vendor-risk-statistics

If your organization works with third-party vendors, the risks that they carry can have a big impact on your business. Here are some statistics about vendor risk that, while they are constantly changing and evolving, will get you thinking about why it’s important to know who your third parties are and understand their risks.

Only 35% of enterprise security professionals are very confident in knowing the actual number of vendors accessing their systems. Click To Tweet

Source: Bomgar survey

Only 52% of companies have security standards for third-parties. Click To Tweet

Source: PwC

Just 34% know the number of individual log-ins that can be attributed to vendors. Click To Tweet

Source: Bomgar survey

While 62% of enterprise security professionals do not expect their organization to be the target of a serious data breach due to third-party access, 79% expect their competitors will suffer a serious data breach in the future. Click To Tweet

Source: Soha Systems

75% of businesses saw third-party access grow over the past two years. Click To Tweet

Source: Bomgar survey

Vendors are accessing your network more than you think. On average, 89 vendors are accessing a company’s network every week. Click To Tweet

Source: Bomgar survey

Vendors on average have to touch 4.6 devices, such as VPN, firewalls, directories and more. Click To Tweet

Source: Soha Systems

Enterprise security professionals reported that 45% of third-party vendors who have access to their internal networks logged in within the past year. Click To Tweet

Source: Bomgar survey

69% of respondents say they definitely or possibly suffered a security breach resulting from vendor access within the last year. Click To Tweet

Source: Bomgar survey

On average, organizations spent $10 million responding to third-party breaches over a 12-month period in 2016. Click To Tweet

Source: CSO Online

94.3% of executives have low to moderate confidence in their third-party risk management tools and technology, and 88.6% have low to moderate confidence in the quality of the underlying risk management processes. Click To Tweet

Source: Deloitte

The number of data breaches attributed to third-party vendors has increased by 22% since 2015. Click To Tweet

Source: PwC

The estimated direct source of security incidents from third-party vendors was 19% in 2017. Click To Tweet

Source: PwC

63% of all cyber attacks could be traced either directly or indirectly to third parties. Click To Tweet

Source: Soha Systems

2% of nationwide enterprise IT and security professionals consider third-party access their top priority in terms of IT initiatives and budget allocation. Click To Tweet

Source: Soha Systems

Learn more about how you can properly identify and manage vendor risk with FRSecure, or download an easy tool to help you kickstart the vendor risk management process on your own.


Brandon Matis on Linkedin
Brandon Matis
Content Marketing Specialist at FRSecure
As the Content Marketing Specialist for FRSecure, Brandon spins complex, technical security jargon into intelligible content that is easy to understand. Through journalistic-style writing and graphic design, Brandon creates multichannel, multi-industry content that summarizes the current state of the security industry.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *