Plan Sponsors Archives

Majority of CISOs Report Third-Party Security Incidents with Compliance and Supply Chain Risk Management Implications

October 2, 2025October 2, 2025 by Thomas Canova

Third-party cybersecurity risk is no longer an emerging concern—it is a documented and escalating threat. A recent SecurityScorecard survey revealed that 71% of organizations experienced at least one material third-party cybersecurity incident in the past 12 months, with 5% reporting ten or more such events. Supporting data from the 2025 Verizon Data Breach Investigations Report … Read more

Strategies to Minimize Organizational Third-Party Vendor Risks

September 22, 2022September 22, 2022 by Thomas Canova

Organizations across most market segments are becoming increasingly reliant on third-party vendors to support critical business operations across the board to support a wide array of process and functions. It is estimated that over 50% of businesses using third-party vendors have experienced a data breach involving confidential information. Given the current state supply chain’s impact … Read more

ERiSA Plan Sponsors Need to Verify That All Service Providers and Vendors Meet DOL Cybersecurity Guidelines

August 26, 2022July 25, 2022 by Thomas Canova

The Department of Labor’s (DOL) release of cybersecurity best practices for plans covered by the Employee Retirement Income Security Act (ERISA) makes it clear that plan sponsors, service providers, and participants share responsibility for protecting plan accounts. The guidance, which includes tips for hiring service providers, cybersecurity program best practices, and online security tips, provides … Read more

Other Pages

Quick Links