Aggregated Vendor Risk - The Cyber Security Blind Spot

By Angelina Yang, David Zelinger, Thomas Lee, Nagaraja Kumar Deevi

A featured article of our April 2020 edition of PRMIA's Intelligent Risk quarterly newsletter

Companies in all industries are relying on hundreds, sometimes thousands, of vendors to manage the complexity  of  today’s  business  landscape.  This  web  of  vendors  can  include  suppliers,  contractors,  SaaS,  PaaS  and  IaaS.  This  increasing  access  and  movement  of  sensitive  data  across  internal  and  external  systems  creates  a  significant  and  growing  cyber  security  risk,  with  about  50%  of  large  PIIdata breaches caused by third parties. An analysis of data breach costs finds that these third party breaches  are  just  as  impactful,  causing  significant  business,  reputational  and  operational  impact.  Third party risk is also not limited to data breaches. For the financial industry, 75% of Foreign Corrupt Practices Act (FCPA) cases resulted from third party partners.

Continue to Read [PDF]

About the Intelligent Risk

Intelligent Risk is PRMIA's quarterly publication, bringing all PRMIA members free access to knowledge and information about risk management for financial institutions as well as current information on PRMIA chapters, committees, academic partners, news and events.

Individual articles from each edition are published under our members only Risk Library resources section. PRMIA is sharing select articles from the April 2020 edition with the public. Get more articles like this by joining PRMIA today.

PRMIA Membership Information 

Thank you to our sponsors, including:


Contact Us

Looking to further your career?

Become a Member

Sign Up for Mailing List