Contextualizing supply chain risks in a SaaS environment

2022-02-07 06:12

In the wake of the SolarWinds and Kaseya attacks, third-party cybersecurity risks remain top of mind for security leaders.

Third-party SaaS vendors have permeated every facet of our workflows and enmeshed itself across enterprise environments.

Where today's third-party integrations are continuous, widespread and ever-evolving, current TPRM solutions tend to offer point-in-time assessments of the security posture of vendors, rather than assessing actual integrations with third parties and vendor-customer relationships.

It is possible to improve supply chain security and generate better third-party security best practices.

As we grow more dependent on third-party SaaS applications, it is time to extend third-party vendor risk assessments from their security controls to how we use and interact with the third-party itself.

Extending the scope of third-party security risk factoring can, in turn, feedback into a more effective TPRM process.

News URL

https://www.helpnetsecurity.com/2022/02/07/third-party-cybersecurity-risks/

#saas #supplychain