The goal of the study was to provide a state-of-the-market on third-party risk with actionable recommendations that organizations can take to grow and mature their programs across every stage of the third-party risk lifecycle.

A survey of 200 global security professionals as to their opinions, responses, and outlook of the Solarwinds software chain compromise.

An annual survey on the challenges and response to those challenges of cybersecurity in the Industrial Control Systems (ICS) space.

This study provides new insights into the state of cybersecurity skills and resources across the globe.

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management. This is a US specific version of the main report.

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management.

Now in its sixth year, Sonatype’s State of the Software Supply Chain Report continues to examine measurable practices of secure open source software development and delivery.

Using telephone survey of UK business and thirty in-depth interviews, this report reviews awareness and approaches to cyber security in the UK as well as the nature and impact of breaches by firm size and sector.

A survey of 400 public sector IT decision makers and influencers to determine challenges faced by public sector IT professionals, security threats, and cybersecurity capabilities.

Uses survey-based polling to identify common challenges organizations face in managing third part risk management (TPRM) programs. Also provides analysis on some possible ways of addressing these concerns.

This document is the product of a flash survey, an unscheduled, event-driven survey with a fast turnaround to cover a rapidly evolving situation relevant to tech markets. This survey was designed to measure the impact of the COVID-19 coronavirus outbreak on businesses. It was conducted between March 10 and March 19, 2020, and represents approximately 820 completes from pre-qualified IT decision-makers.

The insights presented in this report will help guide your supply chainmonitoring and risk mitigation strategy, enable better informed decision-making processes, and aid the formulationof responses that create more resilient and sustainablebusiness operations.

For the fourth time, White Ops and the ANA have partnered to measure bot fraud in the digital advertising ecosystem. Previous studies measured bot fraud in the digital advertising ecosystem in August/September 2014, August/September 2015, and November/December 2016. This one studies November/December 2019.

This is a study on third party risk from Gartner. It covers how third party risks are changing, how companies are managing third party risks, and taking an iterative approach to third party risks.

Bomgar outlines how to defend against security threats, showing two distinct groups of threats, prevention techniques, etc.

This paper discusses all of the consequences for GDPR non-compliance.

This report provides exactly what its title offers, 10 predictions for developers in 2019.

Outsourcing is a fact of life for healthcare organizations, from routine functions such as food services and laundry to regulatory compliance and clinical activities. Large numbers of vendors must be properly managed in order to reduce clinical, financial and regulatory risk. This paper discusses how to reduce complexity in third-party vendor risk management, and how to turn uncertainty and confusion into efficiency and confidence.

State of Cybersecurity 2019 reports the results of the annual ISACA global State of Cybersecurity Survey, conducted in November 2018. While some findings pointed to unforeseen trends, many survey results reinforce previous years’ findings—specifically that the need for trained and experienced cybersecurity professionals vastly outweighs the supply. State of Cybersecurity 2019 provides a distinctive view of cybersecurity from the perspective of those who define the field—cybersecurity managers and practitioners. This is the first report based on the survey, which focuses on the current trends in cybersecurity workforce development, staffing, budget and gender diversity.

From the report, “For years, the Finance industry has been a trailblazer in managing the risk posed by vendors, suppliers, and business partners. As we have also detailed in previous BitSight Insights reports2 over the last four years, this industry has maintained a strong security posture in comparison to others. Given that the Finance industry is a leader in managing third-party cyber risk, how secure is their supply chain, and where do weak links lie? Are the companies in their supply chain meeting the same security standards they hold for their own organization? These questions are relevant not only for Finance organizations, but for all organizations that need to reduce third-party cyber risk. To answer these questions, BitSight researchers looked at the security performance of more than 5,200 Legal, Technology, and Business Services global organizations whose security ratings are tracked and monitored by hundreds of Finance firms using the BitSight Security Rating platform. The organizations across these industries represent a set of critical vendors and business partners in Finance’s supply chain, consisting of: legal organizations, accounting and human resources firms, management consulting and outsourcing firms, and information technology and software providers.”

This survey, conducted by Forrester Consulting on behalf of BitSight, offers insight in to the critical role that Vendors play in key business functions and how they can create security risks and issues.