A New Era of Third-Party Risk
Ponemon Institute: March 2018
With the proliferation of IoT devices in the enterprise, managing Third Party risks to sensitive and confidential data has become a herculean task. As revealed in The Second Annual Study on the Internet of Things (IoT): A New Era of Third-Party Risk, companies are deeply concerned that failure to prevent a data breach or cyber attack due to an unsecured IoT device would have catastrophic consequences.
This Third Party Risk study sponsored by Shared Assessments and conducted by Ponemon Institute is built upon responses from 605 individuals who participate in corporate governance and/or risk oversight activities, and are familiar with the use of IoT devices in their organization are included in this study.
This year’s study shows that while there have been some advances in Third Party risk focused on IoT devices and applications from 2017, risk management in this area is still at a relatively low level of maturity. However:
The Awareness of IoT Risk Is Increasing at a Faster Rate than the Maturity of Practices
Risk Management Practices Focused on IoT Are Uneven
The Gap between Internal and Third Party IoT Risk Monitoring Is Substantial
meaning there still much to be done to establish better understanding and mitigation of the risk associated with IoT.
Download the Full Report today
Simply visit the Shared Assessments website to download your copy of the report.
IoT Third Party Risk – Take Action Now
The effective assessment and mitigation of Third Party risk is critical to ensuring the security posture of any organisation and the threats posed by the proliferation of IoT devices within the internal and extended IT landscape are no exception.
We encourage all our clients to compliment any new or existing Third Party Risk Management process with the additional scope of IoT Third Party risk to add a significant level of maturity to their TPRM program.
Learn more about DVV Solutions’ Third Party Risk Management services and solutions.
About Shared Assessments
As the trusted source in third party risk, the member-driven Shared Assessments Program has been setting the standard in third party risk assessments since 2005. Shared Assessments Program members work together to build and disseminate best practices, building resources that give all third party risk management stakeholders a faster, more rigorous, more efficient means of conducting security, privacy and business resiliency control assessments. www.sharedassessments.org