Cyber-attacks are costing suppliers higher auditing fees, even when it was their customer that experienced the attack, not them.
According to a recent study in Science Direct magazine, “The impact of customer firm data breaches on the audit fees of their suppliers”, a suppliers auditing fees often jump as much as 6% when a big customer experiences a cyberattack, “when the supplier itself didn’t suffer a breach.”
“It’s not enough to know that your company is secure. A cyber breach at a key customer could have a big financial impact for your company,” said Tom Smith, co-author of the study and associate professor at the University of South Florida.
“Other possible repercussions for suppliers in the wake of a cyberattack at a key customer: Earnings could be significantly lower, inventory could sit longer than expected or there may not be enough cash on hand to make debt payments, says Smith, who is also associate director at the University of South Florida’s Lynn Pippenger School of Accountancy.
“Auditors for public companies are required to account for supply-chain risk. When a company in the supply chain suffers a cyberattack, auditors may need more time or people to get a full grasp of the impact of the cybersecurity breach on a supplier’s financial statement. Accountants might also face increased litigation and reputational risk for auditing a company in the same supply chain as a company that has been hacked.”
Jason Keirstead, VP of Collective Threat Defense, Cyware:
“Today’s organizations need to broaden the scope of their security programs to include aiding in the defense of suppliers as well as the organization itself. Collective defense for supply chains enables critical intelligence sharing, operationalization, and collaboration for interconnected business ecosystems. This collaborative approach fosters a more proactive and resilient stance against cyber threats, getting beyond individual organizational boundaries.”
The fact that supply chain attacks for example are incredibly devastating show the need for everybody you deal with to be on the same page as you. There’s simply no option anymore as the threat landscape is too great.
Like this:
Like Loading...
Related
This entry was posted on March 21, 2024 at 8:10 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Why a Supplier Should Care If Its Customer Is Hacked
Cyber-attacks are costing suppliers higher auditing fees, even when it was their customer that experienced the attack, not them.
According to a recent study in Science Direct magazine, “The impact of customer firm data breaches on the audit fees of their suppliers”, a suppliers auditing fees often jump as much as 6% when a big customer experiences a cyberattack, “when the supplier itself didn’t suffer a breach.”
“It’s not enough to know that your company is secure. A cyber breach at a key customer could have a big financial impact for your company,” said Tom Smith, co-author of the study and associate professor at the University of South Florida.
“Other possible repercussions for suppliers in the wake of a cyberattack at a key customer: Earnings could be significantly lower, inventory could sit longer than expected or there may not be enough cash on hand to make debt payments, says Smith, who is also associate director at the University of South Florida’s Lynn Pippenger School of Accountancy.
“Auditors for public companies are required to account for supply-chain risk. When a company in the supply chain suffers a cyberattack, auditors may need more time or people to get a full grasp of the impact of the cybersecurity breach on a supplier’s financial statement. Accountants might also face increased litigation and reputational risk for auditing a company in the same supply chain as a company that has been hacked.”
Jason Keirstead, VP of Collective Threat Defense, Cyware:
“Today’s organizations need to broaden the scope of their security programs to include aiding in the defense of suppliers as well as the organization itself. Collective defense for supply chains enables critical intelligence sharing, operationalization, and collaboration for interconnected business ecosystems. This collaborative approach fosters a more proactive and resilient stance against cyber threats, getting beyond individual organizational boundaries.”
The fact that supply chain attacks for example are incredibly devastating show the need for everybody you deal with to be on the same page as you. There’s simply no option anymore as the threat landscape is too great.
Share this:
Like this:
Related
This entry was posted on March 21, 2024 at 8:10 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.