Cyberstats

Security Intelligence

VendorsMitratech

Mitratech

Cybersecurity reports and statistics published by Mitratech

2 categories1 reports

Research Reports

Reports and publications from Mitratech

2025 Annual Third-Party Risk Management Study

Recent Statistics & Reports

As a result of TPRM teams being understaffed, organisations are only managing about 40% of their vendor population.

Nearly half (approximately 50%) of programmes cite departmental silos as a major barrier.

Fewer than 25% of TPRM programmes are "highly coordinated".

65% of TPRM programmes are exploring AI capabilities.

While 60% of organisations feel manual risk management tools meet basic needs, only 29% can determine risk at every stage of the vendor lifecycle using these tools.

Nearly 70% of Third-Party Risk Management (TPRM) teams report being understaffed.

While 60% of organisations feel manual risk management tools meet basic needs, just 15% feel prepared to respond to third-party incidents.

There is an almost 30% gap between existing and ideal team sizes in TPRM.

While 60% of organisations feel manual risk management tools meet basic needs, only 29% can determine risk at every stage of the vendor lifecycle using these tools.

The presence of compliance teams in TPRM jumped from 42% in 2023 to 88% in 2025.

79% of organizations have expanded their risk management oversight to include data privacy.

70% of companies now actively monitor compliance as part of their risk surveillance.

64% of risk teams track business continuity to understand interdependent risk dynamics.

85% of risk managers identify cybersecurity as their most heavily monitored risk.

41% of organisations still rely on spreadsheets to assess third parties.

14% of TPRM programmes actively use Artificial Intelligence (AI).

Only 12% of TPRM programs now cite a lack of AI strategy as a barrier, which is a significant decrease from 49% in 2024.

Top Categories

Related Vendors

Nagomi Security