Printer Friendly, PDF & Email

The BRAVE approach: How to correctly automate third-party security

Matan Or-El ( is co-founder and CEO of Panorays in New York City.

In 2018, we saw the hacking of major retailers, such as Ticketmaster, Feedify, and British Airways, which occurred when the notorious cybercriminal Magecart group breached a company that provided web applications. In another security incident, more than 2.65 million Atrium Health patients’ data was breached through a third-party billing vendor, AccuDoc Solutions. Third-party security is clearly becoming an increasingly pressing concern for organizations.

A recent study by the Ponemon Institute found that 61% of US respondents reported that their organization experienced a data breach caused by one of their third parties, compared to 49% in 2016 and 56% in 2017.[1] With an increase in the number of third parties hired by organizations, sophisticated hacking techniques, and more data privacy laws, the implications of third-party risk will likely become even more serious.

This document is only available to members. Please log in or become a member