{"id":46819,"date":"2017-08-15T10:00:16","date_gmt":"2017-08-15T17:00:16","guid":{"rendered":"https:\/\/www.questionpro.com\/blog\/?p=46819\/"},"modified":"2024-09-24T17:40:38","modified_gmt":"2024-09-25T00:40:38","slug":"data-security-zero-trust-approach","status":"publish","type":"post","link":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/","title":{"rendered":"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach"},"content":{"rendered":"

Data is the lifeblood of today’s digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every data security professional. Hackers stealing customer data can erase millions in profits within weeks, stolen intellectual property can erase competitive advantage overnight, and unexpected privacy abuses can bring unwanted scrutiny and fines from regulators while inflicting reputational damage that can last months, even years.<\/span><\/p>\n

Data security breaches are increasingly attributed to vendors<\/b> and other third parties that service the company under attack. Roughly <\/span>one-third of all breaches<\/b> in the last few years have occurred as a result of external attacks targeting a third-party supplier (a Top 3 attack vector), according to Forrester\u2019s Business Technographics Global Security Survey. Despite growing reliance on vendors and other third parties, organizations are inconsistent in their information security protocols for assessing vendors. As data security breaches are reaching crisis proportions, companies continue to struggle to secure a growing portion of their business \u2013 their third parties.<\/span><\/p>\n

Our research shows that a staggering<\/span> 90 percent of companies<\/b> don\u2019t know who their third parties are and what business they\u2019re doing with them. Conventional information security measures and GRC tools have lulled companies into a false sense of security. \u00a0Without knowledge of the problem and proper security protocols in place, companies can\u2019t categorize the level of risk or take appropriate action based on each particular situation. \u00a0They\u2019ll leave themselves open to attacks that cause harm to company revenue, reputational risk<\/a> and regulatory profiles.<\/span><\/p>\n

Achieving a high level of certainty with data risk across even a hand full of vendors, let alone across your entire supply chain is no easy feat. That’s why we\u2019ve added the Assessments feature to ease the stress of starting a risk management program. Email us at <\/span>assessments@questionpro.com<\/span><\/a> to see how Assessments can meet your risk management needs. Our webinar,<\/span> Trust, but Verify: The Evolution of Vendor Risk Management For Today’s Organizations,<\/span><\/a> is another great resource to learn about vendor risk management.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Data is the lifeblood of today’s digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 […]<\/p>\n","protected":false},"author":124,"featured_media":46822,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[322,6],"tags":[946],"yoast_head":"\nThe Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach | QuestionPro<\/title>\n<meta name=\"description\" content=\"Data is the lifeblood of today's digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every data security\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach | QuestionPro\" \/>\n<meta property=\"og:description\" content=\"Data is the lifeblood of today's digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every data security\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/\" \/>\n<meta property=\"og:site_name\" content=\"QuestionPro\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/questionpro\" \/>\n<meta property=\"article:published_time\" content=\"2017-08-15T17:00:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-25T00:40:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2017\/08\/Data-Security-button.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"900\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Paresh Amin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@questionpro\" \/>\n<meta name=\"twitter:site\" content=\"@questionpro\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Paresh Amin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/\"},\"author\":{\"name\":\"Paresh Amin\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/#\/schema\/person\/ae3c4c7274324fbd4a060a9582245edc\"},\"headline\":\"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach\",\"datePublished\":\"2017-08-15T17:00:16+00:00\",\"dateModified\":\"2024-09-25T00:40:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/\"},\"wordCount\":352,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.questionpro.com\/blog\/#organization\"},\"keywords\":[\"Assessments\"],\"articleSection\":[\"Assessments\",\"QuestionPro Products\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/\",\"url\":\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/\",\"name\":\"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach | QuestionPro\",\"isPartOf\":{\"@id\":\"https:\/\/www.questionpro.com\/blog\/#website\"},\"datePublished\":\"2017-08-15T17:00:16+00:00\",\"dateModified\":\"2024-09-25T00:40:38+00:00\",\"description\":\"Data is the lifeblood of today's digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every data security\",\"breadcrumb\":{\"@id\":\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.questionpro.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"QuestionPro\",\"item\":\"https:\/\/www.questionpro.com\/blog\/category\/questionpro\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"QuestionPro Products\",\"item\":\"https:\/\/www.questionpro.com\/blog\/category\/questionpro\/questionpro_products\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/#website\",\"url\":\"https:\/\/www.questionpro.com\/blog\/\",\"name\":\"QuestionPro\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.questionpro.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.questionpro.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/#organization\",\"name\":\"QuestionPro\",\"url\":\"https:\/\/www.questionpro.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2022\/10\/questionpro-logo.svg\",\"contentUrl\":\"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2022\/10\/questionpro-logo.svg\",\"caption\":\"QuestionPro\"},\"image\":{\"@id\":\"https:\/\/www.questionpro.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/questionpro\",\"https:\/\/twitter.com\/questionpro\",\"https:\/\/www.linkedin.com\/company\/questionpro\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/#\/schema\/person\/ae3c4c7274324fbd4a060a9582245edc\",\"name\":\"Paresh Amin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.questionpro.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/140b46a169bf117dc2f27b8a6b916540?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/140b46a169bf117dc2f27b8a6b916540?s=96&d=mm&r=g\",\"caption\":\"Paresh Amin\"},\"url\":\"https:\/\/www.questionpro.com\/blog\/author\/pareshamin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach | QuestionPro","description":"Data is the lifeblood of today's digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every data security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/","og_locale":"en_US","og_type":"article","og_title":"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach | QuestionPro","og_description":"Data is the lifeblood of today's digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every data security","og_url":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/","og_site_name":"QuestionPro","article_publisher":"https:\/\/www.facebook.com\/questionpro","article_published_time":"2017-08-15T17:00:16+00:00","article_modified_time":"2024-09-25T00:40:38+00:00","og_image":[{"width":900,"height":600,"url":"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2017\/08\/Data-Security-button.jpg","type":"image\/jpeg"}],"author":"Paresh Amin","twitter_card":"summary_large_image","twitter_creator":"@questionpro","twitter_site":"@questionpro","twitter_misc":{"Written by":"Paresh Amin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#article","isPartOf":{"@id":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/"},"author":{"name":"Paresh Amin","@id":"https:\/\/www.questionpro.com\/blog\/#\/schema\/person\/ae3c4c7274324fbd4a060a9582245edc"},"headline":"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach","datePublished":"2017-08-15T17:00:16+00:00","dateModified":"2024-09-25T00:40:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/"},"wordCount":352,"commentCount":0,"publisher":{"@id":"https:\/\/www.questionpro.com\/blog\/#organization"},"keywords":["Assessments"],"articleSection":["Assessments","QuestionPro Products"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/","url":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/","name":"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach | QuestionPro","isPartOf":{"@id":"https:\/\/www.questionpro.com\/blog\/#website"},"datePublished":"2017-08-15T17:00:16+00:00","dateModified":"2024-09-25T00:40:38+00:00","description":"Data is the lifeblood of today's digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every data security","breadcrumb":{"@id":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.questionpro.com\/blog\/data-security-zero-trust-approach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.questionpro.com\/blog\/"},{"@type":"ListItem","position":2,"name":"QuestionPro","item":"https:\/\/www.questionpro.com\/blog\/category\/questionpro\/"},{"@type":"ListItem","position":3,"name":"QuestionPro Products","item":"https:\/\/www.questionpro.com\/blog\/category\/questionpro\/questionpro_products\/"},{"@type":"ListItem","position":4,"name":"The Future of Vendor Risk Assessments for Data Security and Governance: A Zero Trust Approach"}]},{"@type":"WebSite","@id":"https:\/\/www.questionpro.com\/blog\/#website","url":"https:\/\/www.questionpro.com\/blog\/","name":"QuestionPro","description":"","publisher":{"@id":"https:\/\/www.questionpro.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.questionpro.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.questionpro.com\/blog\/#organization","name":"QuestionPro","url":"https:\/\/www.questionpro.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.questionpro.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2022\/10\/questionpro-logo.svg","contentUrl":"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2022\/10\/questionpro-logo.svg","caption":"QuestionPro"},"image":{"@id":"https:\/\/www.questionpro.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/questionpro","https:\/\/twitter.com\/questionpro","https:\/\/www.linkedin.com\/company\/questionpro\/"]},{"@type":"Person","@id":"https:\/\/www.questionpro.com\/blog\/#\/schema\/person\/ae3c4c7274324fbd4a060a9582245edc","name":"Paresh Amin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.questionpro.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/140b46a169bf117dc2f27b8a6b916540?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/140b46a169bf117dc2f27b8a6b916540?s=96&d=mm&r=g","caption":"Paresh Amin"},"url":"https:\/\/www.questionpro.com\/blog\/author\/pareshamin\/"}]}},"featured_image_src":"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2017\/08\/Data-Security-button.jpg","featured_image_src_square":"https:\/\/www.questionpro.com\/blog\/wp-content\/uploads\/2017\/08\/Data-Security-button.jpg","author_info":{"display_name":"Paresh Amin","author_link":"https:\/\/www.questionpro.com\/blog\/author\/pareshamin\/"},"_links":{"self":[{"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/posts\/46819"}],"collection":[{"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/users\/124"}],"replies":[{"embeddable":true,"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/comments?post=46819"}],"version-history":[{"count":1,"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/posts\/46819\/revisions"}],"predecessor-version":[{"id":809851,"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/posts\/46819\/revisions\/809851"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/media\/46822"}],"wp:attachment":[{"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/media?parent=46819"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/categories?post=46819"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.questionpro.com\/blog\/wp-json\/wp\/v2\/tags?post=46819"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}