A third of businesses would sack suppliers that neglected cyber security, research shows
A third (31%) of businesses would terminate contracts with suppliers whose negligence caused them to become a victim of cyber crime, according to our survey.
The research, which was conducted for Beaming by the consultancy Opinium, reveals that the majority of business leaders believe that their suppliers are obligated to ensure they do not expose them to unnecessary cyber security risks.
One in five (17%) would take legal action to recover financial losses incurred from a breach as a result of a supplier’s negligence, while a similar number (20%) would use the incident to negotiate a further discount. Just 3% of businesses said they would take no action.
Beaming’s survey also showed that victims of cyber crime could find it more difficult to attract new customers. More than a third (35%) of the leaders questioned said they wouldn’t work with a supplier they thought would make them more vulnerable to cyber crime, while a quarter (27%) said they would avoid using a company that had been publicly associated with a major cyber security breach.
A quarter (25%) of those questioned said they wouldn’t work with companies that didn’t have a documented cyber security policy in place, while one in five (19%) would avoid potential suppliers without cyber security insurance.
Small businesses are most at risk
Beaming’s research revealed that small businesses are most at risk of damaging their reputations and business relationships by neglecting their cyber security obligations. Amongst firms employing between 10 and 49 people, just half (51%) had a documented cyber security policy and a third (38%) had insurance in place for breaches and data theft at the beginning of 2018.
Meanwhile, only half (51%) of businesses employing fewer than 10 people were using a network perimeter firewall to stop threats from reaching their systems, and just one in three (30%) had intrusion detection systems to spot malicious activities or cyber security policy violations.
Sonia Blizzard, managing director of Beaming, comments: “We’ve seen for some time that hackers will seek to infiltrate one organisation as a stepping stone to then attack others. This research clearly shows that business leaders see cyber security as a shared responsibility. Businesses that neglect to take the steps necessary to protect themselves and their partners could find that a single breach could irreparably damage their hard earned reputations and relationships.”
“For businesses, the consideration of risk must extend beyond their own boundaries to incorporate customers, partners and other organisations they come into contact with. Rather than simply guarding what’s ours, we need a cyber security culture that means we all look out for those we do business with too. Just like herd immunity, if enough businesses are well secured, the ability for denial-of-service attacks, viruses and other attacks to spread will be greatly diminished.”
Stay up to date with quarterly cyber threat reports
Cyber attacks in Q2 2021
The number of cyberattacks on UK companies fell for the first time in almost three years during the second quarter of 2021, but the threat level remains high and caution is still urged.
Q1 2021 Cyber Threat Report
Commercial cyberattacks are up 11 per cent year-on-year, with businesses hit every 45 seconds.
2020 Cyber Threat Analysis
2020 was the busiest year on record for cyber attacks on UK companies. The volume of attacks surged as the UK went into lockdown for the first time and remained exceptionally high.
Q3 2020 Cyber Threat Report
IoT devices such as networked printers and security cameras, file-sharing applications and company databases were the most frequent targets in our Q3 2020 Cyber Threat Report
Cyber Threat Report Q2 2020
The volume of cyber attacks on UK businesses increased after the country went into lockdown and reached unprecedented levels in the second quarter of 2020.