Partners are the weakest link in IT Security. The question you should ask yourself; are you the weak partner?
Why bother attacking a well-resourced Business or Government Department that puts information security first when that same organisation has a weaker partner? Take the recent example where Su Bin reached a plea deal in the U.S district court of California admitting to breaking into and stealing information about the latest US aircraft F-22, F-35, C17 and selling it to China.
Although an extreme example as Boeing is a hard target, the analogy can be drawn on a much smaller scale.
Do you know who your weak partner is?
The weak partner offers an easy attack vector as any email or electronic connection with them is afforded an elevated level of trust.
Hackers (like water) follow the path of least resistance on their journey to the prize, your information. Have you reviewed your partner’s information security, are they accredited, do they take security seriously?
Are you a partner with a larger firm or government department? for most of us, the answer is yes. Ask yourself: Could my business be used as a pivot into one of my partners? What would the fallout be from a breach that was enabled by me?