45% Organisations Faced Third-Party Related Business Interruption In Past 2 Years: Gartner

Despite increased investments in third-party cybersecurity risk management over the last two years, 45% of organisations experienced third party-related business interruptions, according to a Gartner survey of senior executives involved in TPCRM.According to Gartner, successful management of third-party cybersecurity risk depends on the security organisation’s ability to deliver on three outcomes—resource efficiency, risk management and resilience, and influence on business decision making. However, enterprises struggled to be effective in two out of those three outcomes, and only 6% of organisations are effective in all three, the survey found.While 59% of organisations were effective in resource efficiency, 35% were found to be able to deliver on risk management and resilience, and only 14% were effective in influence on business decision-making.“Third-party cybersecurity risk management is often resource-intensive, overly process-oriented and has little to show for in terms of results. Cybersecurity teams struggle to build resilience against third party-related disruptions and to influence third party-related business decisions,” said Zachary Smith, senior principal research at Gartner.Actions To Manage Third-Party Cybersecurity RisksBased on the survey findings, Gartner identified four actions that security and risk management leaders must take to increase their effectiveness in managing third-party cybersecurity risk. The survey found that organisations that implemented any of these actions saw a 40–50% increase in TPCRM effectiveness.Review How Effectively Risks Are Communicated To The Business Owner Of The Third-Party Relationship: Chief information security officers need to regularly review how well the business owner understands their messaging around third-party risks to ensure they are providing actionable insights around those risks.Track Third-Party Contract Decisions: Business owners will often choose to engage with a third party even if they are well-informed about associated cybersecurity risks. Tracking decisions helps security teams align compensating controls for risk acceptances and alerts security teams to particularly risky business owners that may require greater cybersecurity oversight.Conduct Third-Party Incident Response Planning: Effective TPCRM goes beyond identifying and reporting cybersecurity risks. CISOs must ensure the organisation has strong contingency plans (e.g., playbooks, tabletop exercises) in place to prepare for unexpected scenarios and to be able to recover in the wake of an incident.Work With Critical Third Parties To Improve Security Risk Management Practices: In a hyperconnected environment, a critical third-party’s risk is also an organisation’s risk. Partnering with the critical third parties to improve their security risk management practices helps promote transparency and collaboration.

45% Organisations Faced Third-Party Related Business Interruption In Past 2 Years: Gartner

Gartner highlights four actions organisations must take to increase third-party cybersecurity risk management effectiveness.

RECOMMENDED FOR YOU

BSE, NSE Warn Of Online-Bond-Platform Risks; Urge Investors To Do Due Diligence Before Investing

Rs 5,000 SIP Vs Rs 5,00,000 Lump Sum: Which Is Better?

NPS vs ELSS vs PPF: Where Does Your Money Work The Hardest? Returns, Risk And Taxes Compared

BlackRock's Investment Analytics, Risk Management Platform 'Aladdin' Launched In India

POPULAR

45% Organisations Faced Third-Party Related Business Interruption In Past 2 Years: Gartner

Gartner highlights four actions organisations must take to increase third-party cybersecurity risk management effectiveness.

RECOMMENDED FOR YOU

BSE, NSE Warn Of Online-Bond-Platform Risks; Urge Investors To Do Due Diligence Before Investing

Rs 5,000 SIP Vs Rs 5,00,000 Lump Sum: Which Is Better?

NPS vs ELSS vs PPF: Where Does Your Money Work The Hardest? Returns, Risk And Taxes Compared

BlackRock's Investment Analytics, Risk Management Platform 'Aladdin' Launched In India

POPULAR

Stock Tips With 500x Margin? This Delhi Stock Advisory Isn’t SEBI-Approved — But Its Ad Made Big Claims

HCLTech Shares Downgraded To 'Reduce' By Dolat Capital Post Muted Q1 Results — Check Target Price

Breaking News Live: Elon Musk's Tesla To Launch First India Showroom In Mumbai Today

Stock Market News Live: GIFT Nifty Indicates A Positive Start; HCLTech, Sun Pharma, Tata Tech Shares In Focus

Axis Bank Shares Gets Motilal Oswal's 'Neutral' Rating — Here's Why