In a recent analysis of more than 18 million breached corporate credentials tied to companies in the Fortune 1000, SpyCloud confirmed a disappointing lesson: Fortune 1000 employees are just as bad about reusing passwords as the rest of us. For the many enterprises doing business with these organizations, that data reflects very real risk. A disturbing percentage of successful attacks on corporate infrastructure originate through credential compromises of partners, vendors, and other third parties.
Due to the realities of modern commerce, criminals are often only a degree or two away from accessing sensitive data. To do business we must often provide access to our systems to “trusted” third parties…to share information, streamline the supply chain, or even to expand through acquisition. Unfortunately, we can’t always choose who these trusted third parties are, and often have to blindly open ourselves up to exposure.
We help with SpyCloud Third Party Insight, our product that applies the power of SpyCloud’s Cybercrime Analytics to the supply chain, helping our customers reduce their risk of data breaches and targeted attacks caused by third-party account takeover.
This capability builds on the work we already do to help SpyCloud customers monitor the exposure of their employee identity and consumer credentials to prevent account takeover. Over the past few years, our customers have increasingly expressed concerns about how those exposures extend to their third-party relationships. They’ve shared that gaining visibility into external credential exposures poses a significant challenge; while there are well-known solutions on the market to measure overall third-party risk and provide vendor security ratings, none of them provide sufficient insight into third-party account takeover risk or enable affected third parties to resolve those exposures.
SpyCloud Third Party Insight satisfies the demand we’ve been hearing from our customers, providing deep visibility of third-party data breach exposures and malware infections, making it as easy as possible to share that information to support remediation. Let’s take a closer look.
Quickly Identify Supply Chain Exposures with the Industry’s Best Data and Analytics
SpyCloud maintains the largest database of breach and malware records in the world, with more than 500 billion records and growing. Our researchers recover stolen credentials early in the exposure timeline, which is the most dangerous time for enterprises. Resetting exposed passwords early shortens the attack window for malicious actors to use them for nefarious purposes.
SpyCloud Third Party Insight distills our recaptured employee dataset into a format you can easily operationalize to monitor your third-party relationships. The platform categorizes third parties into high, medium, and low risk scores, giving you an overview of your third-party breach exposure at a glance. You can view a report of third-party risk scores that have recently changed, or drill down to each partner page to see a visualization of how their malware and breach exposure has changed over time. You can also see what factors go into those third-party risk scores, including total exposed corporate credentials, malware-infected employees, and password reuse rates.
Drive Remediation by Sharing Data with Affected Third Parties
SpyCloud customers report that sharing risk assessment data with third parties can raise serious challenges. If your department doesn’t manage the third-party relationship directly, going through a non-technical relationship manager can create confusion and waste time for both sides. Worse, many third-party risk rating providers won’t share enough detail for third parties to take action.
With SpyCloud Third Party Insight, you can share detailed findings with your third parties via access to the SpyCloud portal, which reduces the need for back-and-forth communication with other stakeholders. After confirming ownership of their corporate domains, the partners you select will be able to see exactly what breach data SpyCloud has collected on their employees to enable remediation, including exposed corporate credentials with plaintext passwords.
Third parties receive two remediation options within the portal. For ongoing coverage, third parties can opt to use SpyCloud Active Directory Guardian, which detects and resets exposed Active Directory passwords automatically. For manual remediation, they have the option to download a CSV file containing compromised credentials to compare to their active user passwords.
Monitor Which Vendors Have Taken Action to Resolve Their Exposures
Sharing information with third parties about potential security issues is hard enough. Chasing down answers about whether they have validated and resolved the problems can be even more difficult, often wasting time and creating frustration for busy teams.
SpyCloud Third Party Insight provides visibility of the actions your third parties have taken so your team doesn’t need to go hunting for answers. When a third party remediates their exposures, their risk rating will drop. You’ll be able to see the change on their individual partner page and from the main Third Party Insight dashboard, which indicates how many third-party risk scores have recently changed. From there, you can quickly pivot to a report of all third parties who have recently decreased their security ratings, making it easy to track remediation activities and close the loop on your outreach efforts.
Interested in learning more?