24th March 2022
The global epidemic, geo-political tensions and continuous data breaches such as SolarWinds and NotPetya have highlighted the importance of maintaining smooth supply chain operations. This is coupled with increasing regulatory pressure being placed on demonstrable risk assurance efforts, including the impending PRA Operational Resilience requirements and EU’s DORA Act. How can we address these challenges…
LEARN MORE16th March 2022
Third-party risk management (TPRM) is a common thread that spans security, privacy, ethics, and ESG. However, these teams and leaders often do not collaborate to achieve a shared mission: reduce third-party risk. As the requirements for each individual risk domain increase, it’s not enough to have a tunnel-vision strategy to track and address vendor risks….
LEARN MORE15th February 2022
The increased reliance on third-party vendors for businesses to advance digital transformation has never been more important than now. However, the swift adoption and complex vendor relationships can leave gaps in how organizations properly vet and track their third parties that are both comprehensive and efficient. These gaps can increase your exposure to risk and…
LEARN MORE24th January 2022
January 24 – 28 is Data Privacy Week providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Week the web site www.staysafeonline.org provides a suite of useful tools that aim to create a…
LEARN MORE21st January 2022
In this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. Black Kite Research analyzed 81 individual third-party incidents, which…
LEARN MORE4th January 2022
The Shared Assessments Program has further endorsed DVV Solutions’ credentials as a leader in Third-Party Risk Management with it latest “Guided by SCA 2022” certification. Shared Assessments SCA Guidelines are intended for use by organisations and third party risk practitioners to ensure consistency related to the execution and reporting of results from third party risk…
LEARN MORE15th December 2021
Late last week, Apache released yet another update to mitigate the Log4j vulnerability and further flaws discovered as the incident has progressed. The newest update is version 2.17.0, which works to patch a denial of service, or DOS, vulnerability, known as CVE-2021-45105. It is important to update to 2.17.0 immediately, and continue to update with each future release of…
LEARN MORE7th December 2021
Aligning Internal Cybersecurity Practices with Third-Party Risk Management With the recent increase in cyber attacks and new regulations on cybersecurity, you may be wondering how your organisation can bolster its cybersecurity efforts. As the threat landscape grows, so does your organisation’s need to develop a robust, cross-functional cybersecurity program. But where should you start? To…
LEARN MORE9th November 2021
Faced with increasing disruption risks from more sources in more locations, CROs are urgently exploring new strategies and technologies to mitigate third-party risk and ensure resiliency. The Risk Officer’s Precise Guide to Accelerating Full-Stack Continuous Third-Party Risk Management eBook addresses this pressure on risk management executives, specifically: Problem: Legacy based TPRM practices are unable to effectively mitigate today’s risks of…
LEARN MORE28th October 2021
Black Kite, the standard in third-party cyber risk ratings, has won the CISO Choice Award for Risk Management for a second consecutive year. Granted by a distinguished panel of judges from the CISOs Connect community, the win comes just weeks after Black Kite was named the 2021 Risk Management Innovation of the Year by the…
LEARN MORE