How well do you know the risks posed by your third parties and supply chain?

Shrink the large blind spot hiding the risks in your business relationships
Malaysian companies have an insufficient understanding of the cyber and privacy risks associated with software supply chain vendors. Only 29% of respondents have a high-level understanding of these risks, despite 61% of companies expecting an increase in reportable incidents related to software supply chain attacks. 

A significant number of global respondents have experienced significant disruptions due to third parties, but fewer than half have responded to this issue. Companies that have responded may be prioritizing short-term efforts over long-term ones.

Addressing third-party risks

Malaysian organizations have been refining their criteria for third-party security assessments (52%) and helping third parties improve their cybersecurity posture through knowledge sharing (45%) in the past year. 45% of organizations validated the security posture and compliance of third parties, while 29% exited relationships with certain third parties to minimize risk. However, almost half of the organizations have not taken any action on their third-party risk management, such as refining their criteria, rewriting contracts, or increasing the rigor of their due diligence.

Simplifying the chain
The use of third-party vendors is increasing and the risks associated with them are often hidden. Due to the ease of digital interactions via APIs, the cost of establishing multiple partnerships has gone down, resulting in a rise in third-party dependence. The supply chain of trusted vendors, suppliers, and contractors is becoming a popular target for cyberattacks, with a simple software update being used against unsuspecting victims. Cybercriminals demand ransom payments, nation-states obtain valuable intelligence, and competitors use training data sets for AI models as a payoff.
Public-private collaboration
The Malaysian respondents' opinions were similar to the global average. Organizations that plan to increase their cybersecurity budgets in 2022 believe that they have been successful in achieving their cybersecurity goals:

• Share knowledge about new threats, approaches, and solutions in my peer set.
  
• Activate public-private sector relationships for more effective responses to a cyber attack on our organization.
  
• Promote broader awareness and upskilling of the workforce. 
  
  

Full Infographic

57Network has been helping global companies digitizing work management for greater transformation. 

Find out more with us about setting up your team and project for success with the following capability:
✅ automating better
✅ reporting and keeping accountability better
✅ empowering better
✅ innovate better
✅ automating better

​Empower your team to collaborate better on a single source of truth, for greater reporting visibility to improve decision-making.

You can schedule and book a time slot that’s convenient for you

Schedule now