Only 14 percent continuously assess the risk and use of third-party risk management tools.
Just over half of UK financial services institutions suffered a third-party supply chain attack in 2024.
According to research from Orange Cyberdefense, 58 percent have suffered the attacks, with 23 percent being targeted three or more times. The research also found that 44 percent of financial services institutions only assess third-party risk during the initial supplier onboarding stage, while 41 percent perform periodic risk assessments.
Only 14 percent continuously assess the risk and use of third-party risk management tools.
Richard Lindsay, Principal Advisory Consultant at Orange Cyberdefense, said: “As our research shows, the threat landscape is especially volatile, with supply chain attacks a growing issue for many businesses, UK financial services included.
“Against this backdrop, it’s clear that despite the UK’s relative freedom from EU regulation, cybersecurity professionals here would rather see UK policy hew closer to the EU’s in the near term. Only by keeping pace with our closest neighbours and trading partners can we all benefit from improved digital resilience.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
