Retail Security: Third-Party Interaction

by Eric Cole, PhD
Sept. 1, 2017 0 comments SANS Institute

Many recent retail breaches share a common data point: They were the result of an adversary compromising a third party and then using it as a pivot point to compromise the retail organizations.Although third parties offer many benefits to retailers, including providing organizations access to services they don’t specialize in, they can often create additional security risks and exposures. Because an adversary will always utilize the easiest, simplest and most effective way to break into an organization, a third party with full access to the network poses significant exposure.