Third-Party Cyber Risk: Blind Spots, Emerging Issues & Best Practices
Alex Campanelli | April 26, 2019
Recently, BitSight and the Center for Financial Professionals (CeFPro) released a joint report that explores how financial services organizations are addressing challenges associated with third-party cyber risk management.
However, financial services companies struggle with a lack of continuous monitoring, consistent reporting, and other blind spots are creating challenges that could increase vulnerabilities to data breaches and other security incidents.
The expansion of the extended enterprise has reached a tipping point, fueled by cloud-based technology and outsourcing. In parallel, third-party data breaches are at an all-time high. In fact, Gartner estimates that by 2020, 75% of Fortune Global 500 companies will treat third-party risk management as a Board-level initiative to mitigate brand and reputation risk.
Current approaches to managing third-party cyber risk are helpful but only provide a brief snapshot. To proactively mitigate risk, organizations need automated tools that continuously measure and monitor the security performance of their third parties — such as security ratings.