Third Party Risk Management - Consultancy, Assessment & Advisory

TPRM Industry Insights - January 2020

Third Party Risk Management Articles and Reports

What the Brexit Withdrawal Agreement Bill means for data protection and the GDPR

CSO Online: After years of turmoil, it seems the UK finally has a deal that sets out how it will leave the European Union (EU). Prime Minister Boris Johnson’s Withdrawal Agreement Bill shares many similarities with the withdrawal agreement put forward by his predecessor, Theresa May, especially when it comes to data protection requirements.

While this deal is merely the starting point, it lays out how UK organisations should approach issues such as data protection, data privacy and data flows between the UK and EU — for at least the next 11 months. Read More

Happy Data Protection Day 2020!

January 28th saw Data Protection Day (a.k.a. Data Privacy Day), providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. Read More

Using the FAIR Model to Quantify Third-Party Cyber Risk

Many organisations have a hard time measuring Third-Party risk in tangible, financial terms.This creates frustrations for both risk practitioners who want a more effective way to quantify results and business decision makers who want clear metrics in order to make more informed decisions.

Leveraging FAIR assessment at scale for TPRM helps attain the goal of cost effectively achieving and maintaining an acceptable level of loss exposure, while also clearly conveying the breadth of probable impact to the organisation. Read More

10 Trends and 7 Resolutions in Third-Party Risk for 2020

Shared Assessments: This article offers a high-level summary of the most noteworthy 2019 TPRM issues and 2020 TPRM trends along with a set of “resolutions” for practitioners to consider pursuing this year to sharpen their third party risk management programs. Read More

You’re Only As Strong As Your Weakest Link

Third-Party breaches & Cyber Supply Chain issues that caught our eye

Equifax agrees $1.38bn data breach lawsuit settlement A US judge has rubber-stamped a $1.38 billion settlement related to the massive 2017 data breach at Equifax – capping the amount available for cash payouts to victims. Read More

Google closing China offices amid coronavirus outbreak Google is temporarily shutting down its China operation due to the coronavirus outbreak. The company is asking employees with traveled family to work from home for at least 14 days. Google joins Facebook and Apple, among many other U.S. companies, to suspend travel due to the outbreak. Read More

The Ring Doorbell App Is Sending Your Data To Third Parties New EFF Findings Show Ring Doorbell App is capturing personally identifiable information including names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices hosting the app. And that data is being sent to four main analytics and marketing companies. Read more

Exposed AWS buckets again implicated in multiple data leaks

Computer Weekly: The lack of care being taken to correctly configure cloud environments has once again been highlighted by two serious data leaks in the UK caused by misconfigured Amazon Simple Storage Service (S3) bucket storage. Read more

Learn more about how DVV Solutions Third Party risk managed services can help you achieve operational resilience and enhance oversight in your cyber supply chain.

Call today 0161 476 8700

or Submit a Contact Form