#NCSAM: Third-Party Risk Management is Everyone’s Business
This week’s theme for National Cyber Security Awareness Month is “Cybersecurity in the Workplace is Everyone’s Business.”
And we couldn’t agree more. Cybersecurity is a shared responsibility that extends not just to a company’s employees, but even to the vendors, partners and suppliers that make up a company’s ecosystem. The average Fortune 500 company works with as many as 20,000 different vendors, most of whom have access to critical data and systems. As these digital ecosystems become larger and increasingly interdependent, the exposure to third-party cyber risk has emerged as one of the biggest threats resulting from these close relationships.
Third-party risk is only going to get more difficult, but collaboration – the pooling of information, resources and knowledge – represents the industry’s best chance to effectively mitigate this growing threat. The PwC Global State of Information Security Survey 2016 found that 65 percent of organizations are formally collaborating with partners to improve security and reduce risks.
Overall, organizations need to put more emphasis on understanding the cyber risks their third parties pose. What risks does each third party bring to your company? Do they have access to your network? What would the impact be if they were to be breached? One of the key ways to do this is by engaging with your third parties, and assessing them based of the appropriate level of risk they pose and collaborating with them on a prioritized mitigation strategy.
It’s unlikely that the pressure facing businesses to become more efficient will lessen, which means larger digital ecosystems and more cyber risks to businesses. The only way to protect your organization from suffering a data breach as a result of a third party is to put more emphasis on understanding the cyber risks your third parties pose and working together to mitigate them.
Click here to learn how your organization’s third-party cyber risk management plan stacks up to the competition by taking our 5-minute Third-Party Cyber Risk Management Maturity Grader quiz.
Follow us on Twitter at @CyberGRX and help spread the word by joining in the online conversation using the #NCSAM hashtag!
And learn more about NCSAM online at: https://www.dhs.gov/national-cyber-security-awareness-month.