CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

News

New Black Kite FocusTags provide instant visibility of high-profile cyber events at scale

Black Kite, the leader in third-party cyber risk intelligence, announces the availability of FocusTags™, a fast and simple way for users to track high-profile cyber events and quickly identify which vendors have been affected within their supply chain. This latest capability furthers the company’s mission to provide continuous monitoring of vendors to identify and mitigate…

LEARN MORE

GRC 20/20 Quantifies Return on Investment with ProcessUnity Vendor Risk Management

Independent research examines the measurable benefits of ProcessUnity VRM Imagine what business results you could achieve if your third-party risk management (TPRM) program ran as smoothly as possible. At its most efficient, your program could capture complete visibility into third-party risk to protect organisational assets and sensitive data. This insight allows you to proactively manage risk, maintain operational resiliency and…

LEARN MORE

Replay our Fireside Chat: Key success factors in building a TPRM program – 23/03/22

The global epidemic, geo-political tensions and continuous data breaches such as SolarWinds and NotPetya have highlighted the importance of maintaining smooth supply chain operations. This is coupled with increasing regulatory pressure being placed on demonstrable risk assurance efforts, including the impending PRA Operational Resilience requirements and EU’s DORA Act. How can we address these challenges…

LEARN MORE

Webinar Replay: Aligning a Third-Party Risk Strategy Across Security, Privacy, Ethics, and ESG

Third-party risk management (TPRM) is a common thread that spans security, privacy, ethics, and ESG. However, these teams and leaders often do not collaborate to achieve a shared mission: reduce third-party risk. As the requirements for each individual risk domain increase, it’s not enough to have a tunnel-vision strategy to track and address vendor risks….

LEARN MORE

OneTrust White Paper: The Business Value of Third-Party Risk Management Software

The increased reliance on third-party vendors for businesses to advance digital transformation has never been more important than now. However, the swift adoption and complex vendor relationships can leave gaps in how organizations properly vet and track their third parties that are both comprehensive and efficient. These gaps can increase your exposure to risk and…

LEARN MORE

Data Privacy Week – A timely reminder of the principles and importance of GDPR 3rd Party Compliance

January 24 – 28 is Data Privacy Week providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Week the web site www.staysafeonline.org provides a suite of useful tools that aim to create a…

LEARN MORE

Black Kite report delivers trends, root causes and lessons learned from 2021 third-party breaches

In this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. Black Kite Research analyzed 81 individual third-party incidents, which…

LEARN MORE

DVV Solutions recognised as Assurance Leader with “Guided by SCA 2022” certification

The Shared Assessments Program has further endorsed DVV Solutions’ credentials as a leader in Third-Party Risk Management with it latest “Guided by SCA 2022” certification. Shared Assessments SCA Guidelines are intended for use by organisations and third party risk practitioners to ensure consistency related to the execution and reporting of results from third party risk…

LEARN MORE

Track LOG4J Vulnerabilities in your Cyber Supply Chain – Black Kite Adds LOG4J Status Tags For Third-Parties

Late last week, Apache released yet another update to mitigate the Log4j vulnerability and further flaws discovered as the incident has progressed.  The newest update is version 2.17.0, which works to patch a denial of service, or DOS, vulnerability, known as CVE-2021-45105. It is important to update to 2.17.0 immediately, and continue to update with each future release of…

LEARN MORE

Aligning Internal Cybersecurity with Third-Party Risk – ProcessUnity White Paper

Aligning Internal Cybersecurity Practices with Third-Party Risk Management With the recent increase in cyber attacks and new regulations on cybersecurity, you may be wondering how your organisation can bolster its cybersecurity efforts. As the threat landscape grows, so does your organisation’s need to develop a robust, cross-functional cybersecurity program. But where should you start? To…

LEARN MORE