“INCREASINGLY , IDENTITY- CENTRIC ZERO TRUST FRAMEWORKS WILL BE THE BEST CHOICE FOR ANY SECURITY-CONSCIOUS ORGANISATION ”
CYBERSECURITY
Working with third parties is a necessity for modern businesses . These relationships are critical to business success – delivering affordable , responsive and scalable solutions that can help organisations to grow and adapt according to the needs of their customers . But as reliance on third parties grows – according to Gartner , 60 % of organisations now work with more than 1,000 third parties – so does the exposure to additional risk .
Third parties , such as vendors , partners , or service providers , often have access to an organisation ' s sensitive information , systems and networks . This access can make organisations vulnerable to data breaches , cyber attacks , and other security incidents , especially if the third party ' s security controls are insufficient or if the third party is targeted by cybercriminals .
“INCREASINGLY , IDENTITY- CENTRIC ZERO TRUST FRAMEWORKS WILL BE THE BEST CHOICE FOR ANY SECURITY-CONSCIOUS ORGANISATION ”
MARC ROGERS EXECUTIVE DIRECTOR OF CYBERSECURITY , OKTA
Additionally , third parties may have their own vulnerabilities that could be exploited to gain access to an organisation ' s network . By identifying and managing third party risk , organisations can better protect themselves against cyber threats and ensure that their sensitive information and systems are secure .
A survey from the CyberRisk Alliance and SecurityScorecard found that over a third of respondents had at least 100 thirdparty vendors . Of those , 91 % said they had experienced a related security incident .
To benefit from the rewards strong third-party relationships can offer , it ’ s vital for organisations to manage the risks . That is where a rigorous Third Party Risk Management ( TPRM ) programme comes in .
Today , businesses inherit the cyber-risk posture of not just their direct , third-party vendors , but also of their vendors ’ vendors – often known as ‘ Nth party ’.
A report by The Ponemon Institute explains that while many businesses continue to outsource critical business processes to third parties , 63 % of organisations don ’ t have visibility into the level of network access and permissions for internal or external users , and have a limited-
42 March 2023