrustIT has made Bedford’s DWM Technical Solutions its fifth wholly owned subsidiary.

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Budget Does Nothing To Simplify Tax Rules, Leading Accountant Warns

Responding to the Autumn Budget, Steven Martin, Senior Tax Manager at HWB Chartered Accountants, said:

“I would have liked to see more simplification in the range of tax rates and allowances. Instead, there is more complication, with fine judgements needed about marginal rates when it comes to tax planning."

Signings For AI Data Centre Capacity Trebles In Europe

Signings For AI Data Centre Capacity Trebles In Europe

Demand for data centre capacity dedicated to artificial intelligence (AI) has surged across Europe this year, as emerging AI infrastructure providers, often referred to as neoclouds, accelerate their expansion efforts amid slowing hyperscaler activity.

Categories

Family Businesses Unite To Spread Festive Cheer At London Food Parcel Event

Family Businesses Unite To Spread Festive Cheer At London Food Parcel Event

The spirit of generosity was alive and well last week as family businesses from across London and the South East came together at Hayman’s of London in Balham for the annual Family Business Festive Food Parcel event.

Close Brothers Invoice Finance Recognised As ‘Invoice Finance Lender Of The Year’

Close Brothers Invoice Finance Recognised As ‘Invoice Finance Lender Of The Year’

Close Brothers Invoice Finance is delighted to have been recognised as ‘Invoice Finance Lender of the Year’ at the prestigious NACFB Commercial Lender Awards.

Clegg Construction Stages Topping Out Ceremony On Care Home

Clegg Construction Stages Topping Out Ceremony On Care Home

Contractor Clegg Construction has staged a topping out ceremony to mark a key milestone in its delivery of a new £13 million care home near Milton Keynes.

Recent Posts

bottom of page