Third Party Risk Management - Consultancy, Assessment & Advisory
TPRM Industry Insights - January 2020
Third Party Risk Management Articles and Reports
What the Brexit Withdrawal Agreement Bill means for data protection and the GDPR
CSO Online: After years of turmoil, it seems the UK finally has a deal that sets out how it will leave the European Union (EU). Prime Minister Boris Johnson’s Withdrawal Agreement Bill shares many similarities with the withdrawal agreement put forward by his predecessor, Theresa May, especially when it comes to data protection requirements.
While this deal is merely the starting point, it lays out how UK organisations should approach issues such as data protection, data privacy and data flows between the UK and EU — for at least the next 11 months. Read More
Happy Data Protection Day 2020!
January 28th saw Data Protection Day (a.k.a. Data Privacy Day), providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. Read More
Using the FAIR Model to Quantify Third-Party Cyber Risk
Many organisations have a hard time measuring Third-Party risk in tangible, financial terms.This creates frustrations for both risk practitioners who want a more effective way to quantify results and business decision makers who want clear metrics in order to make more informed decisions.
Leveraging FAIR assessment at scale for TPRM helps attain the goal of cost effectively achieving and maintaining an acceptable level of loss exposure, while also clearly conveying the breadth of probable impact to the organisation. Read More
10 Trends and 7 Resolutions in Third-Party Risk for 2020
Shared Assessments: This article offers a high-level summary of the most noteworthy 2019 TPRM issues and 2020 TPRM trends along with a set of “resolutions” for practitioners to consider pursuing this year to sharpen their third party risk management programs. Read More
Equifax agrees $1.38bn data breach lawsuit settlement
Finextra.com: A US judge has rubber-stamped a $1.38 billion settlement related to the massive 2017 data breach at Equifax – capping the amount available for cash payouts to victims. Read More
Google closing China offices amid coronavirus outbreak
CNBC.com: Google is temporarily shutting down its China operation due to the coronavirus outbreak. The company is asking employees with traveled family to work from home for at least 14 days. Google joins Facebook and Apple, among many other U.S. companies, to suspend travel due to the outbreak. Read More
The Ring Doorbell App Is Sending Your Data To Third Parties New EFF Findings Show
Forbes.com: Ring Doorbell App is capturing personally identifiable information including names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices hosting the app. And that data is being sent to four main analytics and marketing companies. Read more
Exposed AWS buckets again implicated in multiple data leaks
Computer Weekly: The lack of care being taken to correctly configure cloud environments has once again been highlighted by two serious data leaks in the UK caused by misconfigured Amazon Simple Storage Service (S3) bucket storage. Read more
Learn more about how DVV Solutions Third Party risk managed services can help you achieve operational resilience and enhance oversight in your cyber supply chain.