TMCnet News
New Survey Reveals Third Party Risk on the Rise While Risk Mitigation is Low on the Priority ListSANTA FE, N.M., May 2, 2016 /PRNewswire/ -- Given today's cyber security climate, it is no surprise that companies are wary of the risks associated with third party vendors. Unfortunately, these risks are only growing with the increase in disruptive technologies such as the Internet of Things and Cloud technologies. According to a survey released today conducted by the Ponemon Institute, an independent research firm focused on privacy, data protection and information security policy, and commissioned by the Shared Assessments Program, the industry-standard body on third party risk assurance, 70 percent of respondents believe that third party risk in their organization is increasing significantly. In fact, the new report, "Tone at the Top and Third Party Risk," shows that in the past 12 months, organizations spent an average of approximately $10 million to respond to security incidents as a result of negligent or malicious third parties. The Ponemon Institute surveyed 617 executives who have a role in the risk management processes within their organizations to determine the following:
"The threat landscape is constantly evolving, and as a result, third party risk is only going to increase," said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. "It has become imperative for organizations to create formal programs for vendor risk management in order to avoid being compromised, and more importantly, business leaders need to set a strong example." In the context of this study, "tone at the top" describes an organization's control environment, as established by its C-Suite and Board. The tone at the top is set by management and affects all employees of the organization. According to the study findings, neither the C-Suite nor the Board are overly involved in third party risk management and, for mot companies, there is no clear accountability at all when it comes to handling risk. Respondents overwhelmingly agreed that the best way to mitigate third party risk is for organizations to adopt a positive "tone at the top." "If management exemplifies honesty, integrity and ethics, it is much more likely that employees will work to uphold those same values. As a result, there will be a decrease in risks caused by insider negligence and third party relationships," said Charlie Miller, Senior Vice President with the Shared Assessments Program. "This study clearly demonstrates that not only is there a major risk issue stemming from vendor and partner relationships, but the highest level of organizations, the Board and C-Suite, need to better communicate their values across the enterprise, setting a positive tone and creating formal programs to mitigate this risk, ultimately helping companies to improve their risk management practices." The following are some of the other key findings that indicate the primary risks associated with third party vendors:
For more information on the report, visit: http://sharedassessments.org/ponemon-study/. About the Shared Assessments Program About Ponemon Institute
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/new-survey-reveals-third-party-risk-on-the-rise-while-risk-mitigation-is-low-on-the-priority-list-300260394.html SOURCE Shared Assessments Program |