As we’ve seen in recent events such as the SolarWinds hack, third-party risk poses a serious threat to business continuity. What the incident also demonstrated is that fourth party risk, or the risk posed by a contracted vendor’s third parties, can equally threaten data security and operations. Your organisation may have integrated a robust third party risk management program (TPRM) – but what if keeping an eye on your…
LEARN MOREFrom reports of numerous former employees, Kaseya leaders knew of and failed to address cybersecurity concerns going back to 2017 (Kaseya Failed to Address Security Before the Hack). Unfortunately, as a result, 1500 managed service providers and possibly more, experienced significant disruptions due to the ransomware attack. For those 1500+ companies, the million-dollar, or in…
LEARN MOREThe European Union (EU) will soon launch a new regulation that will require banks and firms in the global financial industry to mature their third-party risk management programs to include set cybersecurity requirements – which will also apply to the critical Information and Communication Technology (ICT) service providers they are working with. The timeframe for…
LEARN MOREResilience is a watchword for every risk management team and every governing board. Resilience represents the ability of entities to avoid, prevent, adapt, respond to, recover from, and learn from operational disruptions.[i] While ensuring business continuity is a key aspect of business resilience, resilience and continuity are related but are not the same.[ii] Understanding your own organisation’s…
LEARN MOREWhat does a best-practice program for Third-Party Risk Management look like? While every organisation has its own unique risk appetite, there are base requirements, processes and goals that all vendor-risk managers need to incorporate into their initiatives to eliminate as much risk as possible. Replay our latest webinar with ProcessUnity and see how proven TPRM…
LEARN MORE