According to CISOs interviewed at the 2020 RSA Conference, supply chain attacks are the most dangerous threats following ransomware. IBM Security’s recent report [1] emphasizes third-party involvement (a.k.a supply chain) as an amplifying factor to the overall cost of a breach, increasing the dollar amount by more than $200,000. Let’s admit, supply chain security…
LEARN MOREConducting a due diligence process for vendors or third-parties can be cumbersome in today’s digital environment. Unfortunately, these entities are the weakest elements of a digital ecosystem. Regardless of a company’s size or sector, business leaders should take on a rigorous vendor due diligence process, with a proactive defense mindset. According to IBM’s Cost of…
LEARN MOREThe Shared Assessments Third Party Risk Management Toolkit was built by member practitioners, for practitioners. Leveraging diverse industry experience and relationship perspective, the toolkit embodies a “Trust, but Verify” approach based on vetted, standardised methodology. Shared Assessments’ updated 2021 Third Party Risk Management (TPRM) Toolkit is responsive to recent events. A global pandemic, shutdowns…
LEARN MOREDVV Solutions are pleased to offer the opportunity for Third Party Risk and IT Security Assurance practitioners in the UK to register for the upcoming Certified Third Party Risk Professional (CTPRP) virtual training and certification course in November 2020. What is the CTPRP? The CTPRP has been developed by the Shared Assessments Program and…
LEARN MOREIn an era when corporations commonly have hundreds and sometimes hundreds of thousands of third-party suppliers, managing the risk these third parties represent is no small task yet has become essential for corporate success. Obviously in these circumstances, your third-party risk-management (TPRM) program becomes critical to ensure operational continuity and possibly even financial survival….
LEARN MOREThe title says it all – Gartner has again recognised DVV Solutions’ technology partner ProcessUnity as a Leader in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools. This week, Gartner published both the 2020 Magic Quadrant [1] and Critical Capabilities [2] for IT Vendor Risk Management Tools. We are extremely excited to report…
LEARN MOREIn today’s ever-changing environment, businesses rely on third-parties to help drive their core-activities. This dependence makes third parties, sometimes referred to as “suppliers” or “vendors”, an organic part of business processes. Recent breaches affecting Amca, CenturyLink, Capital One, Facebook, and Twitter all originated from a third-party website or platform supplier. These breaches cause thousands, and…
LEARN MOREMore than two-thirds of companies are cutting corners when it comes to understanding inherent risk within their third-party due diligence It is no secret that inherent risk assessments are crucial to third-party risk management success, but are they being conducted? During a recent IT GRC webinar, Automating Your Third-Party Risk Management Program, attendees were asked…
LEARN MOREAs the only strategy report in the cyber space providing guidance from a technical, financial, and compliance perspective the NormShield Strategy Report provides a clear and concise guide to reduce cyber risk mitigation and remediation into one single report of actionable steps. We all know effective risk management starts with an effective risk model….
LEARN MOREAs the only in-house cyber risk ticketing platform, NormShield Ticketing automates workflow to remediate continuous cyber risk monitoring issues. Here is why ticketing is effective in third-party risk management (TPRM) and how NormShield’s new system can help. Businesses strive to be more organised, focused and efficient. This productivity has a direct impact on costs,…
LEARN MORE