CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Blog

Top US law firms making the case for Legal Vendor Network

Over 40% of top 100 law firms are Legal Vendor Network members. More than 250,000 vendors being continuously monitored. Why are growing numbers choosing THE leading solution for 3rd Party Risk in Legal sector? Law firms know they are a perfect target for a cyber attack due to the volume of sensitive information that they…

LEARN MORE

5 KEY THINGS Your Annual Third Party Risk Assessment ISN’T Telling You

Is a one-off annual Third Party risk assessment enough?   The 2017 Ponemon Cost of Data Breach Survey found that 63% of companies don’t have plans to update their Third Party risk assessments on an ongoing basis. If you rely only on one-time assessments you risk missing critical information about your suppliers that can affect…

LEARN MORE

10 Best Practices for Reducing Third Party Risk

Best Practices for Reducing Third Party Risk The simple truth is that the security measures organisations put in place are not enough to protect them from threats of Third Party risk. Third Parties can present the greatest area of risk exposure — both for data security and for regulatory compliance. It is much easier for…

LEARN MORE

Bar Council GDPR Guide Notes: Managing GDPR compliance and cyber security risk of Barristers and Chambers

Understanding the Bar Council GDPR guide and what GDPR means for Barristers, Chambers and Legal Firms A few thoughts on the Bar Council GDPR guide notes and Third Party Risk compliance. In October 2017 the Bar Council issued a GDPR guide for Barristers and Chambers that outlined the key issues and requirements for regulatory compliance….

LEARN MORE

PCI DSS Third Party Risk (2 of 2) – Risk Exposure and Improving Risk Mitigation and Management

PCI DSS Third Party Risk continued…. In our previous blog (PCI DSS Third Party Risk – Compliance and Liability in an Outsourced Payment Processing model) on the importance of being Payment Card Industry Data Security Standard (PCI DSS) compliant when using a Third Party service provider (TPSP) we highlighted the issue that PCI non-compliant organisations…

LEARN MORE

PCI DSS Third Party Risk (1 of 2) – Compliance and Liability in an Outsourced Payment Processing model

PCI DSS Third Party Risk  The use of Third Party service providers (TPSPs) to process credit card payments is increasingly popular given the cost and operational efficiencies it represents and the perception of short-cutting the costly burden of Payment Card Industry Data Security Standard (PCI DSS) compliance. In this series of blogs we’ll take a…

LEARN MORE

‘Tis the season for.… Fourth Party Risk Management

A few thoughts on Fourth Party Risk Management. We all know the drill. It’s time for some annual festivity, frivolity and fake fir trees. Without wanting to sound like the Grinch, there is one thing that doesn’t take a holiday. RISK! We hope that by now the mix of media attention, ICO & GDPR guidelines…

LEARN MORE

Getting to know NIS (3 of 3) – How to start addressing NIS Directive Third Party compliance

Blogs 1 and 2 have armed us with a better understanding of the regulatory standards the NIS Directive will demand of regulated organisations and the potential legislative and financial impacts of falling foul of compliance. The attention of OESs and DSPs should therefore start to shift on how to start building a NIS compliant cyber…

LEARN MORE

Getting to know NIS (2 of 3) – Expectations and Implications of NIS Directive and Third Party Risk

So, we’ve identified what the NIS Directive is and does, what OESs and DSPs are, and whether the Directive will impact you directly. Next we need to look at the expectations and implications of the Directive on the operators of and service providers to essential services. What are the expectations of the cyber security policies…

LEARN MORE

Getting to know NIS (1 of 3) – What is the EU NIS Directive and does it affect me?

The Department for Digital, Culture, Media and Sport (DCMS) launched a public consultation on the new EU NIS Directive in August 2017 with UK Government legislation to support it required to be in place by 9th May 2018. While we await the results of this consultation it is important to ensure your organisation is aware…

LEARN MORE