Drata's Risk Trends Report
Third-Party Risk: The Universal Operational Challenge
Third-Party Risk: The Universal Operational Challenge
Drata's Risk Trends Report showcases critical insights into the third-party risk management (TPRM) strategies of today's enterprises. Why download this research?
Download Report
By submitting this form I agree to receive communications (including emails) from Drata. See our Privacy Notice for more info.
Welcome to the Drata's Risk Trends Report. This visual research report results from an enterprise-level analysis looking into a critical element of organizational risk: third parties.
In recent years there has been a significant rise in cybersecurity related supply chain attacks, now even overtaking the damage done by malware. As part of that increase, there were 10 million people impacted by supply chain attacks that targeted 1,743 entities.
Drata developed a study designed to tap the pulse of commercial and enterprise organizations to determine what, if any, impact existing processes associated with managing third parties have on the business, how they are set to change in the next two years, and the level of risk associated with them.
In this year’s report, we found that a lack of visibility into third parties, Layered Risk, creates blind spots that make it nearly impossible to conduct an appropriate risk assessment for the modern perimeterless architecture that most businesses align with today.
As captured throughout the report, these blind spots result from a universal operational challenge that impacts nearly every business.
Inside the Report
The following takeaways identify the most impactful trends discussed in the report:
Most (69%) enterprise companies spend 1,000 hours or more annually on managing risk.
80% of companies fear they don’t have full visibility into their third party’s security posture.
Over 2 in 5 don’t have the proper staff and resources to thoroughly screen third parties in a timely manner.
Integrated risk management and complete visibility into third-party risk are top ranked (64%) priorities.
83% report they experienced negative consequences as a result of their current TPRM process.
Security professionals (65%) prefer to see third-party compliance on a monthly or continuous basis.
Discover the latest trends and insights on risk and compliance based on input from established and enterprise companies. Drata's Compliance Trends report explores a universal operational challenge: Third-Party Risk.
About The Report
How many organizations were surveyed for the report?
We worked with a third-party partner to survey 300 different organizations.
What types of companies were surveyed?
Surveyed companies consisted of high-tech, SaaS, fintech, and healthtech organizations.
What roles/seniority was surveyed?
We surveyed IT, cybersecurity, GRC, and related professionals at the director and above seniority.
Looking For More?
Check Out the Latest GRC Resources
Blog
Drata has released a new guide to walk you through the ins and outs of risk management and how it applies to compliance. Access the Complete Guide to Cybersecurity Risk Management to learn how to kickstart your risk management program.
Blog
Apart from being manual, traditional compliance's reactive nature can leave your organization at risk. Keep reading to learn how organizations are moving to proactive, continuous compliance.
Automate Your Journey
Drata's platform experience is designed by security and compliance experts so you don't have to be one.
Close more sales and build trust faster while eliminating hundreds of hours of manual work to maintain compliance.