All news with #managed service provider tag

Rethinking Service Provider Risk: A CISO Imperative

🔍 As organizations outsource more critical systems and security functions to managed service providers, the complexity and frequency of third-party incidents are rising — 47% of organizations reported a third-party breach in the 12 months to mid-2025. Security leaders must balance rigorous, standards-based assurance (for example ISO 27001 or SOC 2) with relationship-driven vetting that fosters transparency and shared responsibility. Experts from media company Advance, the University of Queensland and vendor advisors argue that questionnaires alone are insufficient: meaningful dialogue, selective disclosure (summaries of pen tests rather than full reports), contractual clarity, and AI-aware controls are all needed to assess and manage evolving risks.