{"id":2742,"date":"2019-08-15T15:55:42","date_gmt":"2019-08-15T19:55:42","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=2742"},"modified":"2019-08-15T15:55:42","modified_gmt":"2019-08-15T19:55:42","slug":"why-due-diligence-matters-to-determining-third-party-risk","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/","title":{"rendered":"Why Due Diligence Matters to Determining Third-Party Risk"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-779\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\" alt=\"Why Due Diligence Matters to Determining Third-Party Risk\" width=\"800\" height=\"350\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork-300x131.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork-768x336.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork-600x263.jpg 600w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork-180x79.jpg 180w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork-400x175.jpg 400w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Third-parties constitute a significant risk for enterprises of all sizes, even as they present opportunities for scaling workflows and services. In fact, Gartner learned in its survey that, of the risks discovered through due diligence, 31% presented potential material impact.\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"box box3\">Our <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM Buyer&#8217;s Guide<\/a> helps you evaluate the best solution for your use case and features profiles of the leading solution providers and their key capabilities.<\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Yet the old method of point-in-time risk management just can\u2019t keep up with the pace of modern business relationships. Point-in-time risk management seeks to identify potential risks before the commencement of a business relationship or recertification.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, risks could arise as a result of an ongoing or changing relationship. Additionally, point-in-time risk management can lead to onboarding and waiting time and therefore punishing process delays.\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>How to Do Your Due Diligence For Third-Party Partners<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Among its findings, Gartner found third-parties now have access to more enterprise data than ever. Moreover, they discovered enterprises\u2019 third-party networks vary in maturity. In short, the risks associated with third-party partners only look poised to increase rather than decrease. Your enterprise needs to keep up.\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Thus the importance of performing your enterprises\u2019 due diligence in its risk management. This means continual assessment and reassessment even before recertification evaluations. Unfortunately, your enterprise may struggle to identify most material risks without active engagement with your third-parties.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">One way to do your diligence: <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM<\/a>. Through machine learning and automation, SIEM can help your enterprise identify potential vulnerabilities in your IT environment. This includes third-parties and the databases they with which they regularly connect. You can closely monitor the most sensitive databases with close log management and security event correlation.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Further, you can deploy UEBA capabilities through SIEM which watches for insider third-party threats. Any abnormal behaviors could indicate a cyber risk and thus a potential data breach or ongoing attack. In fact, it could shorten your investigation times and reduce mitigation and remediation time.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM<\/a> allows you to do due diligence of your risk management. Best take that opportunity now.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">You can read Gartner\u2019s report on its risk management research and survey <\/span><a href=\"https:\/\/www.gartner.com\/en\/newsroom\/press-releases\/2019-08-15-gartner-says-more-than-eight-in-10-organizations-disc\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">here<\/span><\/a><span style=\"font-weight: 400\">.\u00a0\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0 Third-parties constitute a significant risk for enterprises of all sizes, even as they present opportunities for scaling workflows and services. In fact, Gartner learned in its survey that, of the risks discovered through due diligence, 31% [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":779,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1,3],"tags":[95,1135,13,20,21,57,22,1134,1133],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Why Due Diligence Matters to Determining Third-Party Risk<\/title>\n<meta name=\"description\" content=\"According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why Due Diligence Matters to Determining Third-Party Risk\" \/>\n<meta property=\"og:description\" content=\"According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/\" \/>\n<meta property=\"og:site_name\" content=\"SIEM Tools &amp; Security Event Management | Solutions Review\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-15T19:55:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/\",\"name\":\"Why Due Diligence Matters to Determining Third-Party Risk\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\",\"datePublished\":\"2019-08-15T19:55:42+00:00\",\"dateModified\":\"2019-08-15T19:55:42+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\",\"width\":800,\"height\":350,\"caption\":\"Findings: The Forrester Wave: Midsize Managed Security Services Providers, Q3 2020\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why Due Diligence Matters to Determining Third-Party Risk\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"SIEM Tools &amp; Security Event Management | Solutions Review\",\"description\":\"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why Due Diligence Matters to Determining Third-Party Risk","description":"According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/","og_locale":"en_US","og_type":"article","og_title":"Why Due Diligence Matters to Determining Third-Party Risk","og_description":"According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/","og_site_name":"SIEM Tools &amp; Security Event Management | Solutions Review","article_published_time":"2019-08-15T19:55:42+00:00","og_image":[{"width":800,"height":350,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/","name":"Why Due Diligence Matters to Determining Third-Party Risk","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","datePublished":"2019-08-15T19:55:42+00:00","dateModified":"2019-08-15T19:55:42+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"According to technology research giant Gartner, 83% of enterprises utilizing third-party services discover cyber risk after conducting due diligence.\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","width":800,"height":350,"caption":"Findings: The Forrester Wave: Midsize Managed Security Services Providers, Q3 2020"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-due-diligence-matters-to-determining-third-party-risk\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Why Due Diligence Matters to Determining Third-Party Risk"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"SIEM Tools &amp; Security Event Management | Solutions Review","description":"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2742"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=2742"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2742\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/779"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=2742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=2742"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=2742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}