Aggregated Vendor Risk - The Cyber Security Blind Spot
By Angelina Yang, David Zelinger, Thomas Lee, Nagaraja Kumar Deevi
A featured article of our April 2020 edition of PRMIA's Intelligent Risk quarterly newsletter
Companies in all industries are relying on hundreds, sometimes thousands, of vendors to manage the complexity of today’s business landscape. This web of vendors can include suppliers, contractors, SaaS, PaaS and IaaS. This increasing access and movement of sensitive data across internal and external systems creates a significant and growing cyber security risk, with about 50% of large PIIdata breaches caused by third parties. An analysis of data breach costs finds that these third party breaches are just as impactful, causing significant business, reputational and operational impact. Third party risk is also not limited to data breaches. For the financial industry, 75% of Foreign Corrupt Practices Act (FCPA) cases resulted from third party partners.
Continue to Read [PDF]
About the Intelligent Risk
Intelligent Risk is PRMIA's quarterly publication, bringing all PRMIA members free access to knowledge and information about risk management for financial institutions as well as current information on PRMIA chapters, committees, academic partners, news and events.
Individual articles from each edition are published under our members only
Risk Library resources section. PRMIA is sharing select articles from the April 2020 edition with the public. Get more articles like this by joining PRMIA today.
PRMIA Membership Information