Only 14 percent continuously assess the risk and use of third-party risk management tools.
Just over half of UK financial services institutions suffered a third-party supply chain attack in 2024.
According to research from Orange Cyberdefense, 58 percent have suffered the attacks, with 23 percent being targeted three or more times. The research also found that 44 percent of financial services institutions only assess third-party risk during the initial supplier onboarding stage, while 41 percent perform periodic risk assessments.
Only 14 percent continuously assess the risk and use of third-party risk management tools.
Richard Lindsay, Principal Advisory Consultant at Orange Cyberdefense, said: “As our research shows, the threat landscape is especially volatile, with supply chain attacks a growing issue for many businesses, UK financial services included.
“Against this backdrop, it’s clear that despite the UK’s relative freedom from EU regulation, cybersecurity professionals here would rather see UK policy hew closer to the EU’s in the near term. Only by keeping pace with our closest neighbours and trading partners can we all benefit from improved digital resilience.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
