Third Party Risk Management - Consultancy, Assessment & Advisory

Second Annual Study released on IoT Third Party Risk

TheIoT Third Party Risk - 2nd Annual Report Internet of Things (IoT):

A New Era of Third-Party Risk

Ponemon Institute: March 2018

With the proliferation of IoT devices in the enterprise, managing Third Party risks to sensitive and confidential data has become a herculean task. As revealed in The Second Annual Study on the Internet of Things (IoT): A New Era of Third-Party Risk, companies are deeply concerned that failure to prevent a data breach or cyber attack due to an unsecured IoT device would have catastrophic consequences.

This Third Party Risk study sponsored by Shared Assessments and conducted by Ponemon Institute is built upon responses from 605 individuals who participate in corporate governance and/or risk oversight activities, and are familiar with the use of IoT devices in their organization are included in this study.


Headline results

This year’s study shows that while there have been some advances in Third Party risk focused on IoT devices and applications from 2017, risk management in this area is still at a relatively low level of maturity. However:

The Awareness of IoT Risk Is Increasing at a Faster Rate than the Maturity of Practices

Risk Management Practices Focused on IoT Are Uneven

The Gap between Internal and Third Party IoT Risk Monitoring Is Substantial

meaning there still much to be done to establish better understanding and mitigation of the risk associated with IoT.


Download the Full Report today

Simply visit the Shared Assessments website to download your copy of the report.


IoT Third Party Risk – Take Action Now 

The effective assessment and mitigation of Third Party risk is critical to ensuring the security posture of any organisation and the threats posed by the proliferation of IoT devices within the internal and extended IT landscape are no exception.

We encourage all our clients to compliment any new or existing Third Party Risk Management process with the additional scope of IoT Third Party risk to add a significant level of maturity to their TPRM program.

Learn more about DVV Solutions’ Third Party Risk Management services and solutions.


About Shared Assessments

As the trusted source in third party risk, the member-driven Shared Assessments Program has been setting the standard in third party risk assessments since 2005. Shared Assessments Program members work together to build and disseminate best practices, building resources that give all third party risk management stakeholders a faster, more rigorous, more efficient means of conducting security, privacy and business resiliency control assessments.