There’s been a major trend in recent years where organizations seeking to cut costs and focus on core competencies outsource more to third parties. Cost-effective scalability for everything from data centers to global supply chains increasingly depends upon a complex network of external vendors, suppliers and service providers.
While many enterprises may have taken the cybersecurity of third parties for granted in the past, increasingly stringent regulations influenced by a string of high-profile data breaches and the General Data Protection Requirement (GDPR) are changing that.
It’s not enough to formulate and fortify your own cyber posture — you must also consider the defenses of your external partners who also have access to your network.
Although there seems to be significant awareness of third-party risk, with 60% of respondents in a recent NTT Security report pointing to third parties as the weakest security link in their organizations, most companies simply aren’t doing enough to assess or mitigate that risk.
Third-Party Risk Is Very Real
Too many organizations have little or no insight into the security processes and systems of the third parties…