CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Cyber in 2022: A Look Forward with Robert Hannigan, BlueVoyant International

Anyone involved in the cyber protection of businesses knows that worrying about future trends must be balanced against tackling what is already here. When the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and other global agencies jointly published a list of the most commonly exploited vulnerabilities last year, the striking feature was how old these…

LEARN MORE

Relationship between Contracts, Vendor Management, and Privacy

Privacy is celebrated globally each year on January 28th to commemorate the signing of the first legally binding international treaty dealing with privacy and data protection. This year, companies across the globe are participating in a full week-long initiative to drive a campaign for Data Privacy Week that respects privacy, safeguards data, and enables trust. Data…

LEARN MORE

Data Privacy Week – A timely reminder of the principles and importance of GDPR 3rd Party Compliance

January 24 – 28 is Data Privacy Week providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Week the web site www.staysafeonline.org provides a suite of useful tools that aim to create a…

LEARN MORE

Black Kite report delivers trends, root causes and lessons learned from 2021 third-party breaches

In this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. Black Kite Research analyzed 81 individual third-party incidents, which…

LEARN MORE

DVV Solutions recognised as Assurance Leader with “Guided by SCA 2022” certification

The Shared Assessments Program has further endorsed DVV Solutions’ credentials as a leader in Third-Party Risk Management with it latest “Guided by SCA 2022” certification. Shared Assessments SCA Guidelines are intended for use by organisations and third party risk practitioners to ensure consistency related to the execution and reporting of results from third party risk…

LEARN MORE

Are Your Third Parties PCI Compliant?

Online shopping has quickly become one of the most popular online activities. While the pandemic sparked a significant uptick in global e-commerce activity, annual retail sales are expected to continue on a steady growth trajectory. The shift to e-commerce inherently poses its own set of cybersecurity risks–many of which pertain to investments retailers have made to satisfy…

LEARN MORE

Track LOG4J Vulnerabilities in your Cyber Supply Chain – Black Kite Adds LOG4J Status Tags For Third-Parties

Late last week, Apache released yet another update to mitigate the Log4j vulnerability and further flaws discovered as the incident has progressed.  The newest update is version 2.17.0, which works to patch a denial of service, or DOS, vulnerability, known as CVE-2021-45105. It is important to update to 2.17.0 immediately, and continue to update with each future release of…

LEARN MORE

Blockchain TPRM Implications

As an industry, government, and technology partners work to identify the key elements required to make blockchain mainstream (sovereign identity agreements, improved safety, and related regulations, interoperability and functionality, open and transparent commercial availability), the time to focus on risk in relation to DLT is now, even if it is not on your immediate horizon….

LEARN MORE

Aligning Internal Cybersecurity with Third-Party Risk – ProcessUnity White Paper

Aligning Internal Cybersecurity Practices with Third-Party Risk Management With the recent increase in cyber attacks and new regulations on cybersecurity, you may be wondering how your organisation can bolster its cybersecurity efforts. As the threat landscape grows, so does your organisation’s need to develop a robust, cross-functional cybersecurity program. But where should you start? To…

LEARN MORE

TPRM and the Delicate Balance of the Supply Chain

Everywhere you look, people seem to be talking about it. No, we don’t mean Squid Game, we mean the supply chain. In the U.S. consumers (and many businesses) were long accustomed to taking the supply chain for granted. It seemed to work flawlessly in the background, ensuring items we want and need got onto shelves…

LEARN MORE