SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Tesserent advises on third-party risks after MediSecure breach

Tue, 21st May 2024

In the wake of a cyber security incident involving MediSecure, Tesserent, a prominent cyber security company associated with Thales Australia, has issued crucial advice for organisations on managing third-party supplier risks. The incident serves as a reminder of the multifaceted nature of modern cybersecurity challenges.

Mark Jones, Senior Partner at Tesserent, emphasises the significance of scrutinising the information risk management practices of third-party suppliers. He underscores the necessity for organisations to shield sensitive data, safeguard intellectual property, maintain the integrity of supply chains, comply with regulatory frameworks, and mitigate operational risks.

Jones points out that it is not sufficient for organisations to bolster their internal controls alone; there must be equal emphasis on the security protocols of third-party suppliers. "This process can be resource-intensive and time-consuming, and we are always assisting our clients with it," he stated.

Jones highlights the critical need to consider cybersecurity risks associated with third-party relationships. "Even the most robust internal security measures can become irrelevant if third parties present potential vulnerabilities," he warns. This sentiment is echoed in the persistent efforts by cyber security professionals to extend their protective measures beyond their immediate organisational boundaries.

Tesserent offers a specialised Third Party Assessment as a Service (TPAaaS) service. This service aims to develop processes and methodologies for evaluating third-party supply chain risks, carry out assessments of suppliers identified as high-risk, and provide ongoing risk management to minimise potential business impacts. Through detailed evaluations of each supplier's security framework, Tesserent equips its clients with a comprehensive understanding of the levels of risk associated with each supplier.

Jones further explains that this information is pivotal in deciding the nature of relationships with suppliers. It can assist in negotiating contract terms, setting expectations, or implementing additional security layers to mitigate potential risks. "A proactive approach is crucial to identify and close vulnerabilities before cybercriminals can exploit them," says Jones.

As one of the largest cyber security providers in Australia and New Zealand, Tesserent has a substantial footprint across various sectors, including federal and state government bodies and over 1,000 corporate clients. The firm, in collaboration with Thales Australia, is deeply involved in some of Australia's most sensitive defence programmes, supporting critical infrastructure operators, government departments, and the corporate sector.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X