Panorays 2025 Cyber Risk Management Survey discovers 91% of CISOs report rising third-party incidents

Panorays, the leader in third-party cyber risk management solutions, has released its 2025 CISO Survey for Third-Party Cyber Risk Management, providing insights on the evolving landscape of third-party cybersecurity.

New York, NY, United States, February 4, 2025 — The report, based on insights from 200 CISOs across the U.S., explores the priorities, challenges, and trends shaping third-party cyber risk strategies for the coming year.

The findings make clear a stark reality: while 91% of CISOs report an increase in third-party cybersecurity incidents, only 3% have full visibility into their supply chains, including fourth and nth-party relationships. This lack of comprehensive visibility underscores the need for advanced tools and strategies to mitigate growing risks.

Key Findings:

• Rising Third-Party Incidents: 91% of CISOs experienced an increase in incidents over the past year, driven by unresolved vulnerabilities and expanding supply chain complexities.
• Resource Constraints: 98% of organizations leave at least 10% of third-party vulnerabilities unresolved due to limited resources.
• AI Adoption: 27% of CISOs currently use AI for vendor assessments, with 69% planning adoption in 2025 to enhance efficiency and scalability.
• Budget Disconnect: 81% of respondents report insufficient funding to address third-party risks effectively.

“This year’s survey reveals a troubling story: third-party risks are growing faster than the resources organizations have to address them,” said Matan Or-El, CEO of Panorays. “As supply chains become more complex and interconnected, the need for smarter, AI-driven solutions is no longer optional, it’s critical for businesses to stay secure.”

The Growing Role of AI in Third-Party Cyber Risk Management 

The report emphasizes the transformative potential of AI in streamlining vendor assessments and mitigating risks. On average, organizations leveraging AI report a 44% reduction in time spent on assessments, enabling teams to focus on higher-value tasks.

A Call to Action for CISOs 

With 95% of surveyed CISOs predicting a continued rise in third-party incidents in 2025, the need for proactive measures is more urgent than ever. Panorays’ report offers actionable insights to help organizations enhance visibility, prioritize risks, and allocate resources more effectively.

About the Survey 

The 2025 CISO Survey was conducted in November 2024 in collaboration with Global Surveyz, an independent research company. Participants included CISOs from industries such as finance, healthcare, technology, and professional services, representing organizations with 1,000 to over 10,000 employees.

About the company: Panorays is a global provider of third-party cybersecurity management software. Adopted by leading banking, insurance, financial services, and healthcare organizations, Panorays enables businesses to optimize their defenses for each unique third-party relationship. With personalized and adaptive third-party cyber risk management, Panorays helps businesses stay ahead of emerging threats and delivers actionable remediations with strategic advantages with over 1,000 customers worldwide. The company serves enterprise and mid-market customers primarily in North America, the UK and the EU, Headquartered in New York and Israel, with offices around the world, Panorays is funded by numerous international investors, including Aleph VC, Oak HC/FT, Greenfield Partners, BlueRed Partners (Singapore), StepStone Group, Moneta VC, Imperva Co-Founder Amichai Shulman and former CEO of Palo Alto Networks Lane Bess.

For more information, visit www.panorays.com or contact us at info@panorays.com.

Contact Info:
Name: Brooke VanHest
Email: Send Email
Organization: Panorays
Website: https://www.panorays.com/

Release ID: 89152200

In case of identifying any problems, concerns, or inaccuracies in the content shared in this press release, or if a press release needs to be taken down, we urge you to notify us immediately by contacting error@releasecontact.com (it is important to note that this email is the authorized channel for such matters, sending multiple emails to multiple addresses does not necessarily help expedite your request). Our dedicated team will be readily accessible to address your concerns and take swift action within 8 hours to rectify any issues identified or assist with the removal process. We are committed to delivering high-quality content and ensuring accuracy for our valued readers.