CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Blog

GRC 20/20 Quantifies Return on Investment with ProcessUnity Vendor Risk Management

Independent research examines the measurable benefits of ProcessUnity VRM Imagine what business results you could achieve if your third-party risk management (TPRM) program ran as smoothly as possible. At its most efficient, your program could capture complete visibility into third-party risk to protect organisational assets and sensitive data. This insight allows you to proactively manage risk, maintain operational resiliency and…

LEARN MORE

3 Third-Party Risk Lessons from the Lapsus$ Hacks

Proactively mitigate third-party risks with vendor engagement and issue response strategies  Lapsus$, a criminal hacking group, has breached multiple third-party software services over the past few months. The first identified attack occurred in January 2022 at Okta, followed by a subsequent attack at Globant. These large-scale providers of IT applications serve the likes of Cloudflare, Peloton and Chipotle. In…

LEARN MORE

Four Recommendations for Securing Your Supply Chain

Last year, cyberattacks on third-party vendors cost organisations in various industries billions of dollars. From major banks to healthcare to governments, no one is immune. But throwing more budget at the problem is not the solution. BlueVoyant’s recent survey of 1,200 global security executives across industries revealed that despite more focus and budget going to…

LEARN MORE

Are You Ready for the PRA’s New Guidelines on Outsourcing and Third-Party Risk Management?

The clock’s ticking!  If you’re a financial services institution regulated by the Prudential Regulatory Authority, any third-party outsourcing agreements you enter into after 31 March 2022 — that’s less than two months away — will have to comply with their new outsourcing and third-party risk management guidelines.  And you’ll have to revise agreements you already have…

LEARN MORE

ESG Risk – What’s New in Climate Metrics and Reporting Requirements

As we head into 2022, a spate of fourth-quarter announcements have given us a good window in terms of what to expect in the new year and beyond for climate metrics and reporting requirements. Three points in particular are important to highlight for third party risk management: Newly updated Task Force on Climate-related Financial Disclosures…

LEARN MORE

Cyber in 2022: A Look Forward with Robert Hannigan, BlueVoyant International

Anyone involved in the cyber protection of businesses knows that worrying about future trends must be balanced against tackling what is already here. When the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and other global agencies jointly published a list of the most commonly exploited vulnerabilities last year, the striking feature was how old these…

LEARN MORE

Relationship between Contracts, Vendor Management, and Privacy

Privacy is celebrated globally each year on January 28th to commemorate the signing of the first legally binding international treaty dealing with privacy and data protection. This year, companies across the globe are participating in a full week-long initiative to drive a campaign for Data Privacy Week that respects privacy, safeguards data, and enables trust. Data…

LEARN MORE

Data Privacy Week – A timely reminder of the principles and importance of GDPR 3rd Party Compliance

January 24 – 28 is Data Privacy Week providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Week the web site www.staysafeonline.org provides a suite of useful tools that aim to create a…

LEARN MORE

Black Kite report delivers trends, root causes and lessons learned from 2021 third-party breaches

In this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. Black Kite Research analyzed 81 individual third-party incidents, which…

LEARN MORE

Are Your Third Parties PCI Compliant?

Online shopping has quickly become one of the most popular online activities. While the pandemic sparked a significant uptick in global e-commerce activity, annual retail sales are expected to continue on a steady growth trajectory. The shift to e-commerce inherently poses its own set of cybersecurity risks–many of which pertain to investments retailers have made to satisfy…

LEARN MORE