A classic procurement conundrum: thoroughness vs. speed. 

When contracts get hung up in procurement, it slows down business operations. Yet, evaluating vendors for the potential new risks they are introducing is time-consuming, not to mention cumbersome. How far do you push the boundaries– should you move on from vendors who don’t comply with your assessment requests in a timely manner? Would you use predictive risk data to evaluate vendors and accelerate your decision? 

A poll from a previous webcast showed 67% of participants were challenged by staff resources and capacity when implementing a third-party risk management (TPRM) program.

The truth is, there’s no shortage of cyber risks, and managing the volume can be overwhelming for any cybersecurity team. The average enterprise has 6,000 third parties– how do you effectively identify, categorize, and prioritize your most critical risks? Where should you start, and how do compliance requirements factor into the equation? We’ll be debating these questions and more in this episode of Cyber Risk Nation.

Employees are the first line of defense for every company, yet CyberGRX data revealed that while 83% of third parties report they are conducting security awareness training, 42% aren’t testing the effectiveness of it. 

Join Erich Kron, Security Awareness Advocate at KnowBe4 & CyberGRX CISO Dave Stapleton as they discuss the threats posed by third-party testing gaps and the steps you can take to protect your organization.