CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Blog

Data Privacy Week – A timely reminder of the principles and importance of GDPR 3rd Party Compliance

January 24 – 28 is Data Privacy Week providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Week the web site www.staysafeonline.org provides a suite of useful tools that aim to create a…

LEARN MORE

Black Kite report delivers trends, root causes and lessons learned from 2021 third-party breaches

In this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. Black Kite Research analyzed 81 individual third-party incidents, which…

LEARN MORE

Are Your Third Parties PCI Compliant?

Online shopping has quickly become one of the most popular online activities. While the pandemic sparked a significant uptick in global e-commerce activity, annual retail sales are expected to continue on a steady growth trajectory. The shift to e-commerce inherently poses its own set of cybersecurity risks–many of which pertain to investments retailers have made to satisfy…

LEARN MORE

Track LOG4J Vulnerabilities in your Cyber Supply Chain – Black Kite Adds LOG4J Status Tags For Third-Parties

Late last week, Apache released yet another update to mitigate the Log4j vulnerability and further flaws discovered as the incident has progressed.  The newest update is version 2.17.0, which works to patch a denial of service, or DOS, vulnerability, known as CVE-2021-45105. It is important to update to 2.17.0 immediately, and continue to update with each future release of…

LEARN MORE

Blockchain TPRM Implications

As an industry, government, and technology partners work to identify the key elements required to make blockchain mainstream (sovereign identity agreements, improved safety, and related regulations, interoperability and functionality, open and transparent commercial availability), the time to focus on risk in relation to DLT is now, even if it is not on your immediate horizon….

LEARN MORE

Aligning Internal Cybersecurity with Third-Party Risk – ProcessUnity White Paper

Aligning Internal Cybersecurity Practices with Third-Party Risk Management With the recent increase in cyber attacks and new regulations on cybersecurity, you may be wondering how your organisation can bolster its cybersecurity efforts. As the threat landscape grows, so does your organisation’s need to develop a robust, cross-functional cybersecurity program. But where should you start? To…

LEARN MORE

TPRM and the Delicate Balance of the Supply Chain

Everywhere you look, people seem to be talking about it. No, we don’t mean Squid Game, we mean the supply chain. In the U.S. consumers (and many businesses) were long accustomed to taking the supply chain for granted. It seemed to work flawlessly in the background, ensuring items we want and need got onto shelves…

LEARN MORE

Complex Supply Chains: Digital Cyberspace and Concentration Risk

The sudden scarcity of common household items that began in the spring of 2020 has become a global struggle to move goods from ports and warehouses to customers’ homes and factory floors. The classic supply chain has one company delivering components needed by another for manufacturing: today there are multiple kinds of complex supply chains…

LEARN MORE

A New Model for Managing Third-Party Risk – John Bree, Supply Wisdom

Business today is a complex web of third-party relationships. At the same time, risks of disruption from these third parties are increasing in frequency and severity. With the pace of disruption accelerating and the causation spectrum expanding, the weaknesses and vulnerabilities of traditional risk management programs have been exposed. COVID has proved that legacy based…

LEARN MORE

Download your copy of Supply Wisdom’s Third-Party Risk Management eBook

Faced with increasing disruption risks from more sources in more locations, CROs are urgently exploring new strategies and technologies to mitigate third-party risk and ensure resiliency.  The Risk Officer’s Precise Guide to Accelerating Full-Stack Continuous Third-Party Risk Management eBook addresses this pressure on risk management executives, specifically: Problem: Legacy based TPRM practices are unable to effectively mitigate today’s risks of…

LEARN MORE