Skip to main content
close search
site logo
Dive Brief

Report: Third parties increasingly pose data security risk

Published May 2, 2016
By
Contributing Editor
Dollar Photo Club

Dive Brief:

  • A report released Monday by the Ponemon Institute found that the risk associated with third party data sharing is growing, but the C-Suite is not adequately prioritizing the issue.

  • The report, sponsored by Shared Assessments, found that third party vendors and partners can significantly increase the risk of cyberattacks or data breaches.

  • As a result of "negligent or malicious" third parties, Ponemon researchers found that organizations spent an average of $10 million responding to security incidents.

Dive Insight:

As more companies enable third party access to their data, it’s essential they understand what each party is responsible for, especially when it comes to security measures. 

The Ponemon Institute surveyed 617 business executives who maintain a role in risk management processes. 

Though 70% of respondents say the third-party risk in their organization is significantly increasing with the growth of technologies like IoT and cloud, few companies have or are prepared to measure an effective third party risk management program.

The report also found that accountability for managing third-party risk is often dispersed throughout the organization.

"Not having one person or function with ownership of third party data risk is a serious barrier to achieving an effective third-party risk management program," said Larry Ponemon, the survey’s author. "Anytime you share responsibility you run the risk of it not getting done, or not getting done right."

Most survey respondents felt IoT and cloud were the biggest contributors to increased third-party data risk. Of those surveyed, 60% of respondents believe IoT increases third-party risk significantly and 68% of respondents believe migration to the cloud will increase risk.

Even though many believe third-party risk is rising, survey respondents felt that minimizing both downtime and business disruptions were bigger priorities. Only 8% of respondents said improvement of their organization’s relationship with business partners was the number one risk management objective for their organizations.

Recommended Reading

Filed Under: IT Strategy, Security

Editors' picks

Company Announcements

View all | Post a press release
Welo Data Launches Innovative Model Assessment Suite, Advancing Multilingual Causal Reasoning …
From Welocalize, Inc.
December 17, 2024
Newgen Software Receives Guidewire PartnerConnect Technology Excellence Award
From Newgen
January 02, 2025

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in IT Strategy
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.