Ever since the Target and Home Depot breaches were traced to intrusions at their vendors, the management of cybersecurity at third-party vendors has been a focus of companies and regulators. The FTC has flagged the issue, as has the SEC. The DoD has imposed strict cybersecurity requirements for contractors that “flow down” to sub-contractors.
But despite an increasing focus on the full lifecycle of third-party risk management, vendor incidents continue to represent a high percentage of reported data breaches. According to a March 2016 Ponemon Institute report, 49 percent of survey respondents indicated that their organization experienced a data breach caused by a vendor.
Continue Reading Are You Prepared for Your Vendor’s Data Breach?