The Age of Promises is Over, Vendors Must Now Lead with Evidence-Based Assurances
Digitalisation World interviewed NetSPI’s Director of Services, EMEA, Sam Kirkman, for a March 12, 2026 article exploring why organizations must demand evidence-based assurances from vendors to ensure robust third-party security. Read the preview below or view it online.
+++
In today’s evolving cyber threat landscape, traditional vendor assurances like contracts and periodic audits are no longer sufficient. Sam Kirkman emphasizes the need for vendors to shift from trust-based compliance to evidence-based security, where measurable and continuous validation replaces outdated promises. As AI-accelerated attacks and interconnected systems increase risks, organizations must recognize that vendor vulnerabilities directly impact their own security posture. This shift requires vendors to actively demonstrate their resilience through practices like continuous penetration testing, which not only identifies vulnerabilities but also strengthens customer trust and reduces breach risks.
Kirkman calls on CISOs to lead the charge in demanding proof over promises from vendors. By prioritizing ongoing validation, structured communication, and proactive vulnerability management, organizations can build stronger, more resilient partnerships. In a world where AI weaponization and supply chain attacks are on the rise, confidence in cybersecurity must be earned through sustained demonstration, not static assurances.
You can read the full article here.
Authors:
Explore More News
Proof Over Promises: A New Doctrine for Cybersecurity
As cyberattacks grow in frequency and sophistication, traditional assurances like contracts and certifications are no longer sufficient. Instead, vendors must actively demonstrate their security resilience through measurable and continuous validation, such as penetration testing. This proactive approach not only strengthens vendor-customer relationships but also mitigates risks in an increasingly interconnected and vulnerable digital landscape.
NetSPI Redefines Pentesting with New User Experience
NetSPI, the global leader in modern penetration testing, today announced a new, modern user experience for the NetSPI platform, reimagining what penetration testing should feel like for today’s enterprise: focused, fast, and easy.
NetSPI Recognized in the Inaugural Proactive Security Platforms Landscape
NetSPI®, the global leader in modern penetration testing, today announced its inclusion among notable vendors in The Proactive Security Platforms Landscape, Q1 2026 report by Forrester. The overview examines 42 vendors in the proactive security platform market.