Selecting Secure Third-Party Vendors is crucial as hackers are targeting third-party vendors to gain access to bigger companies' sensitive data. Companies rely on third-party vendors for critical functions like payroll, IT infrastructure, and software development, which can pose physical or cybersecurity risks that could result in data breaches or product corruption. To manage risk and ensure third-party vendors have been properly vetted, establishing a tiered assessment system is necessary. The tiers of risk include Tier 1 (high-risk), Tier 2 (moderate-risk), Tier 3 (low-risk), and Tier 4 (no-risk). For high- and moderate-risk vendors, thorough security assessments are required, including research, background checks, and reviewing security controls in place. Continuous monitoring is also necessary to ensure the vendor's security posture remains strong over time. Creating trustworthy, long-term relationships with third-party vendors requires a shared responsibility for securing data, and companies should prioritize their investments of time and money to review and vet vendors who could have the largest impact on the company in case of a security breach.