How to measure and mitigate third-party risk in supply chains

The majority (71%) of organizations experienced at least one material third-party cybersecurity incident in the past year, and 5% reported 10 or more such incidents, according to a recent survey of 546 IT directors and CISOs by cybersecurity ratings vendor SecurityScorecard. Third-party involvement in breaches has doubled in recent years, surging from 15% to nearly 30%, according to supporting data from the 2025 Verizon Data Breach Investigations Report. Story by John Leyden: http://spr.ly/6040APs8q #DataBreach #RiskManagement #SupplyChain

The number is too high. The companies must be very careful and conservative about the Relation with the third Parties. ISO 27002 and BSI IT Geundschutz may help them about the policies. CSO:The majority (71%) of organizations experienced at least one material third-party cybersecurity incident in the past year, and 5% reported 10 or more such incidents, according to a recent survey of 546 IT directors and CISOs. spr.ly/6011APs8S https://lnkd.in/gG5gtnq8

71% of CISOs hit with third-party security incident this year Increasingly complex business partnerships and rising reliance on third-party software components are proving to be ever weakening cybersecurity links. https://lnkd.in/geuEwgZi #riskmanagement #mauverick #cybersecurity

🚨 71% of CISOs faced third-party security incidents in 2025 As companies use more SaaS tools, suppliers, and open-source code, attackers are finding new ways in. They don’t always break through firewalls, they often use trusted partners, weak setups, or stolen logins. Many organisations still don’t know exactly what software and suppliers they depend on. This lack of visibility makes it easy for one weak link to cause a big breach. Learn more : https://ow.ly/bYgi50WVCB6 #CyberSecurity #SupplyChainSecurity #CISO #RiskManagement #DataBreach

71% of CISOs hit with third-party security incident this year It IS the responsibility of a business to ensure that the partners and vendors they work with follow appropriate security and privacy compliance standards. Businesses must conduct thorough evaluations of their partners' cybersecurity posture, including verifying compliance with relevant regulations like GDPR, HIPAA, PCI DSS, and industry security certifications such as ISO 27001 or SOC 2. No excuses. No finger pointing. However being "in compliance" does not guarantee immunity from sophisticated cyber threats. If all you do is make sure you have checked the boxes necessary to protect you legally, but not protect your customers data ... #privacy #security https://lnkd.in/eWz64_DC

#RiskManagement Increasingly complex business partnerships and rising reliance on third-party software components are proving to be ever weakening cybersecurity links. https://lnkd.in/eHBeRNqq

Increasingly complex business partnerships and rising reliance on third-party software components are proving to be ever weakening cybersecurity links. https://lnkd.in/gjQJDXmC

#RiskManagement Increasingly complex business partnerships and rising reliance on third-party software components are proving to be ever weakening cybersecurity links. https://lnkd.in/eU7kNfwv

Increasingly complex business partnerships and rising reliance on third-party software components are proving to be ever weakening cybersecurity links. https://lnkd.in/es2Pd-4j #risk #thirdpartyrisk #3rdParyRisk #cybersecurity #cybercrime #cyberwar #infosec

Yikes. 71% is high. Considering how many 3rd party apps are currently over-permissioned/require overly permissive permissions, I believe it. "Increasingly complex business partnerships and rising reliance on third-party software components are proving to be ever-weakening cybersecurity links." https://lnkd.in/e98Punb5