Complete Story


The Challenges of Managing Third-Party Vendor Security Risk

The State of Security

It’s no longer enough to secure your own company’s infrastructure; you now must also evaluate the risk of third-party vendors and plan and monitor for breaches there, too. Data breaches are reported in the news all the time, and more than 60 percent of them are linked to a third-party. When you’re a business owner, that is a scary statistic.

Third-Party Vendor Security Risks

A big part of your third-party risk management (TPRM) planning should be to follow the standard practice of assessing the risk and classifying each vendor. First, make a list of each vendor and determine how integrated they are with your company, what data is exposed to them and where the potential risks lie.

Next, classify each vendor into a category based on the type of risk, whether or not multiple risk areas exist with that vendor and what actions must be taken to remediate the risk.


Printer-Friendly Version