Executives Expect to See 247% Spike in Cyberattacks Through Third Party Access over the Next Two Years, According to New Cybersecurity Imperative Study

October 16, 2018 GMT

NEW YORK & LONDON--(BUSINESS WIRE)--Oct 16, 2018--Opus, the leading provider of global compliance and risk management solutions, in partnership with independent research firm ESI ThoughtLab, WSJ Pro Cybersecurity and a coalition of leading cybersecurity organizations, has announced the launch of The Cybersecurity Imperative – a landmark global cyber risk study benchmarking the cybersecurity practices and performance of over 1,300 organizations around the world.

By 2021, cybercrime is likely to cost the world $6 trillion annually—more than the combined GDP of the UK and France. As companies embrace the latest technologies and respond to heightened regulation, cybersecurity has become a top management priority across industries and markets. Through rigorous global research and interviews with leading experts and practitioners, The Cybersecurity Imperative was designed to uncover best practices, performance metrics and calls to action from CISOs and leading experts.


As part of the study, respondents were asked to identify the leading internal and external risks to their organization, as well as assess their own cyber security maturity. The study found that data sharing with suppliers represented the most significant risk to an organization’s IT infrastructure: 57% of all respondents highlighted data sharing with third parties as their greatest vulnerability. Because of their integrated supply chains, energy companies and utilities (66%), consumer markets firms (60%) and manufacturers (58%) are the most susceptible.

Attacks on and through third party partners, customers and vendors represent the fastest growing threats across the cyber risk landscape, as the use of supplier ecosystems and embedded systems continues to grow. Attacks on partners and vendors are expected to grow 284% and through partners and vendors by 247% over the next two years. In comparison, the implementation of information security practices for third parties are expected to grow just 106% over the same period – suggesting that the threat looms much larger than the planned efforts to contain it.

“As firms advance through digital transformation, they rely to an increasing degree on technology vendors and partners, exposing their organizations to ever-expanding third-party cyber risks,” Dov Goldman, VP, Innovation and Alliances at Opus, said. “Companies must support digital innovation with the tools and business practices to manage rising information security and privacy risks, especially those from third parties.”

In addition to identifying key risks to an organization, the study also assessed overall cybersecurity organizational maturity and developed analytical tools to help organizations benchmark approaches and assess performance impacts. Other significant findings from The Cybersecurity Imperative include:


  • People remain the largest risk to an organization. Nearly all firms (87%) see untrained general staff as the biggest cyber risk to their business.
  • Digital transformation is creating significant risks for an organization. The areas of greatest impact: new technologies, such as AI and IoT (56%), cloud-based and open platforms (55%), increasing interconnectivity and mobile use (38%).
  • When assessed across the NIST cybersecurity framework, just under half of companies (49%) are in the intermediate stage of cybersecurity maturity, while 31% are beginners and only 20% are leaders.
  • Digital maturity often goes hand-in-hand with cybersecurity maturity. Born-digital platform companies are more likely to be leaders (30%) and have the highest cybersecurity maturity score. Whereas 68% of digital beginners are also cybersecurity beginners.
  • Perceptions of cybersecurity change as a company’s approach matures: 19% of beginners see cybersecurity as a reputational risk, in contrast to 41% of leaders. 23% of leaders saw cybersecurity an area of competitive advantage compared to 6% of beginners.
  • The US ranked highest overall in cyber maturity and volume of companies with advanced cybersecurity programs. Rounding out the top five include South Korea, Japan, France and Australia.

To explore how corporate leaders and cyber decision-makers across industries and regions are working to understand and mitigate the cyber threat landscape, download the full Cyber Imperative report here:


About Opus
Opus is a global risk and compliance SaaS and data solution provider, founded on a simple premise: that faster, better decisions in compliance and risk management give businesses an extraordinary advantage in the marketplace.

Today, the world’s most respected global corporations rely on Opus to free their business from the complexity and uncertainty of managing customer, supplier and third-party risks. By combining the most innovative SaaS platforms with unparalleled data solutions, Opus turns information into action so businesses thrive.

For more information about Opus, please visit www.opus.com.

About the Research Team

ESI ThoughtLab : ESI ThoughtLab is the thought leadership arm of Econsult Solutions Inc., a leading economic consultancy. The innovative think tank offers fresh ideas and evidence-based analysis to help business and government leaders understand and respond to economic, industry and technological shifts around the world. Its team of top economists and thought leaders excel at creating valuable decision support that combines visionary thinking, analytical excellence, and multi-format content.

WSJ Pro Cybersecurity : WSJ Pro Cybersecurity is designed to help executives monitor the ever-changing landscape of cybersecurity through a business lens. Our dedicated team delivers unique, actionable insight on the wide-ranging challenges of cybercrime risk.

About the Study

The Cybersecurity Imperative is based on a global survey of 1,300 organizations across industries and regions, meetings with an advisory panel, in-depth interviews with leading experts, and rigorous benchmarking analysis. The research was conducted in conjunction with a diverse coalition of sponsors, including Protiviti, Baker McKenzie, CyberCube, HP Inc., KnowBe4, Opus, Security Industry Association, and Willis Towers Watson.

View source version on businesswire.com:https://www.businesswire.com/news/home/20181016005938/en/

CONTACT: Cognito

Diana Alickaj / Paul Bowhay, +1 646-395-6300





Copyright Business Wire 2018.

PUB: 10/16/2018 01:35 PM/DISC: 10/16/2018 01:35 PM