Organizations not equipped to handle increasing third-party risks

No Comments
web threats

A new study into third-party risk management shows that 45 percent of organizations experienced a third-party security incident in the last year.

But the report from Prevalent also also reveals that eight percent of companies don't have a third-party incident response program in place, while 23 percent take a passive approach to third-party incident response.

Third-Party Risk Management (TPRM) is becoming more strategic but 45 percent of organizations are still using manual spreadsheets to assess third party risk. Two-thirds of respondents say that their TPRM programs have more visibility among executives and the board compared to last year. However, getting there has taken massive increases in third-party vendor and supplier-related cybersecurity issues such as Log4j, the Toyota supply chain breakdown, and the Kaseya ransomware attack.

These manual processes add unnecessary complexity and time to third-party risk audits, with 32 percent of respondents saying it takes more than a month -- more than 90 days in some cases -- to produce reporting and evidence required to meet regulatory audits.

"The past year has brought even more attention to the risks associated with third-party vendors and suppliers, specifically to the supply chain with continued cyber disruptions," says Brad Hibbert, chief strategy officer for Prevalent. "And although today's survey illustrates that organizations are starting to view their third-party management programs more strategically, there is still more progress to be made. More and more companies are starting to assess non-IT risks, which is a step in the right direction. But unfortunately, over half are not -- and that could lead to financial loss. Together with a comprehensive TPRM solution, companies can build a stronger defense against IT and reputational third-party risks."

The full report, including recommendations for benchmarking and improving TPRM processes, is available from the Prevalent site.

Image creditAndreus/depositphotos.com

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

TEAMGROUP unveils MP44Q M.2 PCIe 4.0 SSD

Cyberwarfare incidents reported by almost half of UK firms

Ransomware, meet DRaaS: The future of disaster mitigation

Get 'Modern DevOps Practices -- Second Edition' (worth $39.99) for FREE

Number of ransomware victims up 20 percent in first quarter of 2024

Low-code tools boost developer productivity

Cisco warns of serious CLI command injection vulnerability in its Integrated Management Controller

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

61 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.