A third of IT managers (64 percent) at medium sized businesses in the UK expect some of their suppliers not to have formal security procedures in place.
More surprisingly, almost a quarter of IT managers (22 percent) at large companies have the same low expectation of their suppliers, according to a YouGov survey commissioned by the NCC Group.
The survey found that 20 per cent of IT managers surveyed working in large businesses believe that their outsourced systems and processes are less secure than in-house alternatives.
However, Research commissioned by NCC Group plc has found that 89 per cent of large companies in the UK outsource at least one IT system or business process.
A separate PA consulting report said that 31 per cent of companies plan to outsource more over the next year.
According to NCC Group, this suggests that despite IT managers’ concerns that their suppliers are not secure, companies are opting for low-cost providers that cannot prove their security credentials.
John Redeyoff, head of 365, a new new security and performance certification programme from NCC Group said, “The security industry and IT managers are calling for suppliers to prove they are secure, yet companies choosing to outsource business critical systems simply aren’t asking the right questions, and are putting business critical functions at risk as a result.
“Businesses that fail to check their suppliers’ credentials, choosing cost and convenience over security, are investing in false economy.”