HelpNet Security -
In a world that is becoming ever more interconnected, organizations are learning firsthand that they are not only vulnerable to the adverse events that their vendors experience but also to the incidents that happen to those vendors’ vendors.
Recent events such as the SolarWinds breach, Microsoft Exchange server attack and Fastly outage have revealed that conventional third-party risk management (TPRM) programs are not enough to generate the necessary visibility into supply chain risk.
Since fourth parties are not generally obligated to share information with partners of their clients, organizations are now adapting their TPRM programs to address fourth-party concerns. Fortunately, there are steps companies can take to give them greater visibility into – and protection from – downstream risk.
Get to know your third parties’ partners
Despite growing awareness of the threat of fourth-party risk, clear guidelines, and uniform processes for fourth parties have not been established,
The post Protecting your company from fourth-party risk was first published on Help Net Security.