ESG Research: Only 31% of critical infrastructure organizations always audit the security processes and procedures of their strategic infrastructure vendors. Only 30% of those organizations audit their IT vendors outside of software. Most IT vendors get a security “free pass” in one way or another, author says. Insecure IT products in the critical infrastructure leave us completely vulnerable to some type of cyber attack that could disrupt our economy — and our lives — for some period of time. To minimize the risk of a massive economic disruption, one of two things must happen: The market responds.”]
Source: https://www.csoonline.com/article/2228704/are-it-vendors-getting-a–free-pass–on-security-.html