Are your suppliers GDPR compliant? Do they work to the same standards as you? Are they protecting your data with the same standards you protect your own?
Supply chains are increasingly becoming more of a risk to an organisation, with increased flows of data throughout third party services, your supplier could be putting your business at risk.
As Dark Reading reported recently, supply chain cyberattacks surged 200% in 2017.
Suppliers and third-parties now have more access to company data than ever before, and hackers will always look to attack the weakest link, which can often be a company’s supply chain.
And now with GDPR in full force, companies are ultimately responsible for the security of their data, whether that be held within their own company, or held with a third-party supplier. Data security and integrity, therefore, needs to be at the forefront of every supplier relationship and it is essential that due diligence is carried out before any supplier relationship is entered into. Existing relationships can also be audited for GDPR purposes, allowing your organisation to ensure that the same standard of security is applied throughout the company you are trusting your data with.
The questions you should be asking your suppliers:
- What cybersecurity tests are you conducting and how frequently?
- How do you comply with GDPR? What policies have you got in place?
- How are you able to assist with a Subject Access Request?
- Do you comply with any cybersecurity standards?
- Do you know where all of your data is stored?
- How and where will my data be stored?
- How will my files be encrypted and backed up?
- What happens to my data when/if we leave?
How can this be audited on a regular basis? Can your supplier substantiate any of the above? RiskView can tick these boxes for you. Assess your supply chain to ensure that they are mitigating information risk, delivering further security and opportunities for your organisation. Their failures can easily become your problem.
Take a look and see how RiskView is already helping many organisations manage their supply chain security, and arrange your free demo today.
- 22nd July 2019The Human Element of Data Security
- 15th July 2019Third Party Data Protection
- 10th July 2019Two Fines in Two Days – ICO Plans to Fine Marriot £99m
- 10th July 2019ICO Issues A Record Fine for BA
- 2nd July 2019Do You Have True Visibility of Your Data?
- 18th June 2019Reduce Your Exposure to a Data Breach
- 15th May 2019Organisations Relationship with Cybersecurity and their Workforce – In Scope
- 9th May 2019Subject Access Requests
- 1st May 2019Data Discovery
- 26th April 2019Defence In Depth