CSTI
    breachThe Commercial Era (2020-present) Daily Briefing

    CISOs Shift to Integrated Platforms Amid Rising Third-Party Risks

    Friday, September 19, 2025

    CISOs Shift to Integrated Platforms Amid Rising Third-Party Risks

    On September 19, 2025, the cybersecurity landscape revealed critical insights as Chief Information Security Officers (CISOs) increasingly turn to integrated cybersecurity platforms to manage their security tools more effectively. According to recent research, about 70% of CISOs are consolidating their security tools to combat budget constraints and the complexities of managing multiple standalone systems. This strategic pivot aims to enhance efficiency and reduce costs while addressing the growing challenges of cyber threats.

    In a concerning parallel, the risks posed by third-party providers are more pronounced than ever. A notable breach at Volvo, attributed to ransomware targeting its HR software provider, compromised personal information of approximately 870,000 employees and clients. This incident underscores the vulnerabilities inherent in third-party ecosystems, emphasizing the need for organizations to scrutinize their vendor relationships closely.

    Also In Security Today

    • Risks from Third-Party Providers: Recent data breaches have highlighted the growing trend of attackers exploiting vulnerabilities in third-party ecosystems. The breach at Volvo, linked to its HR software provider, affected around 870,000 individuals. Read more.
    • Zero-Day Vulnerabilities and Patching Urgency: CISA has issued warnings regarding urgent vulnerabilities in Ivanti’s Endpoint Manager Mobile (EPMM). Organizations are advised to apply patches immediately to prevent unauthorized access and potential data breaches. More details here.
    • Emerging Ransomware Threats: A recent ransomware attack has impacted various sectors, indicating a shift in how attackers target integrated software solutions rather than individual systems. Learn more.

    Analyst's Take

    Today's developments reflect a crucial shift in cybersecurity strategy, as CISOs recognize the need for integrated platforms to cope with increasing threats and operational complexities. The breach at Volvo serves as a stark reminder of the vulnerabilities associated with third-party vendors. Security teams must prioritize vendor risk management and adopt comprehensive patching strategies, especially for critical vulnerabilities like those in Ivanti's EPMM. As attackers evolve their tactics, the consolidation of security tools may provide a more resilient defense against increasingly sophisticated threats.

    Sources

    CISO integrated platforms ransomware third-party risk patching