New Prevalent Study Reveals Organizations Are Not Equipped to Handle Increasing Third-Party Security Incidents
A staggering 45% still depend on manual processes, while incident response timelines multiply
PHOENIX, May 5, 2022 /PRNewswire/ -- Prevalent, Inc., the company that takes the pain out of third-party risk management (TPRM), today announced a new report, The 2022 Third Party Risk Management Industry Study: TPRM Programs Are at a Crossroads, which provides deep insights into current trends, challenges and initiatives impacting third-party risk management practitioners worldwide. The findings clearly illustrate that although organizations are starting to adapt their TPRM programs to address new and emerging non-IT risks, much more needs to be done to grow and mature these programs – specifically as it relates to incident response, compliance and the vendor lifecycle.
Key findings from the 2022 Third-Party Risk Management Study include:
45% of organizations experienced a third-party security incident in the last year – but are using disparate tools that extend incident response timelines
40% of organizations are paying more attention to non-IT security risks – but not enough
However, organizations continue to overlook less quantifiable non-IT risks such as modern slavery, anti-money laundering, and anti-bribery and corruption risks that could still lead to compliance violations, fines or negative reputational impacts.
TPRM is becoming more strategic but 45% of organizations are still using manual spreadsheets to assess third parties
These manual processes add unnecessary complexity and time to third-party risk audits, with 32% of respondents saying it takes more than a month – more than 90 days in some cases – to produce reporting and evidence required to meet regulatory audits.
"The past year has brought even more attention to the risks associated with third-party vendors and suppliers, specifically to the supply chain with continued cyber disruptions," stated Brad Hibbert, chief strategy officer for Prevalent. "And although today's survey illustrates that organizations are starting to view their third-party management programs more strategically, there is still more progress to be made. More and more companies are starting to assess non-IT risks, which is a step in the right direction. But unfortunately, over half are not – and that could lead to financial loss. Together with a comprehensive TPRM solution, companies can build a stronger defense against IT and reputational third-party risks."
The results of this study demonstrate that TPRM teams are making progress toward a more strategic approach to TPRM, but three areas require additional improvements to keep companies on track:
Download the full eBook for additional findings, context and recommendations to benchmark existing TPRM practices.
View original content to download multimedia:https://www.prnewswire.com/news-releases/new-prevalent-study-reveals-organizations-are-not-equipped-to-handle-increasing-third-party-security-incidents-301540146.html
SOURCE Prevalent, Inc.
Building Highly Available & Scalable APIs
Industrial IoT: The Innovation Never Stops
Moving To A Cashless Industry: The Ins and Outs of Cannabis and Hemp Banking and Credit Unions