Corporate Treasury is top target for cybercriminals

Furthermore, the report indicated that many corporates are not being as vigilant as they should be when it comes to securing their treasury against cyber-crime risk, particularly when mitigating the risks posed by insecure third parties.

According to the research almost every fifth company (19%) does not check whether their suppliers use the same methods for identity authentication as they do. Often, companies and suppliers do not coordinate regulatory and compliance rules. Nor do they always ensure that information security requirements that apply to third parties are also extended to their subcontractors.

Even though almost all companies in the survey performed internal penetration testing (92%), one-third of companies (33%) do not conduct external testing. Only 38% of companies require all of their third parties and suppliers to perform penetration testing.

Sectors with the lowest %age of authentication testing are, according to the research, manufacturing (43 %), agriculture and agribusiness (38 %), energy and natural resources (32 %), construction and real estate (31 %) and professional services (25 %).

The Deutsche Bank report is called “Third-party risks: the cyber dimension” and it is based on a survey of over 300 senior corporate treasury executives.