The 2024 Prevalent Third-Party Risk Management Study

Some TPRM programs are still missing the forest for the trees.
A Whitepaper Infographic by Prevalent, A Health-ISAC Navigator
In early 2024, Prevalent conducted a study of trends, challenges, and initiatives impacting third-party risk management (TPRM) practitioners worldwide. The results indicate that many TPRM programs “miss the forest for the trees,” as they struggle to meet the broad needs of different stakeholders, sufficiently cover large vendor ecosystems, and address risk at every stage of the third-party lifecycle.
Downloadable PDF
2024 Third Party Risk Management Study Infographic 240610 231607
Size : 5.4 MB Format : PDF
Recommendations Third-party risk management is achieving enterprise-level visibility and importance in the face of growing third-party cybersecurity challenges, but many programs struggle with manual processes that limit risk, lifecycle, and vendor coverage. Here are three actionable steps to improve TPRM.
Create cross-functional teams
and establish clear TPRM
ownership to ensure that
remediations are enforced
Automate TPRM processes
around a single platform to
unify teams, data, and the
risk lifecycle
Close the resource and skill
gap with outsourced
managed services or artificial
intelligence capabilities
- Related Resources & News
- Health-ISAC whitepaper highlights cybersecurity responsibilities in medical device lifecycle, focuses on resilience
- Health-ISAC Hacking Healthcare 2-3-2025
- Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle
- Impacts of Proposed US Import Tariffs on the Global Health Sector
- NY Blood Center Attack Disrupts Suppliers in Several States
- 2025 Newsletter – February
- DeepSeek’s Security Risk Is A Critical Reminder For CIOs
- $6.4m to combat health sector cyber threat
- Threat Bulletin: SimpleHelp RMM Software Leveraged in Exploitation Attempt to Breach Networks
- EU Commission Calls for Health Sector ‘Cyber Action Plan’