<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">
Vendor Risk Management

Third-Party Cyber Risk: Blind Spots, Emerging Issues & Best Practices

Alex Campanelli | April 26, 2019

Recently, BitSight and the Center for Financial Professionals (CeFPro) released a joint report that explores how financial services organizations are addressing challenges associated with third-party cyber risk management.

Based on a survey of financial services professionals from around the world, the “Third-Party Cyber Risk for Financial Services: Blind Spots, Emerging Issues & Best Practices” report, shows that third-party cyber risk management is critical to organizations.

However, financial services companies struggle with a lack of continuous monitoring, consistent reporting, and other blind spots are creating challenges that could increase vulnerabilities to data breaches and other security incidents.

The expansion of the extended enterprise has reached a tipping point, fueled by cloud-based technology and outsourcing. In parallel, third-party data breaches are at an all-time high. In fact, Gartner estimates that by 2020, 75% of Fortune Global 500 companies will treat third-party risk management as a Board-level initiative to mitigate brand and reputation risk.

Current approaches to managing third-party cyber risk are helpful but only provide a brief snapshot. To proactively mitigate risk, organizations need automated tools that continuously measure and monitor the security performance of their third parties — such as security ratings.

Key findings from the "Third-Party Cyber Risk for Financial Services" report include:

  • Third-party cyber risk is driving key business decisions.
  • There is a lack of consistent third-party risk measurement and reporting.
  • A majority of organizations aren’t using critical tools.
  • Third-party risk management challenges and concerns for the future continue to grow.

Download the report to learn more about how global organizations are managing third-party risk. Q219 BitSight CEFPRO TPRM Financial Services Report Social Graphic (1)

Suggested Posts

New Study: Organizations Struggle to Manage Cyber Risk in Their Supply Chains

A new report from McKinsey & Company sheds light on something we’ve known for many years – organizations are struggling to make significant progress in managing cybersecurity risk in their supply chains.

READ MORE »

Eradicate Cyber Threats: Launch Your Third-Party Risk Management Program

When launching a third-party risk management (TPRM) program, one of the best places to begin to be proactive about mitigating cyber risk from your third parties is by examining the vulnerabilities present on their network. Despite global...

READ MORE »

3 Software Tools Transforming the Vendor Selection Process

The world of procurement has been fundamentally changed by the introduction of technology. Source-to-pay software has brought digital workflows and automation to time-consuming processes like creating RFPs, managing contracts, and...

READ MORE »

Subscribe to get security news and updates in your inbox.