In your opinion, what is the biggest challenge faced by organizations when it comes to third-party risk management?

Security & GRC Third Party Risk Management (TPRM)

Limited visibility into third-party activities44%

Lack of resources for managing third-party risks28%

Insufficient contractual protections38%

Resistance from third parties to comply with security requirements36%

All of the above26%

None of the above

253 PARTICIPANTS

9.2k views17 Upvotes2 Comments

Sort by:

Lead Cloud Transformation Architect3 years ago

The biggest challenge faced by organisations when it comes to third-party risk management:

- Vendor Lock-in
- Lack of visibility and control
- Complexity of the third-party ecosystem
- Regulatory and compliance requirements
- Lack of resources and expertise to manage 3rd party risk
- Cultural and language differences
- Changing political landscape (eg. Russia based 3rd party vendors)

To address these challenges, organisations need to establish robust 3rd party risk management programs that include policies, risk assessments, contractual obligations, monitoring mechanisms, exit strategy, and ongoing communication with third parties

1 1 Reply

no title2 years ago

Hello,<br>indeed. The lock in is a serious problem and now speaking about whole business founded on data AI driven, it becomes a technological and potentially economic lock in.

Content you might like

How do you view collaboration with security teams, and does it make your work more meaningful to get involved in security projects?

I see collaboration with security teams as important, and it makes my work more meaningful to contribute to security projects.49%

I see collaboration with security teams as important, but it does not necessarily make my work more meaningful.43%

I view collaboration with security teams as somewhat important, but I do not see it as a major aspect of my work.5%

I do not view collaboration with security teams as important or relevant to my work.1%

View Results

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

How confident are you in your organization's security awareness training program?

Very confident, it is comprehensive and effective37%

Somewhat confident, it covers the basics but could be improved39%

Not very confident, it needs significant improvements21%

My organization does not have a security awareness training program.3%

View Results

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

In your opinion, what is the biggest challenge faced by organizations when it comes to third-party risk management?

Sort by:

Content you might like

How do you view collaboration with security teams, and does it make your work more meaningful to get involved in security projects?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

How confident are you in your organization's security awareness training program?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go