According to a recent survey by Gartner, 45% of organisations have experienced business interruptions due to third party factors within the past two years. The findings highlight an ongoing struggle for cybersecurity teams, despite extensive investment in third-party cybersecurity risk management (TPCRM).
Zachary Smith, Sr Principal Research at Gartner, pointed out how third-party cybersecurity risk management is often excessively process-oriented, resource-intense, and results are few and far between. “Cybersecurity teams struggle to build resilience against third party-related disruptions and to influence third party-related business decisions,” Smith remarked.
The survey, conducted in July and August of 2023, involved 376 senior executives who play an integral role in third-party cybersecurity risk management in their organisations. These organisations hail from a variety of geographies and industries, and range vastly in size.
According to Gartner, successful TPCRM relies on an organisation’s capability to deliver three key outcomes: resource efficiency, risk management and resilience, and influence over business decision-making. Despite this, most companies…
