With third-party-sourced breaches regularly making the headlines, most companies have become aware of the risks created by this extended attack surface - often because they have been victims themselves. By following the right path, security and risk leaders can feel confident in their approach to managing the cyber risk posed by third parties.