In your opinion, what is the biggest challenge faced by organizations when it comes to third-party risk management?

Security & GRC Third Party Risk Management (TPRM)

Limited visibility into third-party activities38%

Lack of resources for managing third-party risks31%

Insufficient contractual protections39%

Resistance from third parties to comply with security requirements37%

All of the above29%

None of the above

250 PARTICIPANTS

9.1k views17 Upvotes2 Comments

Sort by:

Lead Cloud Transformation Architect2 years ago

The biggest challenge faced by organisations when it comes to third-party risk management:

- Vendor Lock-in
- Lack of visibility and control
- Complexity of the third-party ecosystem
- Regulatory and compliance requirements
- Lack of resources and expertise to manage 3rd party risk
- Cultural and language differences
- Changing political landscape (eg. Russia based 3rd party vendors)

To address these challenges, organisations need to establish robust 3rd party risk management programs that include policies, risk assessments, contractual obligations, monitoring mechanisms, exit strategy, and ongoing communication with third parties

1 1 Reply

no title2 years ago

Hello,<br>indeed. The lock in is a serious problem and now speaking about whole business founded on data AI driven, it becomes a technological and potentially economic lock in.

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

In 2021, did your company's IT budget:

Increase89%

Decrease10%

What’s your top barrier to adopting AI-driven pentesting?

Lack of mature vendor solutions42%

Trust in AI accuracy62%

Budget constraints16%

Skills to operate the tools26%

View Results

When it's time to renew your firewall, what would be the way to ''challenge / validate'' the appliance specsheet? Since we can't test with that benchmark ourself, is there some certificates, standards or even external auditor that i can ask for? I don't want to blindly believe numbers vendors give me.

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

In your opinion, what is the biggest challenge faced by organizations when it comes to third-party risk management?

Sort by:

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

In 2021, did your company's IT budget:

What’s your top barrier to adopting AI-driven pentesting?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go