{"id":3689872,"date":"2026-04-28T19:42:59","date_gmt":"2026-04-28T23:42:59","guid":{"rendered":"https:\/\/www.pymnts.com\/?p=3689872"},"modified":"2026-04-29T22:53:45","modified_gmt":"2026-04-30T02:53:45","slug":"smart-firms-treat-vendor-risk-like-their-own","status":"publish","type":"post","link":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/","title":{"rendered":"Smart Firms Treat Vendor Risk Like Their Own"},"content":{"rendered":"<p>Artificial intelligence has opened up Pandora\u2019s box for enterprise cybersecurity. And what it found was that the modern enterprise is no longer a closed system. It is a web of dependencies, stitched together by software vendors, cloud providers, and outsourced engineering partners.<\/p><div\r\n\tid=\"article-paywall-overlay\"\r\n\tclass=\"d-none\"\r\n>\r\n\t<div id=\"article-paywall-content\" class=\"my-4\">\r\n\t\t\n<div class=\"wpcf7 no-js\" id=\"wpcf7-f2699550-o1\" lang=\"en-US\" dir=\"ltr\" data-wpcf7-id=\"2699550\">\n<div class=\"screen-reader-response\"><p role=\"status\" aria-live=\"polite\" aria-atomic=\"true\"><\/p> <ul><\/ul><\/div>\n<form action=\"\/wp-json\/wp\/v2\/posts\/3689872#wpcf7-f2699550-o1\" method=\"post\" class=\"wpcf7-form init pymnts-article-paywall-form\" aria-label=\"Contact form\" novalidate=\"novalidate\" data-status=\"init\">\n<fieldset class=\"hidden-fields-container\"><input type=\"hidden\" name=\"_wpcf7\" value=\"2699550\" \/><input type=\"hidden\" name=\"_wpcf7_version\" value=\"6.1.5\" \/><input type=\"hidden\" name=\"_wpcf7_locale\" value=\"en_US\" \/><input type=\"hidden\" name=\"_wpcf7_unit_tag\" value=\"wpcf7-f2699550-o1\" \/><input type=\"hidden\" name=\"_wpcf7_container_post\" value=\"0\" \/><input type=\"hidden\" name=\"_wpcf7_posted_data_hash\" value=\"\" \/><input type=\"hidden\" name=\"_wpcf7_recaptcha_response\" value=\"\" \/>\n<\/fieldset>\n<div class=\"free-articles-prompt-intro\">\n\t<h2 class=\"mb-2\">Get the Full Story\n\t<\/h2>\n\t<p class=\"mb-4\">Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content \u2014 no additional logins required.\n\t<\/p>\n\t<div id='registrationContainer' class='container px-0'>\n\t\t<div class=\"row\">\n\t\t\t<div class=\"col-12 col-md-6\">\n\t\t\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"firstName\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-text wpcf7-validates-as-required form-control border-secondary\" id=\"firstName\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"First Name*\" value=\"\" type=\"text\" name=\"firstName\" \/><\/span>\n\t\t\t\t<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12 col-md-6\">\n\t\t\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"lastName\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-text wpcf7-validates-as-required form-control border-secondary\" id=\"lastName\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Last Name*\" value=\"\" type=\"text\" name=\"lastName\" \/><\/span>\n\t\t\t\t<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12 col-md-6\">\n\t\t\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"YourTitle\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-text wpcf7-validates-as-required form-control border-secondary\" id=\"inputTitle\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Title*\" value=\"\" type=\"text\" name=\"YourTitle\" \/><\/span>\n\t\t\t\t<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12 col-md-6\">\n\t\t\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"YourCompany\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-text wpcf7-validates-as-required form-control border-secondary\" id=\"inputCompany\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Company*\" value=\"\" type=\"text\" name=\"YourCompany\" \/><\/span>\n\t\t\t\t<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12 col-md-6\">\n\t\t\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"YourEmail\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-email wpcf7-validates-as-required wpcf7-text wpcf7-validates-as-email form-control border-secondary\" id=\"inputEmail\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Email*\" value=\"\" type=\"email\" name=\"YourEmail\" \/><\/span>\n\t\t\t\t<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12 col-md-6\">\n\t\t\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"YourCountry\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-text wpcf7-validates-as-required form-control border-secondary\" id=\"inputCountry\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Country*\" value=\"\" type=\"text\" name=\"YourCountry\" \/><\/span>\n\t\t\t\t<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12 col-md-6\">\n\t\t\t<input class=\"wpcf7-form-control wpcf7-hidden\" id=\"inputEmailHidden\" value=\"\" type=\"hidden\" name=\"yourName\" \/>\n\t\t\t<input class=\"wpcf7-form-control wpcf7-hidden\" value=\"\" type=\"hidden\" name=\"email\" \/>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12\">\n\t\t\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"newsLetterChoice\"><span class=\"wpcf7-form-control wpcf7-checkbox me-1\" id=\"checkNewsletter\"><span class=\"wpcf7-list-item first last\"><input type=\"checkbox\" name=\"newsLetterChoice[]\" value=\"yes\" checked=\"checked\" \/><span class=\"wpcf7-list-item-label\">yes<\/span><\/span><\/span><\/span><span class=\"small\">Subscribe to our daily newsletter, PYMNTS Today.<\/span>\n\t\t\t\t<\/p>\n\t\t\t\t<p class=\"small lh-base\" style=\"font-size:.9rem;\">By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our <a class=\"fw-bold\" href=\"https:\/\/pymnts-com-develop.go-vip.net\/privacy-policy\/\">Privacy Policy<\/a> and <a class=\"fw-bold\" href=\"https:\/\/pymnts-com-develop.go-vip.net\/terms-conditions\/\">Terms and Conditions<\/a>.\n\t\t\t\t<\/p>\n\t\t\t\t<p><input id='hiddenPath' type='hidden' name='path' value='' \/><input type='hidden' name='userDeviceId' id='userDeviceId' \/><input type='hidden' name='pageTitle' id='pageTitle' \/>\n\t\t\t\t<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"col-12\">\n\t\t\t\t<div id='formButtonRow' class='container mt-1 px-0'>\n\t\t\t\t\t<p><input class=\"wpcf7-form-control wpcf7-submit has-spinner btn btn-dark text-uppercase py-2 px-5 small\" id=\"theSubmitButton\" type=\"submit\" value=\"Submit\" \/>\n\t\t\t\t\t<\/p>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\t<\/div>\n<\/div><input type=\"hidden\" name=\"post_id\" value=\"3689872\" \/><input type=\"hidden\" name=\"source\" value=\"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/\" \/><p style=\"display: none !important;\" class=\"akismet-fields-container\" data-prefix=\"_wpcf7_ak_\"><label>&#916;<textarea name=\"_wpcf7_ak_hp_textarea\" cols=\"45\" rows=\"8\" maxlength=\"100\"><\/textarea><\/label><input type=\"hidden\" id=\"ak_js_1\" name=\"_wpcf7_ak_js\" value=\"173\"\/><script>document.getElementById( \"ak_js_1\" ).setAttribute( \"value\", ( new Date() ).getTime() );<\/script><\/p><div class=\"wpcf7-response-output\" aria-hidden=\"true\"><\/div>\n<\/form>\n<\/div>\n\r\n\t<\/div>\r\n<\/div>\r\n<div id=\"article-paywall-hidden-content\">\r\n\t\n<p>Increasingly, this means the <a href=\"https:\/\/www.pymnts.com\/cybersecurity\/2026\/the-cyber-insecurity-list-why-hackers-are-logging-in-not-breaking-in\/\">weakest link<\/a> isn\u2019t one that\u2019s found inside the organization at all but instead resides across the long tail of third-party software that keeps operations running. That may be old news to some in the C-suite, but what\u2019s new news is how fast latent vulnerabilities across a corporate supply chain can be surfaced, thanks in large part to emerging frontier AI models, like both Anthropic\u2019s Mythos and OpenAI\u2019s <a href=\"https:\/\/www.pymnts.com\/artificial-intelligence-2\/2026\/openai-begins-briefing-governments-on-cybersecurity-capabilities\/\">GPT 5.4 cyber model<\/a>, and their <a href=\"https:\/\/www.pymnts.com\/artificial-intelligence-2\/2026\/ai-is-cracking-open-banking-before-quantum-gets-the-chance\/\">user-agnostic capabilities<\/a> for cyber exploitation.<\/p>\n<p>In response to today\u2019s dynamic and evolving threat landscape, Microsoft\u00a0<a href=\"https:\/\/krebsonsecurity.com\/2026\/04\/patch-tuesday-april-2026-edition\/\">recently<\/a> (April 14) patched over 167 existing security vulnerabilities in its\u00a0Windows\u00a0operating systems and related software with new updates.<\/p>\n<p>Vulnerabilities that might once have lingered undetected for months are now surfaced in days, sometimes hours. In parallel, attackers are becoming more opportunistic, scanning not just primary targets but their extended ecosystems for entry points.<\/p>\n<p>But in a world of interconnected systems, patch discipline is only as strong as the weakest vendor.<\/p>\n<p><strong>See also:<\/strong> <a href=\"https:\/\/www.pymnts.com\/artificial-intelligence-2\/2026\/what-ai-driven-attack-chains-mean-for-cfos-and-cisos\/\">What AI-Driven Attack Chains Mean for CFOs and CISOs<\/a><strong>\u00a0<\/strong><\/p><div id=\"pymnt-40280584\" class=\"pymnt-content pymnt-entity-placement\" style=\"margin-top: 50px;\"><p style=\"text-align:center\">Advertisement: Scroll to Continue<\/p><script async type=\"text\/javascript\" id=\"dianomi_context_script\" src=\"https:\/\/www.dianomi.com\/js\/contextfeed.js\"><\/script> \r\n<div class=\"dianomi_context\" data-dianomi-context-id=\"4329\"><\/div><\/div>\n<h2>Race to Protect Soft Spots AI Unearths<\/h2>\n<p>Cybersecurity has always been described as a moving target. What distinguishes the current moment is how quickly yesterday\u2019s best practices are becoming today\u2019s minimum requirements. Patch discipline, vendor audits, and incident response planning are no longer differentiators; they are table stakes.<\/p>\n<p>PYMNTS covered Monday (April 27) how hackers have <a href=\"https:\/\/www.pymnts.com\/news\/security-and-risk\/2026\/hackers-pose-as-microsoft-support-to-breach-corporate-defenses\/\">reportedly<\/a> begun impersonating\u00a0<a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-teams\/log-in\">Microsoft Teams<\/a>\u00a0help desk workers to dupe victims into installing data-stealing malware. These attacks are part of a larger trend PYMNTS covered last week, one that sees\u00a0<a href=\"https:\/\/www.pymnts.com\/cybersecurity\/2026\/the-cyber-insecurity-list-why-hackers-are-logging-in-not-breaking-in\/https:\/www.pymnts.com\/cybersecurity\/2026\/the-cyber-insecurity-list-why-hackers-are-logging-in-not-breaking-in\">hackers<\/a>\u00a0\u201clogging in\u201d\u00a0rather than breaking in.<\/p>\n<p>The result is a paradox: even as internal defenses improve, overall risk can increase because the attack surface has expanded beyond direct control. A vendor\u2019s delayed patch cycle or misconfigured system can become the enterprise\u2019s problem overnight.<\/p>\n<p>For CFOs, this introduces a category of risk that is both material and difficult to quantify. Unlike traditional operational risks, third-party vulnerabilities are often opaque, buried in contractual relationships that may have been primarily negotiated for cost efficiency or speed rather than cyber resilience.<\/p>\n<p>The\u00a0<a href=\"https:\/\/www.pymnts.com\/pymnts-intelligence\/\">PYMNTS Intelligence<\/a>\u00a0report \u201c<a href=\"https:\/\/www.pymnts.com\/study_posts\/vendors-and-vulnerabilities-the-cyberattack-squeeze-on-mid-market-firms\/\">Vendors and Vulnerabilities: The Cyberattack Squeeze on Mid-Market Firms<\/a>\u201d found that hackers are increasingly\u00a0going after\u00a0<a href=\"https:\/\/www.pymnts.com\/cybersecurity\/2025\/when-partners-become-cybersecurity-risks\/\">middle market firms<\/a>, which\u00a0depend\u00a0on third-party cloud providers, software-as-a-service platforms, managed service and logistics providers, which can leave them vulnerable to attack.<\/p>\n<p>As a result, the predictable rhythms of enterprise IT maintenance are increasingly misaligned with the pace of modern threats. Vulnerabilities disclosed today can be weaponized tomorrow. If a vendor takes weeks to deploy a fix, that lag becomes a window of exposure not just for them, but for every client connected to their systems.<\/p>\n<p><strong>See also<\/strong>: <a href=\"https:\/\/www.pymnts.com\/cfo\/2026\/how-cfos-can-overcome-the-illusion-of-enterprise-risk-alignment\/\">FBI Warns: Internal Risk May Outpace Cyber Threats<\/a><strong>\u00a0<\/strong><\/p>\n<h2>New Cybersecurity Table Stakes<\/h2>\n<p>Third-party risk is no longer a niche compliance concern. It is becoming the frontline of defense.<\/p>\n<p>As cybersecurity becomes more intertwined with enterprise value, the CFO\u2019s role is expanding. This does not mean becoming a technical expert. It does mean asking sharper questions. How quickly do our critical vendors patch known vulnerabilities? What visibility do we have into their security practices? How are we prioritizing investments in vendor risk management relative to other initiatives?<\/p>\n<p>Data, in this environment, is becoming critical to powering real-time visibility. CFOs can embrace strategies such as automated scanning, continuous monitoring, and predictive analytics to provide a more dynamic view of a partner\u2019s security posture.<\/p>\n<p>\u201cThe lagging organizations <a href=\"https:\/\/www.pymnts.com\/news\/payments-innovation\/2026\/galileo-says-modern-fraud-has-outgrown-static-rules\/\">treat the data<\/a> as a storage problem while the leading organizations actually treat it as a decisioning system,\u201d <a href=\"https:\/\/www.linkedin.com\/in\/maximspv\/\">Max Spivakovsky<\/a>, senior director of global payments risk management at\u00a0<a href=\"https:\/\/www.galileo-ft.com\/\">Galileo<\/a>,\u00a0told PYMNTS in an interview posted this month for the \u201c<a href=\"https:\/\/www.pymnts.com\/tag\/whatsnextinpaymentsseries\/\">What\u2019s Next in Payments<\/a>\u201d series.<\/p>\n<p><strong>See also:\u00a0<\/strong><a href=\"https:\/\/www.pymnts.com\/cybersecurity\/2026\/cybersecuritys-hottest-new-job-is-negotiating-with-hackers\/\">Cybersecurity\u2019s Hottest New Job Is Negotiating With Hackers<\/a><\/p>\n<p>But perhaps the most profound shift is a conceptual one. Third-party risk management is moving from a periodic, compliance-driven exercise to a continuous process. Annual audits and questionnaires are no longer sufficient in a landscape where vulnerabilities can emerge and evolve rapidly.<\/p>\n<p>After all, AI isn\u2019t the only vulnerability high-value enterprise firms and institutions are facing. In other cybersecurity news, PYMNTS wrote earlier about the way\u00a0<a href=\"https:\/\/www.pymnts.com\/cybersecurity\/2026\/big-tech-races-to-quantum-safety-as-cyber-threat-clock-ticks-down\/\">Quantum Day<\/a>\u00a0\u2014 the moment when commercially available quantum computers can crack widely used cryptographic systems \u2014 has ceased being a distant hypothetical.<\/p>\n<p>\u201cAs a result of the shrinking strategic horizon, what was once a theoretical, deep-tech risk is instead now being operationalized into present-day procurement decisions, product roadmaps and compliance mandates,\u201d that report said.<\/p>\n\r\n<\/div>\r\n<script>\r\n\twindow.pymntsAllowedArticleCount = 2;\r\n\twindow.pymntsPostID = 3689872;\r\n<\/script>","protected":false},"excerpt":{"rendered":"<p>Artificial intelligence has opened up Pandora\u2019s box for enterprise cybersecurity. And what it found was that the modern enterprise is no longer a closed system. It is a web of dependencies, stitched together by software vendors, cloud providers, and outsourced engineering partners. Get the Full Story Complete the form to unlock this article and enjoy [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3689892,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[66499],"tags":[4055,9617,11087,9044,168348,9206,133069,20898],"class_list":["post-3689872","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-b2b","tag-b2b-payments","tag-cyber-risk","tag-cyberfraud","tag-mythos","tag-news","tag-pymnts-news","tag-vendors"],"acf":{"suggested_titles":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.2 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Smart Firms Treat Vendor Risk Like Their Own<\/title>\n<meta name=\"description\" content=\"CFOs and CISOs are embracing a real-time, data-driven playbook as third-party cybersecurity weakness are appearing fast.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Smart Firms Treat Vendor Risk Like Their Own | PYMNTS.com\" \/>\n<meta property=\"og:description\" content=\"Artificial intelligence has opened up Pandora\u2019s box for enterprise cybersecurity. And what it found was that the modern enterprise is no longer a closed\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/\" \/>\n<meta property=\"og:site_name\" content=\"PYMNTS.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/pymnts\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/pymnts\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-28T23:42:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-30T02:53:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pymnts.com\/wp-content\/uploads\/2026\/04\/third-party-cyber-risk1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"PYMNTS\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@pymnts\" \/>\n<meta name=\"twitter:site\" content=\"@pymnts\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/\"},\"author\":{\"name\":\"PYMNTS\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#\\\/schema\\\/person\\\/9f0152ca483ca33a5d8121739eadfe4b\"},\"headline\":\"Smart Firms Treat Vendor Risk Like Their Own\",\"datePublished\":\"2026-04-28T23:42:59+00:00\",\"dateModified\":\"2026-04-30T02:53:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/\"},\"wordCount\":807,\"publisher\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pymnts.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/third-party-cyber-risk1.jpg\",\"keywords\":[\"B2B\",\"B2B Payments\",\"Cyber Risk\",\"Cyberfraud\",\"Mythos\",\"News\",\"PYMNTS News\",\"vendors\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2026\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/\",\"url\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/\",\"name\":\"Smart Firms Treat Vendor Risk Like Their Own\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pymnts.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/third-party-cyber-risk1.jpg\",\"datePublished\":\"2026-04-28T23:42:59+00:00\",\"dateModified\":\"2026-04-30T02:53:45+00:00\",\"description\":\"CFOs and CISOs are embracing a real-time, data-driven playbook as third-party cybersecurity weakness are appearing fast.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.pymnts.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/third-party-cyber-risk1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.pymnts.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/third-party-cyber-risk1.jpg\",\"width\":1200,\"height\":720,\"caption\":\"third party cyber risk\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/cybersecurity\\\/2026\\\/smart-firms-treat-vendor-risk-like-their-own\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pymnts.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Smart Firms Treat Vendor Risk Like Their Own\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#website\",\"url\":\"https:\\\/\\\/www.pymnts.com\\\/\",\"name\":\"PYMNTS.com\",\"description\":\"The latest global news and analysis in payments, retail, fintech, financial services and the digital economy.\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pymnts.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#organization\",\"name\":\"PYMNTS\",\"url\":\"https:\\\/\\\/www.pymnts.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.pymnts.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/PYMNTS_2023_logo_black-1.png\",\"contentUrl\":\"https:\\\/\\\/www.pymnts.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/PYMNTS_2023_logo_black-1.png\",\"width\":3329,\"height\":687,\"caption\":\"PYMNTS\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/pymnts\\\/\",\"https:\\\/\\\/x.com\\\/pymnts\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pymnts.com\\\/#\\\/schema\\\/person\\\/9f0152ca483ca33a5d8121739eadfe4b\",\"name\":\"PYMNTS\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/679fcf5c2ed5358e99e8e23b22e3b5d761e37bdb76fa7b0e13d8ecd9ff01bf88?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/679fcf5c2ed5358e99e8e23b22e3b5d761e37bdb76fa7b0e13d8ecd9ff01bf88?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/679fcf5c2ed5358e99e8e23b22e3b5d761e37bdb76fa7b0e13d8ecd9ff01bf88?s=96&d=blank&r=g\",\"caption\":\"PYMNTS\"},\"description\":\"The latest global news and analysis in payments, retail, fintech, financial services and the digital economy.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/pymnts\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/pymnts-com\",\"https:\\\/\\\/x.com\\\/pymnts\"],\"url\":\"https:\\\/\\\/www.pymnts.com\\\/author\\\/pymnts\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Smart Firms Treat Vendor Risk Like Their Own","description":"CFOs and CISOs are embracing a real-time, data-driven playbook as third-party cybersecurity weakness are appearing fast.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/","og_locale":"en_US","og_type":"article","og_title":"Smart Firms Treat Vendor Risk Like Their Own | PYMNTS.com","og_description":"Artificial intelligence has opened up Pandora\u2019s box for enterprise cybersecurity. And what it found was that the modern enterprise is no longer a closed","og_url":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/","og_site_name":"PYMNTS.com","article_publisher":"https:\/\/www.facebook.com\/pymnts\/","article_author":"https:\/\/www.facebook.com\/pymnts","article_published_time":"2026-04-28T23:42:59+00:00","article_modified_time":"2026-04-30T02:53:45+00:00","og_image":[{"width":1200,"height":720,"url":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2026\/04\/third-party-cyber-risk1.jpg","type":"image\/jpeg"}],"author":"PYMNTS","twitter_card":"summary_large_image","twitter_creator":"@pymnts","twitter_site":"@pymnts","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/#article","isPartOf":{"@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/"},"author":{"name":"PYMNTS","@id":"https:\/\/www.pymnts.com\/#\/schema\/person\/9f0152ca483ca33a5d8121739eadfe4b"},"headline":"Smart Firms Treat Vendor Risk Like Their Own","datePublished":"2026-04-28T23:42:59+00:00","dateModified":"2026-04-30T02:53:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/"},"wordCount":807,"publisher":{"@id":"https:\/\/www.pymnts.com\/#organization"},"image":{"@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2026\/04\/third-party-cyber-risk1.jpg","keywords":["B2B","B2B Payments","Cyber Risk","Cyberfraud","Mythos","News","PYMNTS News","vendors"],"articleSection":["Cybersecurity"],"inLanguage":"en-US","copyrightYear":"2026","copyrightHolder":{"@id":"https:\/\/www.pymnts.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/","url":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/","name":"Smart Firms Treat Vendor Risk Like Their Own","isPartOf":{"@id":"https:\/\/www.pymnts.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/#primaryimage"},"image":{"@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2026\/04\/third-party-cyber-risk1.jpg","datePublished":"2026-04-28T23:42:59+00:00","dateModified":"2026-04-30T02:53:45+00:00","description":"CFOs and CISOs are embracing a real-time, data-driven playbook as third-party cybersecurity weakness are appearing fast.","breadcrumb":{"@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/#primaryimage","url":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2026\/04\/third-party-cyber-risk1.jpg","contentUrl":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2026\/04\/third-party-cyber-risk1.jpg","width":1200,"height":720,"caption":"third party cyber risk"},{"@type":"BreadcrumbList","@id":"https:\/\/www.pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pymnts.com\/"},{"@type":"ListItem","position":2,"name":"Smart Firms Treat Vendor Risk Like Their Own"}]},{"@type":"WebSite","@id":"https:\/\/www.pymnts.com\/#website","url":"https:\/\/www.pymnts.com\/","name":"PYMNTS.com","description":"The latest global news and analysis in payments, retail, fintech, financial services and the digital economy.","publisher":{"@id":"https:\/\/www.pymnts.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pymnts.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pymnts.com\/#organization","name":"PYMNTS","url":"https:\/\/www.pymnts.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pymnts.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2023\/05\/PYMNTS_2023_logo_black-1.png","contentUrl":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2023\/05\/PYMNTS_2023_logo_black-1.png","width":3329,"height":687,"caption":"PYMNTS"},"image":{"@id":"https:\/\/www.pymnts.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/pymnts\/","https:\/\/x.com\/pymnts"]},{"@type":"Person","@id":"https:\/\/www.pymnts.com\/#\/schema\/person\/9f0152ca483ca33a5d8121739eadfe4b","name":"PYMNTS","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/679fcf5c2ed5358e99e8e23b22e3b5d761e37bdb76fa7b0e13d8ecd9ff01bf88?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/679fcf5c2ed5358e99e8e23b22e3b5d761e37bdb76fa7b0e13d8ecd9ff01bf88?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/679fcf5c2ed5358e99e8e23b22e3b5d761e37bdb76fa7b0e13d8ecd9ff01bf88?s=96&d=blank&r=g","caption":"PYMNTS"},"description":"The latest global news and analysis in payments, retail, fintech, financial services and the digital economy.","sameAs":["https:\/\/www.facebook.com\/pymnts","https:\/\/www.linkedin.com\/company\/pymnts-com","https:\/\/x.com\/pymnts"],"url":"https:\/\/www.pymnts.com\/author\/pymnts\/"}]}},"parsely":{"version":"1.1.0","canonical_url":"https:\/\/pymnts.com\/cybersecurity\/2026\/smart-firms-treat-vendor-risk-like-their-own\/","smart_links":{"inbound":0,"outbound":0},"traffic_boost_suggestions_count":0,"meta":[],"rendered":"","tracker_url":"https:\/\/cdn.parsely.com\/keys\/pymnts.com\/p.js"},"jetpack_featured_media_url":"https:\/\/www.pymnts.com\/wp-content\/uploads\/2026\/04\/third-party-cyber-risk1.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/posts\/3689872","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/comments?post=3689872"}],"version-history":[{"count":3,"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/posts\/3689872\/revisions"}],"predecessor-version":[{"id":3689893,"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/posts\/3689872\/revisions\/3689893"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/media\/3689892"}],"wp:attachment":[{"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/media?parent=3689872"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/categories?post=3689872"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pymnts.com\/wp-json\/wp\/v2\/tags?post=3689872"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}