The number of cyberattacks on business partners of healthcare organizations has risen to the stage where they exceed attacks on healthcare providers. According to a recent report from the vendor risk management firm Black Kite, there has been a rise in both the impact and destruction caused by cyberattacks on third-party suppliers.
For their 2023 report, Black Kite examined 63 third-party breaches that affected at least 298 businesses and found that both the impact and destruction of those breaches had doubled. An average of 2.46 companies were impacted by each third-party breach in 2021, and this figure rose to an average of 4.73 companies per breach in 2022.
Vendor Due Diligence – What is It & Why is it Important?
Vendor due diligence is the process of assessing the security and risk management practices of third-party vendors before engaging in a business relationship with them. This process is crucial in ensuring that vendors have the necessary safeguards in place to protect sensitive data by evaluating a vendor’s security policies, procedures, and controls. This process may include reviewing the vendor’s security certifications, conducting onsite assessments, and reviewing the vendor’s security incident response plan.