Strategies for Proactive Third-Party Cyber Risk Management
Cyber strategist Jeffrey Wheatman outlines a shift toward operational resilience in managing third-party cyber risk, moving beyond traditional assessment methods.
In a recent industry discussion, Jeffrey Wheatman, SVP and Cyber Strategist at Black Kite, emphasized the need for organizations to shift their third-party risk management strategies. Rather than focusing solely on data loss prevention, he argues that businesses must prioritize operational resilience to ensure continuity when vendors or partners are compromised.
Practical steps for managing these exposures include engaging business stakeholders early in the procurement process and identifying which third-party relationships are truly business-critical. Wheatman advises moving away from static, questionnaire-based assessments, which often fail to capture the dynamic nature of modern cyber threats.
Organizations are encouraged to adopt a more proactive stance by continuously monitoring their supply chain and partner ecosystem. By identifying vulnerabilities before attackers do, firms can better prepare for potential disruptions and minimize the impact of third-party security failures.