Outsourcing has become a valuable tool for legal departments grappling with increasing workloads and decreasing head counts. But while a robust number of outside vendors may be good for productivity, it also increases an organization's cyberattack surface. So it's little surprise that some businesses are trying to reduce the number of outside providers they rely upon.

"I think all of us are facing the financial pressure of companies for privacy and security reasons trying to reduce their number of vendors, not expand them," said Aine Lyons, vice president and deputy general counsel, global legal operations, services and privacy at VMware Inc. told guests during last week's 2021 Virtual ACC Xchange conference. 

But will such moves really impact an organization's cybersecurity posture, or will they just stand in the way of its business? Chris Ballod, an associate managing director in the cyber risk practice of Kroll, argued that, in practicality, cutting back on the number of vendors an organization deploys is a complicated proposition.