Third-Party Risk: Results From A Major Survey

February 15, 2022
White Papers

From SolarWinds and the Colonial Pipeline to Kaseya and Log4J, the global economy has seen the damage of ignoring third-party risks until it is too late, especially cyber attacks. As our world continues to become more connected, the cybersecurity of every part of your supply chain must remain strong because the next episode is likely already underway. 

Click here to download “Third-Party Risk: A Turbulent Outlook,” a new research study from Interos that explores the risk that third-party suppliers add to your supply chain and how companies so far have struggled to prepare for these threats. As you read, you’ll learn how leading organizations are setting an example for others to follow; you may even be able to draw inspiration to apply to your own organization as it tackles third-party risks. 

Discover the Impact of Third-Party Risk

By reading the research study, you’ll discover: 

  • The full extent of the SolarWinds Orion SUNBURST attack and other devastating breaches
  • How global events in 2020 and 2021 caused a shift to rely more heavily on third-parties.
  • The degree of supply chain visibility (or lack thereof) firms report, and how improved visibility is becoming a rising priority.
  • The ways different departments split up the process of evaluating third-parties, and the assessment tools they use.
  • The most-feared potential impacts of upcoming breaches, and how decision-makers are preparing to handle potential threats. 
  • The strategies employed by third-party risk management “champions,” including the use of cutting-edge technology

Among the study’s key findings: 

  • 60% of respondents experienced an IT security incident in the past two years due to a third-party partner with access privileges and were most likely to have sensitive data stolen or suffered some business outage. 
  • 52% of those who experienced attacks tied to third-party risk indicated they lost less than $100,000 in damages, and another 45% incurred higher costs, with a few paying $1 million or more. 
  • Victims impacted by the SolarWinds supply chain attack suffered everything from day-long shutdowns to crucial data leakages.
  • Perhaps because of real or perceived threats from SolarWinds and similar attacks, 70% of respondents ranked cyber the No. 1 or No. 2 risk among their third-party/supply chain partners. 

View next

Ensure Operational Resilience

Request Contact

Build operational resiliency into your extended supply chain:

  • 889 compliance – ensure market access
  • Data sharing with 3rd parties and beyond – protect reputation
  • Concentration risk – ensure business continuity
  • Cyber breaches – assess potential exposure
  • Unethical labor – avoid reputational harm
  • On-boarding and monitoring suppliers – save time and money