December 2, 2019

Third-Party Risk Management

Cybersecurity risks and exposures for organizations are at an all-time high and rising. Beyond the cyber risks emanating from within an organization’s own network and vulnerabilities, organizations augment their exposure when they hire third-party vendors. In fact, vendors that provide hosting services or enable key supply chain functions of an organization are considered by many observers to be one of the most significant insider threats to networks.

Vendors such as core hosting providers, cloud providers, and the evolution of IoT devices used through third party vendors or service providers, and at times fourth party service providers, create another level of significant risks and threats. An organization can have fortress-grade security posture within its four walls, but when it outsources to third-party service providers, and provides a connection to its network, the organization is no longer in control of the entire perimeter.

Rocco Grillo, Managing Director with Alvarez & Marsal’s Disputes and Investigations Global Cyber Risk Services practice, explains in an article published by CIOReview how companies can avoid outsourcing the risk when they use vendors.

Read the full article in CIOReview here.

Authors
FOLLOW & CONNECT WITH A&M