Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight

Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
October 25, 2019 Heather Smith

In a recent analysis of more than 18 million breached corporate credentials tied to companies in the Fortune 1000, SpyCloud confirmed a disappointing lesson: Fortune 1000 employees are just as bad about reusing passwords as the rest of us. For the many enterprises doing business with these organizations, that data reflects very real risk. A disturbing percentage of successful attacks on corporate infrastructure originate through credential compromises of partners, vendors, and other third parties.
 
Due to the realities of modern commerce, criminals are often only a degree or two away from accessing your sensitive data. In order to do business we must often provide access to our systems to “trusted” third-parties…to share information, streamline the supply chain, or even to expand through acquisition. Unfortunately, we can’t always choose who these trusted third parties are, and often have to blindly open ourselves up to exposure.
 
SpyCloud can help. Today, we’re excited to introduce SpyCloud Third Party Insight, a new offering that applies the power of SpyCloud’s dataset to the supply chain, helping our customers reduce their risk of data breaches caused by third-party account takeover.
 
This new offering builds on the work we already do to help SpyCloud customers monitor the exposure of their employee and consumer credentials to prevent account takeover. Over the last year, our customers have increasingly expressed concerns about how those exposures extend to their third-party relationships. They’ve shared that gaining visibility into external credential exposures poses a significant challenge; while there are well-known solutions on the market to measure overall third-party risk and provide vendor security ratings, none of them provide sufficient insight into third-party account takeover risk or enable affected third parties to resolve those exposures.
 
SpyCloud Third Party Insight satisfies the demand we’ve been hearing from our customers, providing deep visibility of third-party data breach exposures and and making it as easy as possible to share that information to support remediation. Let’s take a closer look.
 

Quickly Identify Supply Chain Breach Exposures with the Industry’s Best Dataset

SpyCloud maintains the largest database of breach records in the world, with more than 77 billion records and growing. Our researchers use human intelligence to recover stolen credentials early in the breach timeline, which is the most dangerous time for enterprises. Resetting exposed passwords early shortens the window for malicious actors to use them for nefarious purposes.
 
SpyCloud Third Party Insight distills our breach dataset into a format you can easily operationalize to monitor your third party relationships. The platform categorizes third parties into high, medium, and low risk scores, giving you an overview of your third-party breach exposure at a glance. You can view a report of third-party risk scores that have recently changed, or drill down to each partner page to see a visualization of how their breach exposure has changed over time. You can also see what factors go into those third-party risk scores, including total exposed corporate credentials, potentially infected employees, and password reuse rates.
 

Drive Remediation by Sharing Data with Affected Third Parties

SpyCloud customers report that sharing risk assessment data with third parties can raise serious challenges. If your department doesn’t manage the third-party relationship directly, going through a non-technical relationship manager can create confusion and waste time for both sides. Worse, many third-party risk rating providers won’t share enough detail for third parties to take action.
 
With SpyCloud Third Party Insight, you can share detailed findings with your third parties via access to the SpyCloud portal, which reduces the need for back-and-forth communication with other stakeholders. After confirming ownership of their corporate domains, partners you select will be able to see exactly what breach data SpyCloud has collected on their employees to enable remediation, including exposed corporate credentials with plaintext passwords.
 
Third parties receive two remediation options within the portal. For ongoing coverage, third parties can opt to use SpyCloud Active Directory Guardian, which detects and resets exposed Active Directory passwords automatically. For manual remediation, they have the option to download a CSV file containing compromised credentials to compare to their active user passwords.
 

Monitor Which Vendors Have Taken Action to Resolve Their Exposures

Sharing information with third parties about potential security issues is hard enough. Chasing down answers about whether they have validated and resolved the problems can be even more difficult, often wasting time and creating frustration for busy teams.
 
SpyCloud Third Party Insight provides visibility of the actions your third parties have taken so your team doesn’t need to go hunting for answers. When a third party remediates their exposures, their security rating will drop. You’ll be able to see the change on their individual partner page and from the main Third Party Insight dashboard, which indicates how many third-party risk scores have recently changed. From there, you can quickly pivot to a report of all third parties who have recently decreased their security ratings, making it easy to track remediation activities and close the loop on your outreach efforts.
 

Interested in learning more?