A third of businesses would sack suppliers that neglected cyber security, research shows
A third (31%) of businesses would terminate contracts with suppliers whose negligence caused them to become a victim of cyber crime, according to our survey.
The research, which was conducted for Beaming by the consultancy Opinium, reveals that the majority of business leaders believe that their suppliers are obligated to ensure they do not expose them to unnecessary cyber security risks.
One in five (17%) would take legal action to recover financial losses incurred from a breach as a result of a supplier’s negligence, while a similar number (20%) would use the incident to negotiate a further discount. Just 3% of businesses said they would take no action.
Beaming’s survey also showed that victims of cyber crime could find it more difficult to attract new customers. More than a third (35%) of the leaders questioned said they wouldn’t work with a supplier they thought would make them more vulnerable to cyber crime, while a quarter (27%) said they would avoid using a company that had been publicly associated with a major cyber security breach.
A quarter (25%) of those questioned said they wouldn’t work with companies that didn’t have a documented cyber security policy in place, while one in five (19%) would avoid potential suppliers without cyber security insurance.
Small businesses are most at risk
Beaming’s research revealed that small businesses are most at risk of damaging their reputations and business relationships by neglecting their cyber security obligations. Amongst firms employing between 10 and 49 people, just half (51%) had a documented cyber security policy and a third (38%) had insurance in place for breaches and data theft at the beginning of 2018.
Meanwhile, only half (51%) of businesses employing fewer than 10 people were using a network perimeter firewall to stop threats from reaching their systems, and just one in three (30%) had intrusion detection systems to spot malicious activities or cyber security policy violations.
Sonia Blizzard, managing director of Beaming, comments: “We’ve seen for some time that hackers will seek to infiltrate one organisation as a stepping stone to then attack others. This research clearly shows that business leaders see cyber security as a shared responsibility. Businesses that neglect to take the steps necessary to protect themselves and their partners could find that a single breach could irreparably damage their hard earned reputations and relationships.”
“For businesses, the consideration of risk must extend beyond their own boundaries to incorporate customers, partners and other organisations they come into contact with. Rather than simply guarding what’s ours, we need a cyber security culture that means we all look out for those we do business with too. Just like herd immunity, if enough businesses are well secured, the ability for denial-of-service attacks, viruses and other attacks to spread will be greatly diminished.”
Stay up to date with quarterly cyber threat reports
Cyber Threat Report Q1 2020
The volume of cyber attacks on UK businesses increased by almost a third in the first three months of 2020.
Cyber report 2019: Volume of attacks doubles
The volume of online cyber attacks on UK businesses more than doubled in 2019, with organisations subjected to 576,575 attacks each.
Cyber Threat Report Q3 2019
The level of cyber attack activity on UK businesses continued to surge over the summer, with firms experiencing 157,528 attacks each on average.
Cyber Threat Report Q2 2019
The current rate of cyber attacks equates to one attack every 50 seconds and is the highest level recorded since Beaming started monitoring attacks in 2016.
UK Cyber Threat Report Q1 2019
Businesses have seen one attack per minute so far in 2019; that’s 119,659 each.