Includes both cyber and physical security risk. It’s present whenever you have a third party that accesses, transmits, or stores your organization’s sensitive data or that has access to your privileged networks or facilities. The threat of third-party data breaches has grown as hackers have developed more aggressive and sophisticated ways to breach private networks. Any gaps in your third party’s controls must be addressed to protect your organizational or customer data.