Expect the Unexpected: 5 Keys to Managing Third Party GDPR Risk As the European Union’s (EU’s) General Data Protection Regulation (GDPR) May 25 effective date approached this spring, its sweeping compliance requirements socked companies with major surprises. The regulation’s global jurisdictional reach, EU-specific definition of “sensitive data,” steep penalties, hefty compliance costs, and applicability to…
LEARN MOREA security incident at The Pennsylvania Department of Corrections has compromised the personal information of a seemingly “vulnerable population” Recently, Accreditation, Audit, and Risk Management Security LLC, an online systems vendor for the Pennsylvania Department of Corrections, suffered a data breach that exposed the Personally Identifiable Information (PII) – including names, Social Security Numbers, medical…
LEARN MORE3rd party vendor relationships present plenty of opportunities for cybercriminals Digital transformation is imperative for any business striving to deliver value to customers and remain relevant in fiercely competitive landscapes. Whether moving an existing infrastructure to a cloud platform or incorporating IoT devices and analytics into business models, these technologies enable organisations to increase…
LEARN MOREArticle written by Sean O’Brien CTPRP, Director, DVV Solutions A common question I receive from clients as part of Third Party risk management (TPRM) program development is the best way to manage the inbound requests to complete risk assessments from their own clients. My answer is very simple. “Practice what you preach”. Treat client requests…
LEARN MORE4th Party Vendor Breach Strikes Again Security can’t be looked at only inside the firewall; it must be accounted for throughout an organization’s entire business network Last week’s Ticketmaster breach is a classic example of the challenges companies face to effectively manage vendor risk. Very few companies manage their online ticket sales. That job is left…
LEARN MORE5 keys to managing Fourth Party cybersecurity risk Author: Sean O’Brien CTPRP, Director, DVV Solutions If GDPR hasn’t raised the stakes and drawn attention to the risks in the data supply chain then maybe nothing will. The mix of media attention, ICO & GDPR guidelines and the messaging produced by GRC solution providers over the…
LEARN MOREKey take-aways from CeFPro Vendor and Risk EMEA 2018 Sean O’Brien, Managing Director at DVV Solutions offer his thoughts and ideas on the state of Third Party Risk Management in the UK and Europe, and his key take-aways from CeFPro Vendor & Third Party Risk 2018. I was proud to represent DVV Solutions at the…
LEARN MOREIndustry Interview with Sean O’Brien, Managing Director, DVV Solutions Briefing magazine interviews Sean O’Brien to help information security and procurements executives in the Legal sector better understand the operational impact of GDPR and Third Party data processors in the data supply chain. Sean discusses the key issues surrounding GDPR for the Legal IT sector…
LEARN MOREGDPR and Third Party Data Processor Risk Today sees the biggest change to data protection law in 20 years kick in. The EU General Data Protection Regulation (GDPR). You know the risks. Any breach of Personally Identifiable Information (PII) can result in new penalties of fines of up to 4% of Annual Global Revenue or…
LEARN MORE9 Keys to Successful Third Party Risk Management With risks from IT outsourcing increasing and well publicised regulatory pressure and penalties – such as those posed by GDPR and PCI DSS – it has never been more important to evaluate and mitigate risks from the data supply chain and downstream data processors. Whether you’re…
LEARN MORE