Last month, the cybersecurity industry faced its latest major attack through a third-party IT management software company, SolarWinds. This breach reinforces the fragility of not only the software supply chain, but the entire third-party vendor ecosystem. As more information comes to the surface about the true depth and breadth of the breach, it is glaringly…
LEARN MOREAutomating Supply Chain Risk Incident Actions and Response Many companies are increasing risk budgets in response to COVID-19’s wide-scale disruptions in 2020 and expanding their Risk Intelligence programs. Unfortunately, many widely used third-party risk management practices such as point-in-time assessments and one-time health reviews were ineffective as the situation and risks continued to change and…
LEARN MORENew report reveals leaked credentials, legacy systems and vendor vulnerabilities as greatest sources of cyber risk for Credit Unions. Cybersecurity vulnerabilities among credit unions and their vendors create the potential for large financial impacts to the credit union industry, according to the 2021 Third-Party Risk Pulse: Credit Unions and Vendor Ecosystems report released by Black Kite today. The research analysed…
LEARN MOREWith the rollout of vaccination programs, many companies are now putting together their post-pandemic Return to the Workplace (RTW) plans. While executives are busy discussing theories, approaches and concerns for a smooth return to the workplace, I believe there’s something they haven’t spent enough time considering, and that’s the human factor. How do employees feel…
LEARN MOREThe recent Shared Assessments “Taking the Pulse of Nth Parties in a Post-COVID World” webinar brought together a capable panel of risk experts to discuss Nth Party Risk concepts. With close to 100 combined years of experience in the Third Party Risk Management field, speakers included Brad Keller (SVP & CSO, Shared Assessments), Sean O’Brien (Managing Director, DVV Solutions), James…
LEARN MOREIn December 2020, the cybersecurity industry faced its latest attack – SolarWinds. This hack reinforces the frailty of not only the software supply chain but the third-party vendor ecosystem. As more information is uncovered, it is becoming clear that this extensive ecosystem of vendors is the gateway for attackers to move laterally from network-to-network. Tackling…
LEARN MOREGenerate Real Scale & Results in your Third Party Cyber Risk Management Whether it is the availability of resources, time or necessary skills, delivering both assessment and remediation of cyber risk within Third Party Risk Management programs is a constant challenge. Focus is naturally placed on assessing and monitoring higher tier suppliers and more valuable…
LEARN MORESupply chains are critical to business, but the lack of transparency across the links in your chain can lead to unwanted consequences. The Shared Assessments Financial Services Vertical Strategy Group has been discussing how to ensure ethical sourcing and protect for human rights issues in the supply chain. Almost every business walks a fine line between the…
LEARN MORELet’s be honest: SMBs haven’t made the big breach headlines over the past few years. However, when we look at the statistics, the numbers tell a different story. SMBs make a critical portion of these breaches. With their valuable position in the economy and growing risk of attacks on their ecosystems, we put SMBs under the…
LEARN MOREFines resulting from poor risk management controls are becoming commonplace in the financial industry – and this new trend is just as expensive as it is avoidable. Recently JPMorgan was charged $250 million over inadequate risk management in its wealth management business. This follows the news that Citigroup was fined for major deficiencies with their risk program, and USAA faced a…
LEARN MORE