Judith H. Germano
Third parties are a significant source of cybersecurity vulnerabilities, yet there remains much work to be done in terms of how third-party risk is assessed and controlled. This paper explains how properly understanding and addressing third-party cyber risk requires a proactive and comprehensive approach to enable parties on all sides to prevent harms and to prepare for and respond to incidents in a faster, better coordinated, less expensive and more effective manner.