Over the last two years, the number of cybersecurity incidents involving vendors has increased dramatically. Although organizations have strengthened their vendor assessment programs, improvements are still required. While it is important to manage incidents related to products, services, and tools offered by vendors, organizations should also consider the possibility of risk incidents happening at the vendor’s end, especially when they deal with customer data or confidential information. Many organizations still do not have visibility beyond their tier 1 vendors, and also believe that their vendors will not notify them of any incidents, if and when these incidents do occur.
Read more in the MetricStream Insight