July 24, 2024 at 05:58PM
The global supply chain network has increased organizations’ interconnectedness, posing a higher risk of data breaches and security incidents involving third-party vendors. Research shows 98% of organizations have experienced third-party cybersecurity breaches in the past two years. Investments in third-party risk management programs are rising, with a focus on using threat intelligence to manage risks effectively.
Based on the meeting notes, it is evident that the interconnected nature of global supply chains has increased the potential for data breaches and other security incidents involving third-party suppliers and partners. The Cyentia Institute’s research indicates that 98% of organizations have at least one third-party that suffered a cybersecurity breach within the previous two years.
To address these risks, organizations have increased their investments in third-party risk management (TPRM) programs. The EY Global Third-Party Risk Management Survey revealed that 90% of respondents are investing to improve the effectiveness of their TPRM programs. Additionally, experts suggest that top drivers for TPRM investments include regulatory demands, increased remote work, and data privacy, with a significant portion of investment being used for threat intelligence programs.
The meeting notes also highlight the importance of leveraging threat intelligence from various sources, such as open-source intelligence, commercial threat intelligence providers, industry-specific information sharing and analysis centers, and internal security data. By harnessing threat intelligence, organizations can gain a comprehensive understanding of the threat landscape and make informed decisions to manage third-party risks effectively.
Overall, the key takeaways from the meeting notes include the increasing need for robust third-party risk management programs, the significance of investing in threat intelligence to mitigate risks associated with third parties, and the importance of leveraging diverse sources of threat intelligence to comprehensively understand the threat landscape. Additionally, it’s noted that experts suggest downloading a report to learn how to get started with threat intelligence and how it can help reduce risks associated with third parties.