Home Podcasts On third party cyber risk

On third party cyber risk

April 2, 2019

This podcast was recorded with Jake Olcott, VP of Government Affairs at BitSight. The discussion focused on the recent research that BitSight carried out with the Center for Financial professionals (CeFPro). The research focused on third party cyber risk and produced some interesting highlights.

It found that nearly 97 percent of respondents saw cyber risk that affects third parties as a major issue. More than half saw it as a critical issue to their firm. Olcott first defined what third party cyber risk is. It includes every company within the environment of a business that it has a relationship with. These can include suppliers, customers, partners. He then extends the definition to fourth party businesses as also being a potential weak point.

Jake Olcott, Vice President, Communications and Government Affairs at BitSight

Olcott talks how cyber risk fits into a wider risk portfolio. He also argues that as it is new and still being determined it is often reported to the board in its own right. He commented: “cyber risk is the number one issue on the minds of every executive and board member.”

While the research focused on the Financial Services sector Olcott also discusses its importance in other areas such as manufacturing. One area that all companies struggle with is the collection of data around third parties. It is a problem that Olcott believes BitSight has a solution to and explains why. Companies need no longer just rely on supplier questionnaire that are at best high level in nature.

He moves onto the first steps a company should take on strengthening its third party cyber risk stance. It is not a slight different approach to cyber risk as it include a stakeholder and well as a data map. Finally he talks about the nascent cyber insurance offerings in the market and has some advice on an approach that companies should take to it.

To hear more of what Olcott had to say listen to the podcast