KPMG recently hosted a third-party security roundtable for cyber leaders. We heard from a diverse range of voices on how third-party security functions are innovating to keep ahead of expectations from business, affiliates, vendors, regulators, and clients. Themes that emerged from this discussion included:
- Cracks are emerging in traditional approaches tp third-party security
- Regulators are paying increased interest into how organizations manage third-party security
- There is a widening divergence of approaches to risk management between regulated organizations and their third parties
- Tensions between third-party security programs and the business remain unsolved
- The current maturity of utilities does not provide a “one-stop shop”
- Organizations are incorporating threat intelligence into third-party security programs
- Organizations are rethinking hoe they share security information with their clients
Third-party security roundtable insights
This paper seeks to explain the emerging third party risks and the approaches companies can take to mitigate these cyber risks.