Vendor and Third-Party Risk
CSA 2024NIST CSF 2.0
20min

Your Vendors Are Your Attack Surface

Third-party vendors — cloud providers, software suppliers, maintenance contractors, outsourced services — often have privileged access to your systems and data. When a vendor is breached, your organisation is breached too. The 2020 SolarWinds attack compromised over 18,000 organisations globally through a single software update. In Malaysia, 40% of reported breaches in 2025 involved a third-party vendor with access to the victim's systems.

Your cybersecurity is only as strong as your weakest vendor. You are responsible for who you give access to.
1 / 5
Powered by Axceed CyberSafe · Axceed Consulting Sdn. Bhd.