Many organizations use hundreds or even thousands of third party vendors. They connect to their networks, access private corporate data, and too often, as we saw in the case of Edward Snowden and more recently Harold Martin, elevate organizations’ cyber risk. A 2016 Ponemon Institute study showed 73 percent of organizations see the number of cyber security incidents involving vendors increasing and sixty-five percent say it is difficult to manage cyber security incidents involving vendors.
Each third party vendor employee that has access to organizations’ sensitive data poses a cyber risk. Just one misstep, whether intentional or not, becomes an active insider threat that could lead to a compromise.
Leave a reply