Jonathan Wood, CEO of C2 Cyber, discusses the topic of Vendor Risk Management and why it is a vital consideration for all companies in this vastly expanding digital world.
C2 Cyber CEO, Jonathan Wood, appeared in The European, explaining the importance of Vendor Risk Management, and why it is a dominant issue for all companies pre, and post-pandemic.
Jonathan gave examples on the recent major breaches in large corporations, and described why Vendor Risk is a very important aspect of any business. Jonathan also discussed how the ongoing pandemic has provided traction for the company, as more corporations require the services of C2 Cyber.
Where is your personal data located?
.. and how do you ensure full protection once sent to suppliers?
Key questions to consider.
WHY IS VENDOR RISK IMPORTANT TO A COMPANY?
Any company that has suppliers needs to have a method of managing these relationships and the risks they pose. This can be partially true even (perhaps especially) when the vendors don’t play an obvious part in the company’s business.
A recent study from TechRepublic finds that 31% of third-party vendors could cause significant damage to organisations if breached.
So what can we learn from this?
This is an area of cyber security that cannot be ignored and yet is also hard to manage effectively. The size of most supply chains means that Third party risk management must be about identifying and dealing with the risks that your suppliers pose before they become an issue for you.
HOW NUMEROUS LOCKDOWNS HAVE HAD A NEGATIVE IMPACT ON COMPANY DATA:
There has been a shift in how people protect their data as a result of the numerous Covid lockdowns across the UK, and overseas too. Companies have been very quick to transfer all their data online in order to enable work to continue under lockdown. These lockdown comprimises have made companies much more vulnerable to digital risk, and cannot become the new default.
However, studies show that 54% of consumers say that COVID-19 has made them more aware of the personal data they share than they were before the pandemic. Consumers are much more likely to point to COVID-19 as a driver of data privacy awareness than they are to regulatory changes.
With this in mind, there is even more reason for any company to ensure their personal data is being kept private and secure; not just for you, but for your supply chain too!
BALANCING EFFORT TO RISK:
In C2, we use our automated platform to match the level of effort (and cost) to the specific risk posed by each supplier.
With this, we:
- Segment a customer’s supply chain according to risk criticality
- Assess Key Risk Areas specific to each supplier
- Use Open source intelligence to validate and challenge the assessment
- Allocate Accountability and help remediate the risks identified.