Any organization that’s actively working on managing its cybersecurity risk can’t ignore the risk that goes with third-party vendors having access to its critical systems and customer data.

“Up until today, organizations of all sizes have had to design and implement their own security baselines for vendors that align with their risk posture. Unfortunately, this creates an impossible situation for vendors and organizations alike as they try to accommodate thousands of different requirements,” says Royal Hansen, VP of security at Google.