Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


Cloud Service Provider Breach: Lessons Learned From the Snowflake Attack

6 min read
Featured Image

If your organization relies on a cloud service provider (CSP), the recent Snowflake data breach has likely created significant concern. As many as 165 Snowflake customers have been impacted by the data breach, which may include hundreds of millions of personal records. Even if your organization wasn’t directly impacted by the breach, it’s important to take note of the incident and consider whether your third-party risk management (TPRM) program is prepared to respond. This involves ensuring that your third-party CSPs are following best practices to keep data safe and secure.

Take this opportunity to learn about the Snowflake breach and determine its impact on your organization. Regardless of the impact, your organization can take away some important lessons that can strengthen your TPRM program and protect against future incidents. 

Cloud Service Provider Breach: What We Know About the Snowflake Attack

Snowflake noted unauthorized activity in some of its customers’ accounts in late May, though it was determined that the attack began in mid-April. Cybercriminals have since begun demanding ransom, ranging from hundreds of thousands to millions of dollars. While investigating the incident, Snowflake said the incident didn’t appear to be a breach of their system, nor was it caused by vulnerability or misconfiguration.

Instead, researchers investigating the incident noted that the organizations impacted didn’t have multi-factor authentication (MFA) turned on for their Snowflake accounts. Cybercriminals targeted those accounts and leveraged stolen credentials with info stealing malware. In response to the breach, Snowflake encouraged its customers to implement multi-factor authentication (MFA) to protect their accounts, which will eventually be applied as the default option. 

cloud service provider breach lessons learned snowflake attack

5 Third-Party Risk Management Lessons from the Snowflake Data Breach

Whether your organization was impacted by the breach or not, it offers important lessons that you can implement into your TPRM program. Many organizations rely on CSPs to store vast amounts of data, so it’s crucial to ensure the data remains safe and secure. You should also ensure that you’re appropriately assessing inherent risk and performing due diligence and ongoing monitoring to mitigate the identified risk. 

Here are some lessons to take away from the Snowflake breach:

  • Enable MFA on all accounts – The Snowflake breach impacted organizations that lacked certain security controls like multi-factor authentication for remote access and network policies. Your organization should require these controls be implemented by any third parties that have access to your data, as well as within your own environment. 
  • Perform periodic data mapping – Although CSPs offer more efficient and convenient options for data storage, it’s important to document the volume and types of data that’s involved. Data mapping will help your organization understand what types of data your CSP is storing, which can give more insight into the impact of a cyber incident. Also consider data mapping within your vendor inventories. This assists in ensuring you understand what data is held, by who, and how the data flows between systems and vendors. 
  • Manage data access – The principle of least privilege is an important cybersecurity element, as it ensures users don’t access more data than what is necessary to perform their functions. Requiring access request and multi-level approvals across your third-party platforms can help keep data secure.
  • Develop and test an incident response plan – The Snowflake breach serves as a reminder that your organization needs to be prepared for when, not if a third-party incident occurs. Most cybersecurity experts will agree that data breaches are inevitable, whether they impact your organization directly or indirectly through a third or fourth party. Developing and testing an incident response plan that includes third-party data breaches can help your organization be better prepared to detect, respond, and resolve incidents, while also notifying your customers of the impact. 
  • Continuously monitor third partiesOngoing monitoring is an essential TPRM activity, especially for cloud service providers that have access to your data. Consider developing specific metrics for CSPs such as key risk indicators (KRIs) and key performance indicators (KPIs). Monitoring these metrics can help identify issues that may increase the likelihood of a data breach.
  • Assess cybersecurity practices – As part of your initial and periodic due diligence, make sure to assess your CSP’s cybersecurity practices, including security awareness training for employees and contractors, vulnerability management, and policies that govern the organization’s stance on implementing security controls. Security training, access management policies, social engineering testing, and more can help ensure that your CSP has appropriate controls in place to protect your data. 

4 Immediate Steps After a Cloud Service Provider Breach 

The scope of the Snowflake data breach is widespread and many organizations may still not know whether they were impacted. However, it’s essential not to take a “wait and see” approach when it comes to responding to a CSP data breach. A proactive response can help identify the impact more quickly, allowing your organization to take the necessary steps to protect your data.

Here are some suggested steps to take after a CSP data breach:

  • Communicate with the CSP – If your organization was directly impacted, communicate with the CSP about the scope of the breach to ensure you have relevant information to notify customers, regulators, and law enforcement, as needed. Also make sure to implement any security recommendations the third party provides, such as stronger user authentication procedures using multi-factor authentication (MFA). 
  • Identify any exposure – Your organization may not have been directly impacted by the CSP breach, but that doesn’t mean you haven’t been exposed. Consider all the third parties, fourth parties, and nth parties that are included in your vendor ecosystem and may have been impacted in the breach. Although you have limited oversight in your fourth and nth parties, it’s important to identify any exposure within your critical and high-risk vendors and verify that they’re meeting their contractual data breach notification requirements
  • Review your incident response plan and security protocols – Regardless of the breach impact or exposure, it’s important to evaluate your internal incident response plan and security protocols. Plans should be up to date, with clearly defined roles and responsibilities so your organization is prepared to take any next steps. Security protocols such as employee training and testing should also be reviewed and updated, as needed. 
  • Increase ongoing monitoring – Any vendors that were impacted in the breach should be monitored and re-assessed more frequently to identify any performance or risk issues that may need to be addressed. Additionally, your organization should continue monitoring its own system for any unusual activity that may have resulted from the breach. This is especially critical with vendors who have access to your infrastructure or have software installed within your infrastructure, with the SolarWinds attack of 2020 being a great example.

The Snowflake data breach will likely be remembered in the months and years to come, but won’t be the last cloud service provider breach to make headlines. Learning from each new incident that occurs and prioritizing a robust TPRM program with cybersecurity controls can help lessen the impact of future third-party data breaches. 

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo