Businesses are ignoring third-party security risks

In the dynamic business landscape where third-party relationships assume a critical role, organizations confront various risks that can profoundly affect their security and compliance requirements, according to Panorays.

Even amidst tough economic times, the crucial nature of these risks necessitates proactive management. This report unveils statistics and trends that shed light on the pressing challenges and emerging strategies in third-party risk management.

The risks lurking in third-party relationships

With 58% of companies managing over 100 vendors, 8% of which manage over 1,000, the need for a robust Third-Party Security Risk Management (TPSRM) process becomes abundantly clear.

84% of organizations prioritize third-party security risk management, indicating a growing awareness of the potential threats posed by third-party relationships. Only 13% of organizations continuously monitor the security risks of their third parties, highlighting a significant gap in current risk management practices, especially when considering critical vendors.

44% take three weeks or more to onboard a new third party, highlighting the complexity of managing third-party relationships – especially when companies have hundreds or thousands of third parties. 52% find manual data collection and vendor communication cumbersome, suggesting the need for more automated, streamlined processes.

43% have an insufficient view of 4th party vendor security risks, revealing a need for enhanced visibility across the entire supply chain.

Data breach costs reach $4.35 million

The report underscores that in the face of an increasingly complex regulatory environment, organizations are grappling with managing a multitude of third-party relationships, with 58% of companies managing over 100 vendors. Despite these challenges, the crucial nature of third-party risks necessitates proactive management, especially given the high stakes associated with data breaches that average $4.35 million in costs according to a recent IBM and Ponemon report.

“Organizations are managing a substantial number of third-party relationships, and it’s clear that third-party security risk management needs to be a priority for businesses in all sectors,” said Matan Or-El, CEO at Panorays. “However, our report indicates that many companies are not fully utilizing effective strategies for continuous risk monitoring and visibility across the digital supply chain.”

“Companies must prioritize third-party security risk management and maintain constant vigilance in understanding the identity and significance of their third-party partners” added Demi Ben-Ari, Co-Founder and CTO at Panorays. “Our report highlights the need for strategic refinement and ongoing adaptation in third-party risk management methodologies,” added Or-El.