Vendor cyber risk

Everyone knows about Target and their HVAC troubles and about Facebook and their friends at Cambridge Analytica. What is not understood is that these breaches are not in isolation. When a vendor messes up, it is the first party who owns the data that loses the most. The majority of reported breaches are caused by vendors. This chapter provides insights into how to quantify vendor cyber risk and manage it in a way that allows the first party to have much more insight and power into the relationship.