Softtek Releases 2016 State of Digital Third-Party Risk Report

Share Article

Leading global IT services firm provides new research based on more than 1,000 assessments to help companies recognize third-party compliance gaps and create remediation plans to help ensure data security

The State of Digital Third-Party Risk 2016 - Report

Softtek's report is unique and useful as it takes a broad, data-driven approach to address supplier risk management

Softtek, founder of the nearshore industry and leading global IT services provider dedicated to creating value through technology, today announced its launch of “The State of Digital Third-Party Risk 2016 – In Partners We Trust,” a new research report that uncovers third-party security vulnerabilities based on methodical and statistical analysis, metrics and trends derived over the course of 2014 and 2015.

“Softtek's report is unique and useful as it takes a broad, data-driven approach to address supplier risk management,” said James Beeson, CISO for a large US Financial Services conglomerate. “This information supplies some excellent insights for organizations to leverage within their supplier security programs. As things become more and more digitized and sharing of data with partners more prevalent, the security risks continue to increase, and understanding the key risk indicators can be extremely valuable in helping to mitigate risk and improve security posture.”

Driven from a sample of 1,236 assessments that included a balance of small, midsize and large suppliers (over $50B in revenue), the report is intended to help companies identify the top risks associated with third parties today, based on their type of service or supplier activity across 14 security domains.

Softtek’s key research findings include:

  •      The state of third-party compliance based on a dataset of 286 primary controls aligned with ISO 27001
  •     Supplier compliance trends in 2015 vs 2014, with a decline of 3.5% when compared to 2014
  •     Analysis of compliance and risk levels, with suppliers failing on average between 2 to 3 controls rated at the “Critical” risk level
  •     Assessment of best-in-class supplier compliance and benchmark
  •     Defined controls to implement successful remediation plans for third parties in order to align to business objectives

“We found that there is a gap that exists in first-hand, hard data reporting for the third-party risk space in today’s increasingly digital world,” said Leonel Navarro, Global Practice Director for Information Security at Softtek and co-author of the report. “The insights and recommendations provided in the report aim to serve as a valuable tool for CIOs and risk leaders, providing actionable guidance that they can integrate into their SRM programs, avoiding the need to heavily invest in performing risk assessments to understand the latest trends.”

To learn more, download a copy of Softtek’s 2016 State of Digital Third-Party Risk report at

About Softtek
Founded in 1982, Softtek is a global provider of process-driven IT solutions with 30 offices in North America, Latin America, Europe and Asia. With 15 Global Delivery Centers in the U.S., Mexico, China, Brazil, Argentina, Spain and India, Softtek helps improve time-to-business-solution, lower costs of existing applications, deliver better engineered and tested applications, and produce predictable outcomes for top-tier corporations in over 20 countries. Through on-site, on-shore and it’s trademarked Global Nearshore™ service delivery models, Softtek teams with CIOs to constantly increase the business value of IT. Softtek is the creator and a leader of the nearshore industry. Visit, follow @Softtek, connect with Softtek on LinkedIn and read Softtek’s blog.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Karen Liedl
since: 01/2010
Follow >

Visit website