While vendors allow organizations to efficiently outsource tasks, they can also increase the risk of breaches. A recent study found more than 60% of US organizations have faced a data breach because of vendors. CISOs) are responsible not just the data their own company collects, but the data their third-party vendors and supply chains collect as well. Decisions made at these adjacent organizations are frequently outside of the CISO’s direct control, but they have the potential to harm his or her company’s business and reputation nonetheless. So, what are the specific risks third-party vendors present?