Security NewswireSecurity Leadership and ManagementCybersecurity News

Third Party Risk on the Rise; Risk Mitigation is Low Priority

May 2, 2016

Respondents to a survey on third party risk report that third party risk in their organization is increasing significantly.

The Ponemon Institute surveyed 617 executives who have a role in the risk management processes within their organizations to determine the following:

•The state of third party risk management.
•The importance of values and a positive tone to effective third party risk management.
•Third party risk assessment and management practices.
•The use of technologies and cyber insurance to manage third party risk.

"The threat landscape is constantly evolving, and as a result, third party risk is only going to increase," said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. "It has become imperative for organizations to create formal programs for vendor risk management in order to avoid being compromised, and more importantly, business leaders need to set a strong example."

In the context of the study, "tone at the top" describes an organization's control environment, as established by its C-Suite and Board. The tone at the top is set by management and affects all employees of the organization. According to the study findings, neither the C-Suite nor the Board are overly involved in third party risk management and, for most companies, there is no clear accountability at all when it comes to handling risk. Respondents overwhelmingly agreed that the best way to mitigate third party risk is for organizations to adopt a positive "tone at the top."

Other key findings:

•Cloud computing, mobility and mobile devices, and big data analytics will have a significant impact, according to 71 percent, 67 percent and 51 percent of respondents, respectively.
•50 percent of respondents do not believe the risk management process is aligned with business goals.
•Only 8 percent of respondents say improvement of their organization's relationship with business partners is a top risk management objective.
•11 percent of respondents say their organizations are very effective at communicating values throughout the enterprise or to business partners, vendors and other third parties.
•71 percent of respondents say when tone at the top is part of an organization's risk management strategy, the risk of working with third parties that are not trustworthy is reduced.
•81 percent of respondents in financial services say that a strong tone at the top is essential to mitigating business risk.
•Only 7 percent of respondents in financial services say that improving the organization's relationship with business partners is a top risk management priority.

http://sharedassessments.org/ponemon-study/


 

KEYWORDS: cyber security analytics security risk management security vendor

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Related Articles

Related Products

See More ProductsSee More Products

Events

View AllSubmit An Event
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    ON DEMAND: In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. We'll explore how forward-thinking organizations are elevating risk mitigation from a necessary cost to a source of strategic value. 
View AllSubmit An Event

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!