Navigating third‑party data breaches now defines modern risk management for data controllers. Decision makers cannot treat these incidents as rare edge cas