Preventing cyber security attacks lies in strategic, third-party investments
Companies that want to keep data safe need to strengthen every vendor handling data
- Date:
- October 21, 2019
- Source:
- American University
- Summary:
- Companies interested in protecting themselves and their customers from cyber-attacks need to invest in themselves and the vendors that handle their data, according to new research.
- Share:
Companies interested in protecting themselves and their customers from cyber-attacks need to invest in themselves and the vendors that handle their data, according to new research from American University.
The study, conducted by Jay Simon and Ayman Omar from the university's Kogod School of Business, was accepted for publication by the European Journal of Operation Research. They found that a data breach due to a third-party supplier was more likely to lead to an underinvestment in cybersecurity measures. High-profile third-party data breaches have impacted Target, T-Mobile, and the IRS.
"Companies that want to be the most effective at preventing cyber-attacks need to look at every entity that handles their data," Omar said. "If you have one weak link, the entire operation is compromised. If I'm running a company that has strong cyber security measures in place, but my third-party vendors don't, the company is still at risk."
To mitigate risks, Simon and Omar recommend companies that are typically competitors become allies in strengthening cyber security supply chains.
"It's in the best interest of companies that normally compete with each other to combine investments to make cyber security supply chains better," Omar added.
Story Source:
Materials provided by American University. Note: Content may be edited for style and length.
Journal Reference:
- Jay Simon, Ayman Omar. Cybersecurity investments in the supply chain: Coordination and a strategic attacker. European Journal of Operational Research, 2019; DOI: 10.1016/j.ejor.2019.09.017
Cite This Page: