Glossary

Third-party security protects an organization from the risk associated with third-party vendors. Companies have traditionally spent time and money securing their perimeter and on-premise systems but have given little focus to the security practices of their vendors.

A threat vector, also known as an attack vector, is the method a cyber attacker uses to gain unauthorized access to IT systems to exploit vulnerabilities, introduce malware or steal sensitive data.

Third-party risk management (TPRM) includes all the best practices to control the risks of working with outside vendors and subcontractors. The goal of TPRM is to protect your intellectual property, operational systems, financial records, customer data, and other sensitive information from malicious actors.