A new report shows that 13% of organizations continuously monitor the security risks of their third parties. This reveals a gap in current risk management practices, especially when considering critical vendors.

Panorays, recently released the Navigating Third-Party Security Risks in 2023: Mid-Year Insights and Trends report which delves into the increasing risks of cyberattacks in today's digital supply chain, a growing concern for businesses worldwide.

The report's findings — collected between February and April 2023 — tapped 100 IT security executives, including senior decision-makers, with 30% holding CxO titles, 17% as VPs, 22% as directors, 20% as senior managers, and 11% as security analysts, architects or engineers.

These perspectives from across industries provide a broad understanding of the challenges and strategies in third-party risk management. 

Key report highlights

• 84% of organizations prioritize third-party security risk management, indicating a growing awareness of the potential threats posed by third-party relationships.
   
• Only 13% of organizations continuously monitor the security risks of their third parties, highlighting a gap in current risk management practices, especially when considering critical vendors.
   
• 44% take three weeks or more to onboard a new third party, highlighting the complexity of managing third-party relationships — especially when companies have hundreds or thousands of third parties.
   
• 52% find manual data collection and vendor communication cumbersome, suggesting the need for more automated, streamlined processes.
   
• 43% have an insufficient view of fourth-party vendor security risks, revealing a need for enhanced visibility across the entire supply chain.