Los procesos manuales siguen dominando los programas de gestión de riesgos de terceros: Estudio

Según un nuevo estudio de Prevalent, Inc., casi el 48% de las empresas sigue dependiendo de las hojas de cálculo, mientras que el 41% afirma haber sufrido una infracción grave por parte de terceros en el último año.

Personal de Mitratech 10 de mayo de 2023

Editor’s Note: This article was originally published on www.sdcexec.com.

Nearly 48% of companies still depend on spreadsheets, while 41% reported experiencing an impactful third-party breach in the last year, according to new research from Prevalent, Inc.

“Year over year we continue to see a significant increase in supply chain disruptions and widespread third-party security incidents,” says Brad Hibbert, chief strategy officer for Prevalent. “And although this survey illustrates that organizations are making third-party risk management programs a priority with more people across the organization involved and only 4% reporting that they’re not monitoring their third-party suppliers, there is still more to do. Companies need to ditch manual processes for good and partner with an automated TPRM solution to manage risks across the third-party risk lifecycle.”

From Prevalent:

41% of companies experienced an impactful third-party breach in the last 12 months, but rely on overlapping tools and manual processes which slows incident response.
A majority of companies (71%) report that the top concern regarding the usage of third parties is a data breach or other security incident due to poor vendor security practices. However manual methods still persist, with an increasing percentage using news feeds to learn about breaches.
62% of respondents to this year’s study indicated that third-party data breaches and security incidents were top drivers behind increased involvement in third-party risk management.
A growing number of organizations (48%) are using spreadsheets to assess third parties. This percentage is up from 2022 and 2021, where 45% and 42% of companies, respectively, said they were using spreadsheets. The good news is that only 4% of respondents indicated that they are not currently assessing third parties at all, which continued a downward trend from 2021 (10%) and 2022 (8%).
The offboarding and termination stage of the third-party relationship lifecycle sees the lowest percentage of companies tracking (47%) and remediating (38%) risks, and the highest percentage of companies doing nothing at all (39%). The significant gap between tracking and remediating risks in the initial assessment and sourcing and pre-contract due diligence stages is especially surprising, as these are the primary stages to discover and remediate risks before they impact the organization.

Nota del editor: Este artículo se publicó originalmente en Prevalent.net. En octubre de 2024, Mitratech adquirió la empresa de gestión de riesgos de terceros basada en IA, Prevalent. El contenido ha sido actualizado desde entonces para incluir información alineada con nuestra oferta de productos, cambios regulatorios y cumplimiento.

Soluciones sectoriales