According to the Verizon Data Breach Report, 62% of security incidents in 2022 involved third parties.
Simply protecting a company's internal information system is no longer (at all) sufficient. Third-party risk management has become a mandatory component of any cyber strategy.
To make matters worse, regulations in this area (RGPD, Loi Sapin 2...) are becoming increasingly numerous and strict. So third-party risks are no longer just technical: they're also legal and financial. And it's up to you, CISOs, to manage them!