CFOs know all too well the financial risks of a cybersecurity breach, especially when an attack grinds business to a halt. But it’s not just your company getting breached that you have to worry about; cyberattacks on your vendors can also prove damaging.
A rash of widespread vendor outages are a wake-up call to finance leaders that third-party cyber risks can be just as disruptive to their business as direct attacks—and companies can do a lot more to manage that risk, according to experts.
“I think we are miles away from where we need to be in organizations managing [third-party cyber risk] and insurance underwriting for it,” Alexandra Bretschneider, cyber practice leader at insurance broker Johnson, Kendall & Johnson, told CFO Brew. “And I think there’s a lot of improvement yet to come.”
“This really is not just an IT problem,” either, according to Karen Walker, CFO of cloud security platform Sysdig. “Cybersecurity has now quickly become a strategic imperative for companies,” Walker told us. “When vendors get compromised, it’s not just the data at stake. It’s revenue, it’s reputation, and it’s regulatory exposure as well.”
It’s the downtime.…
