The Cost of Third-Party Cybersecurity Risk Management
Third parties are inundated with assessments and enterprises aren't getting the insights they need - and the cost of failure is high.
In the past two years, 82% of organizations have experienced one or more data breaches caused by a third party, costing an average of $7.5 million to remediate.
of organizations believe vetting third parties is critical. However, 60% of organizations believe they are only somewhat or not effective at vetting third parties.
Third parties spend 15,000+ hours completing assessments each year
Enterprises only take action on 8% of the assessments they receive.
Retail & Financial Services
Reported the most third-party breaches, despite the fact that their third parties spend more than 16,500 hours a year filling in manual assessments.
Health & Pharma
are most likely to use a combination of tools to assess their third parties and less likely to have a third-party breach.
of organizations use manual procedures like spreadsheets and 51% employ risk scanning tools to vet their third parties.
of respondents said the results of these tools provide, at best, only somewhat valuable information.
The cost of failing to vet and evaluate third parties effectively is $13,000,000 (costs include potential impact on reputation and brand, decreases in share value, loss of business, etc.)