REQUEST A DEMO

Blog

Missing the point? Should cyber insurance cover GDPR fines?

Should cyber insurance cover GDPR fines? I see the interesting debate around whether GDPR fines should be covered within corporate cyber insurance policies has raised its head again. See Law360’s GDPR Fines May Be Uninsurable, Broker Warns and Are GDPR Fines Insurable? UK Watchdog Won’t Say With increasing regulation and scrutiny placed on organisations and…

LEARN MORE

Expect the Unexpected: 5 Keys to Managing Third Party GDPR Risk

Expect the Unexpected: 5 Keys to Managing Third Party GDPR Risk As the European Union’s (EU’s) General Data Protection Regulation (GDPR) May 25 effective date approached this spring, its sweeping compliance requirements socked companies with major surprises. The regulation’s global jurisdictional reach, EU-specific definition of “sensitive data,” steep penalties, hefty compliance costs, and applicability to…

LEARN MORE

3rd Party Vendor Breach Leaves Thousands of “Vulnerable People” at Risk

A security incident at The Pennsylvania Department of Corrections has compromised the personal information of a seemingly “vulnerable population” Recently, Accreditation, Audit, and Risk Management Security LLC, an online systems vendor for the Pennsylvania Department of Corrections, suffered a data breach that exposed the Personally Identifiable Information (PII) – including names, Social Security Numbers, medical…

LEARN MORE

Digital Transformation Gives Rise to 3rd Party Vendor Vulnerabilities

3rd party vendor relationships present plenty of opportunities for cybercriminals   Digital transformation is imperative for any business striving to deliver value to customers and remain relevant in fiercely competitive landscapes. Whether moving an existing infrastructure to a cloud platform or incorporating IoT devices and analytics into business models, these technologies enable organisations to increase…

LEARN MORE

Turning the Third Party risk tables – from the Assessor to the Assessed!

Article written by Sean O’Brien CTPRP, Director, DVV Solutions A common question I receive from clients as part of Third Party risk management (TPRM) program development is the best way to manage the inbound requests to complete risk assessments from their own clients. My answer is very simple. “Practice what you preach”. Treat client requests…

LEARN MORE

4th Party Vendor Breach Strikes Again

4th Party Vendor Breach Strikes Again Security can’t be looked at only inside the firewall; it must be accounted for throughout an organization’s entire business network Last week’s Ticketmaster breach is a classic example of the challenges companies face to effectively manage vendor risk.  Very few companies manage their online ticket sales.  That job is left…

LEARN MORE

Mind the (risk intelligence) gap

5 keys to managing Fourth Party cybersecurity risk Author: Sean O’Brien CTPRP, Director, DVV Solutions If GDPR hasn’t raised the stakes and drawn attention to the risks in the data supply chain then maybe nothing will. The mix of media attention, ICO & GDPR guidelines and the messaging produced by GRC solution providers over the…

LEARN MORE

What we learnt from CeFPro Vendor & Third Party Risk EMEA 2018

Key take-aways from CeFPro Vendor and Risk EMEA 2018 Sean O’Brien, Managing Director at DVV Solutions offer his thoughts and ideas on the state of Third Party Risk Management in the UK and Europe, and his key take-aways from CeFPro Vendor & Third Party Risk 2018. I was proud to represent DVV Solutions at the…

LEARN MORE

Industry Interview – GDPR, Late to the Third Party?

Industry Interview with Sean O’Brien, Managing Director, DVV Solutions    Briefing magazine interviews Sean O’Brien to help information security and procurements executives in the Legal sector better understand the operational impact of GDPR and Third Party data processors in the data supply chain. Sean discusses the key issues surrounding GDPR for the Legal IT sector…

LEARN MORE

GDPR Deadline Day – Have you addressed your Third Party Data Processor Risk?

GDPR and Third Party Data Processor Risk   Today sees the biggest change to data protection law in 20 years kick in. The EU General Data Protection Regulation (GDPR). You know the risks. Any breach of Personally Identifiable Information (PII) can result in new penalties of fines of up to 4% of Annual Global Revenue or…

LEARN MORE