It's not record-breaking, but it's still an improvement.
FICO and the U.S. Chamber of Commerce just released the Q2-2019 Assessment of Business Cyber Risk (ABC) report. They gave the United States a National Cybersecurity Risk Score a 688, a very slight improvement from 687 last quarter.
But the report also included a warning, urging businesses to make third-party risk management a major imperative.
The need for third-party risk management
The report highlights third-party risk as an important breach factor which companies must look at in a more significant way.
Christopher D. Roberti, Senior Vice President for cyber, intelligence, and security policy at the U.S. Chamber of Commerce, went into more detail for Yahoo Finance:
"For years, the Chamber has urged organizations to adopt internet security fundamentals, including using the NIST Cybersecurity Framework for enterprise risk management.
But we are seeing that organizations are being targeted through third parties and must take steps to integrate a tailored third-party risk management into an overall risk management plan."
Third-party security is clearly becoming more essential to a company's overall security framework.
4 ways to mitigate third-party risk
The Assessment of Business Cyber Risk report offers some advice for businesses hoping to increase best practices around third-party risk:
- Build a framework for third-party categorization
- Develop workflow to address the intersection of risk and criticality
- Assess high-impact suppliers frequently
- Ensure appropriate risk transfer
Check out the complete report here.