Panorays’ 2025 CISO Survey Reveals Critical Gaps and Urgent Priorities in Third-Party Cyber Risk Management.
New York, January 2025 – Panorays, the leader in third-party cyber risk management solutions, has released its 2025 CISO Survey for Third-Party Cyber Risk Management, providing insights on the evolving landscape of third-party cybersecurity. The report, based on insights from 200 CISOs across the U.S., explores the priorities, challenges, and trends shaping third-party cyber risk strategies for the coming year.
The findings make clear a stark reality: while 91% of CISOs report an increase in third-party cybersecurity incidents, only 3% have full visibility into their supply chains, including fourth and nth-party relationships. This lack of comprehensive visibility underscores the need for advanced tools and strategies to mitigate growing risks.
Key Findings:
- Rising Third-Party Incidents: 91% of CISOs experienced an increase in incidents over the past year, driven by unresolved vulnerabilities and expanding supply chain complexities.
- Resource Constraints: 98% of organizations leave at least 10% of third-party vulnerabilities unresolved due to limited resources.
- AI Adoption: 27% of CISOs currently use AI for vendor assessments, with 69% planning adoption in 2025 to enhance efficiency and scalability.
- Budget Disconnect: 81% of respondents report insufficient funding to address third-party risks effectively.
“This year’s survey reveals a troubling story: third-party risks are growing faster than the resources organizations have to address them,” said Matan Or-El, CEO of Panorays. “As supply chains become more complex and interconnected, the need for smarter, AI-driven solutions is no longer optional, it’s critical for businesses to stay secure.”
The Growing Role of AI in Third-Party Cyber Risk Management
The report emphasizes the transformative potential of AI in streamlining vendor assessments and mitigating risks. On average, organizations leveraging AI report a 44% reduction in time spent on assessments, enabling teams to focus on higher-value tasks.
A Call to Action for CISOs
With 95% of surveyed CISOs predicting a continued rise in third-party incidents in 2025, the need for proactive measures is more urgent than ever. Panorays’ report offers actionable insights to help organizations enhance visibility, prioritize risks, and allocate resources more effectively.
About the Survey
The 2025 CISO Survey was conducted in November 2024 in collaboration with Global Surveyz, an independent research company. Participants included CISOs from industries such as finance, healthcare, technology, and professional services, representing organizations with 1,000 to over 10,000 employees.
About Panorays
Panorays is a global provider of third-party cybersecurity management software. Adopted by leading banking, insurance, financial services, and healthcare organizations, Panorays enables businesses to optimize their defenses for each unique third-party relationship. With personalized and adaptive third-party cyber risk management, Panorays helps businesses stay ahead of emerging threats and delivers actionable remediations with strategic advantages with over 1,000 customers worldwide. The company serves enterprise and mid-market customers primarily in North America, the UK and the EU, Headquartered in New York and Israel, with offices around the world, Panorays is funded by numerous international investors, including Aleph VC, Oak HC/FT, Greenfield Partners, BlueRed Partners (Singapore), StepStone Group, Moneta VC, Imperva Co-Founder Amichai Shulman and former CEO of Palo Alto Networks Lane Bess. Visit us at panorays.com.
For more information, visit panorays.com or contact us at info@panorays.com.
