Based on in-depth interviews with security executives from 30 participating organizations across multiple industries, RiskRecon revealed how companies are managing the security risks of their complex digital supply chains and sensitive business partnerships.
Researchers identified vendor-neutral capability sets comprising common, emerging, and pioneering practices that firms have implemented to manage third-party security risk.
“Enterprise risk officers are waking up to the reality that their information risk increasingly resides in the systems of their third-parties, beyond the bounds of their own network. You can outsource your systems and operations to third-parties, but you cannot outsource your risk,” said RiskRecon CEO Kelly White.
