Organizations are still not taking the threat of third party vendor compliance serious. Many organizations brush off third party risk and put up a facade regarding how they are truly assessing third party risk. I bet if more organizations were honest or participate in the study, the results will be more alarming. ESentire published an article entitled “How to Guard against Third-Party Risk to the nth Degree“, which shows how Spiceworks surveyed 600 IT and security decision-makers across a mix of industries and company sizes and identified how serious as well as the challenges facing organizations regarding third party risk. Add this to the lack of doing proper internal cyber security risk management, and you can see it now if, but when we will see another major cyber security breach.