How to manage third-party cybersecurity risks that are too expensive to ignore • TechCrunch


Many cyber security expertsMost, if not all, have experienced the feeling of “after the breach” – the moment you realize you need to tell your customers that one of your suppliers has had a data breach and their personal information may have been compromised.

Such situations involve spending a significant amount of time and resources to fix the problem caused by the third party. No matter how well you clean things up, your company’s reputation will cost you in lost business down the road.

The reality is that the consequences of not managing third party risk properly are too costly to ignore.

The cost of ignoring cyber risk

Ransomware attacks, data breaches and widespread IT service outages have been voted as the most pressing concerns for companies worldwide this year. More than seven in ten organizations fear that third parties have too much control over customer data, including unnecessarily broad permissions and consents. Of the 44% of organizations that reported a data breach last year, 75% said the breach was the result of a third party gaining excessive privileges.

Because they are seamlessly integrated with many aspects of modern organizations, the risks of third-party providers are your risks.

While third-party cyber risk management is important to maintaining customer trust, it is also critical for organizations looking to purchase cyber insurance policies. All it takes is a random email containing personal information sent to the wrong customer, and the basic requirements for a data breach are met. Add in the various state and federal data laws and costs associated with remediation, and it becomes clear why every organization can benefit from cyber insurance.

As many contracts between businesses contain cyber insurance clauses, it is important to consider the impact of security standards on obtaining a policy. To put it bluntly, the better your security requirements, the better your rates will be, especially in this era of rising cyber insurance premiums.

Cyber ​​insurance providers want to see that you have high security standards before issuing a policy, so effective third-party risk management can mean the difference between insurers giving you a good rate or deeming you ineligible for coverage.

How to manage third party risk

An organization’s ability to proactively manage third-party cyber risk depends on its risk management strategies. According to Forrester, 70% of corporate decision makers agree that third-party risk is a business priority, but 69% use manual processes in their third-party risk programs.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

20 − nineteen =