Minimizing The Third-Party Risk: 7 Security Opportunities For Partners

Supplier Due Diligence

Companies are increasingly using third-party risk services as a way to do due diligence on suppliers, Boyer said. He said he has seen multiple examples of big companies rejecting a supplier for a contract because of a poor cybersecurity rating, a trend he said is different from years past. While not all companies will go so far as to terminate or decline a contract because of a rating, he said he also sees companies more and more putting caveats in purchase agreements around assuming liability or requiring cyber insurance in the event of a breach.