Despite 84% of businesses claiming to prioritize third-party risk management, more than 40% of companies have insufficient visibility over their digital supply chain, according to a Panorays study.
"Organizations are managing a substantial number of third-party relationships, and it's clear that third-party security risk management needs to be a priority for businesses in all sectors," says Matan Or-El, CEO and co-founder of Panorays. "However, our report indicates that many companies are not fully utilizing effective strategies for continuous risk monitoring and visibility across the digital supply chain."
"Companies must prioritize third-party security risk management and maintain constant vigilance in understanding the identity and significance of their third-party partners,” adds Demi Ben-Ari, CTO of Panorays. "Our report highlights the need for strategic refinement and ongoing adaptation in third-party risk management methodologies."
- 84% of organizations prioritize third-party security risk management, indicating a growing awareness of the potential threats posed by third-party relationships.
- Only 13% of organizations continuously monitor the security risks of their third parties, highlighting a significant gap in current risk management practices, especially when considering critical vendors.
- 44% take three weeks or more to onboard a new third party, highlighting the complexity of managing third-party relationships – especially when companies have hundreds or thousands of third parties.
- 52% find manual data collection and vendor communication cumbersome, suggesting the need for more automated, streamlined processes.
- 43% have an insufficient view of fourth-party vendor security risks, revealing a need for enhanced visibility across the entire supply chain.