Clash of Interests: The Unavoidable Union of Third-Party Risks and Safeguard Strategies
In the ever-evolving cybersecurity landscape, the future of third-party risk management (TPRM) is shifting towards a more proactive and intelligent approach. This new paradigm, known as Third Party Risk and Exposure Management (TPREM), aims to transform governance-centric TPRM into real-time exposure management.
The shift towards TPREM is driven by the need for a more dynamic and adaptive security framework. Traditional TPRM, built for a different era, is increasingly inefficient in today's threat environment. Organizations that integrate threat intelligence into their operational workflows are 30% more likely to respond to incidents within 24 hours, significantly reducing dwell time and the potential blast radius of third-party compromise.
Threat intelligence provides the 'so what' behind raw data, transforming a long list of misconfigurations and CVEs into a prioritized set of risks aligned to actual threat activity. By integrating threat intelligence with third-party exposure data, security teams can distinguish between theoretical risk and imminent threat.
Artificial intelligence (AI) is playing a crucial role in this transformation. AI is automating vendor assessments, continuously triaging exposure data, correlating risk with threat intelligence, recommending remediations, and even generating and routing workflows. The new TPREM approach utilizes a combination of three AI-powered engines: integrated, correlated, and contextualized.
The modern 'software as a service' (SaaS) delivery model, according to Patrick Opet, Chief Information Security Officer at J.P. Morgan Chase, is creating a substantial vulnerability that is weakening the global economic system. This vulnerability is further exacerbated by the rapid expansion of the digital attack surface, including hybrid and cloud-first infrastructures, remote workforces, and an ever-increasing array of connected devices.
The future of third-party risk management isn't about changing what security teams do but about empowering them to do it better than ever before. Security teams require real-time visibility into the assets and digital footprint of every third party, including IP ranges, cloud infrastructure, web applications, misconfigurations, and vulnerabilities.
AI is not replacing security teams but elevating them by automating time-consuming tasks, surfacing critical insights buried in noise, and connecting siloed systems and teams into a coordinated response engine. Context is essential for prioritization and prediction in security programs, separating critical information from unnecessary alerts.
A network and shared platform enable companies to create once and share with many, reducing friction in the assessment process and headaches for those managing it. For instance, Bitsight TRACE Research found that the modern enterprise manages dozens of providers and hundreds of products, and some of the largest enterprises manage tens of thousands of third parties.
The transformation towards TPREM is not just a response to the current threat landscape but a proactive measure to address the growing complexity and interconnectedness of today's digital ecosystem. The incident in February 2024, where a ransomware attack on a critical US healthcare infrastructure caused nationwide operational disruptions in hospitals and medical offices, highlighted the fragility of the healthcare supply chain and the potential cascading effects of a single point of failure in a third-party vendor.
The American Hospital Association called the incident 'the most significant and consequential incident of its kind against the US healthcare system in history.' The Gartner Report found that only 17% of organizations can clearly identify and inventory a majority (95% or more) of their assets. These findings underscore the urgency for a more intelligent and proactive approach to third-party risk management.
The security framework must evolve to become a dynamic, intelligence-driven system capable of adapting to real-time conditions and guided by insights from security operations teams. The Chief Information Security Officer at J.P. Morgan Chase, Ty Sbano, echoed this sentiment in a recent article. Modern threat intelligence offers insights into emerging attacker techniques, active campaigns, exploit trends, and adversary infrastructure. By leveraging these insights, security teams can stay one step ahead of potential threats and ensure the resilience of their organizations in the face of ever-evolving cyber threats.
Read also:
- Overweight women undergoing IVF have a 47% higher chance of conceiving naturally post-weight loss
- Bonsai Trees from Evergreen Species: Exploring Growth Characteristics & Distinct Qualities
- What temperatures may make walking your canine companion uncomfortable?
- Title: Information About Beovu: Potency, Form, Usage, and Additional Details
