The Cost of Third-Party Cybersecurity
Risk Management

Third parties are inundated with assessments and enterprises aren't
getting the insights they need - and the cost of failure is high.

Download the Report

In the past two years, 53% of organizations have experienced one or more data breaches caused by a third party, costing an average of
$7.5 million to remediate.

Third parties spend
15,000+ hours
completing assessments each year

Enterprises only take action on
8% of the assessments they receive.

Retail & Financial Services

Reported the most third-party breaches, despite the fact that their third parties spend more than 16,500 hours a year filling in manual assessments.

Health & Pharma

are most likely to use a combination of tools to assess their third parties and less likely to have a third-party breach.

40% of organizations use manual procedures like spreadsheets and 51% employ risk scanning tools to vet their third parties.

54 of respondents said the results of these tools provide, at best, only somewhat valuable information.

The cost of failing to vet and evaluate third parties effectively is $13,000,000(costs include potential impact on reputation and brand,
decreases in share value, loss of business, etc.)