I recently gave a presentation on the topic of vendor cyber risk management and one of the topics that I discussed was the awareness of vendor cyber risk among the Information Security community. Vendor risk has gone through the full lifecycle of being a new topic to one of growing importance to finally one of the top issues facing CISOs today. Here are a few examples highlighting just how much this cybersecurity issue is in the limelight.

• Wall Street Journal study highlighting it as the threat with the largest gap between perceived risk and perceived preparedness.
• Multiple Wall Street Journal articles highlighting breaches and the growing importance of vendor risk and supply chain security within the enterprise.
  • Cybersecurity Safeguards Should Extend to Supply-Chain Partners
  • Companies Struggle to Protect Their Technology Supply Chains
  • Fund Administrator for Fortress, Pimco and Others Suffers Data Breach Through Vendor
  • Cyberattack on Freddie Mac Vendor Highlights Supply Chain Vulnerabilities
• Studies on vendor risk like the recently released Security Currents study on Third Party Risk.
•  Other online articles detailing vendor breaches that have recently been announced.
  • Blackbaud data breach
  • Banking app Dave data breach
  • Promo data breach

In fact, if you Google News search ‘vendor cyber breach’ or ‘third party cyber breach’, there are 85,800 and 157,000 results, respectively. As this topic continues to gain mindshare, companies will look for new solutions to tackle this complex risk.