Businesses today operate in an uncertain world with a wide range of risks beyond just cyber security, especially geopolitical and financial. Yet, security and risk management leaders in Australia are expected to ensure the integrity of mission-critical operations without exception, at all times.
Just like death and taxes, it’s inevitable that some of the third parties that organisations engage with will experience some form of risk or incident. It’s never been more critical for security and risk leaders to address emerging third-party risks and establish effective controls to build a resilient third-party ecosystem and avoid business disruption.
The problem is that it can be very difficult to identify risks just by looking at the surface. What lies underneath? An independent assessment helps – but the risks organisations should be worried about are based on their dependence on the third-party – and their risk appetite. This is largely determined by the countries, laws and regulations they operate in, as well as industry norms.
By 2025, Gartner predicts 60% of organisations will use cyber security risk as a significant determinant in conducting third-party transactions…
