< Back to Blog
New Year’s Resolution: Manage Your Third-Party Security Better!
Security Best Practices & Advice

New Year’s Resolution: Manage Your Third-Party Security Better!

By Yaffa Klugerman Jan 02, 20193 min read

If you are worried about managing your third parties, you are not alone. Gartner reports that nearly 70% of chief audit executives reported third-party risk as one of their top concerns, but many still struggle to manage this risk.

Get the best third-party security content sent right to your inbox

Thanks for subscribing!

The reason? Because it’s a tough job.

Organizations rely on third parties, who receive access to businesses’ digitized systems and processes. These systems often contain confidential and sensitive information, and organizations must make sure that each third party maintains a high level of security to safely access these systems. Vetting these third parties and continuing to effectively monitor them for cyber gaps can be time-consuming and expensive.

So here’s a great New Year’s resolution for every business: Make 2019 the year that you take control of your third parties’ cybersecurity posture. Here are three good reasons why:

1. There are more third-party data breaches than ever before, and hackers are more sophisticated than ever before.

More than 75% of respondents in a recent Ponemon Institute report said that third-party data breaches are on the rise, but we probably could have guessed that simply from the frequency of data breaches reported in the news. The victims have included major companies such as Ticketmaster, Newegg, British Airways, and others.

Meanwhile, the complexity of the breaches indicates that hackers are becoming even more creative about how they steal personal data. In fact, 22% of CISOs polled admitted that they weren’t sure if they’d had a third-party data breach in the past 12 months. Chances are that your business might have already suffered a third-party breach—or will soon.

2. The number of third parties that organizations are hiring continues to rise.

According to the Ponemon report, the average number of third parties employed by organizations has increased from 378 in 2016, to 471 in 2017, to 588 in 2018. Which means that managing third parties will only continue to get more complicated.

3. There are more data privacy regulations and more penalties.

Move over, GDPR: There are more data privacy regulations on the way, and these hail from the United States.

Beginning January 1, 2020, the California Consumer Privacy Act will go into effect, granting California citizens certain data privacy rights. These include:

  • the right to know what personal information is being collected about them
  • the right to delete data they have posted
  • the right to know the categories of third parties with whom data is shared
  • the right to access their personal information

Penalties for not complying with CCPA—while not as high as GDPR—are still significant: $2,500 per violations for negligent violations and up to $7,500 per violation for intentional violations.

Data regulations are being passed in other states as well. Vermont recently became the first in the nation to regulate the companies that buy and sell personal information. In Colorado, a new law focuses on how companies handles personal identifying information. And New Jersey and Washington have also passed laws on retail data and biometric data, respectively.

All told, the stakes are even higher for businesses to better manage personal data, as well as the third parties who can access it.

How Can You Manage Your Third Parties?

Automated third-party security management is the way to go. Using a solution such as Panorays, companies can rapidly evaluate and continuously monitor third-party security posture while ensuring compliance to regulations like GDPR and CCPA.

Interested in learning more? Contact us for more information.

Author Thumbnail
Yaffa Klugerman

Yaffa Klugerman is Director of Content Marketing at Panorays. She enjoys writing about the cyber world, drinking too many cappuccinos and arguing about the use of serial commas.

You may also like...
Sales Security Blog
Sep 28, 2022 Verifiable Security Posture Can Help Shorten Sales Cycles Aviva Spotts
Third-Party Security Risk Management
Sep 06, 2022 Third-Party Security Risk Management: A Critical Component of Your Risk… Aviva Spotts
Anatomy of a Healthcare Data Breach
Aug 03, 2022 Anatomy of a Healthcare Data Breach Demi Ben-Ari
Get Started Free
We use cookies to ensure you get the best experience on our website. Visit our Cookie Policy for more information.
Get our latest posts straight to your inbox Subscribe