illustration blog

Subscribe to our ThirdPartyTrust blog

Get the latest posts in your inbox!

Improving Communication With Third-Parties For a Successful TPRM Program

Improving Communication With Third-Parties For a Successful TPRM Program

Blog
In speaking with customers and prospects, we realize that one of the biggest pain points around third-party risk management is...
Read More
Why the OWASP Top 10 can be an ally to your organization

Why the OWASP Top 10 can be an ally to your organization

Blog
The OWASP Top 10 is a good starting point for detecting possible issues around third-party components. So how does it relate to TPRM?
Read More
A Buyer’s Guide to Third-Party Risk Management: Get Our Free eBook

A Buyer’s Guide to Third-Party Risk Management: Get Our Free eBook

Blog
We gathered the questions you might need to ask to find the right tool. Download our Buyer’s Guide to Third-Party Risk Management ebook for free!
Read More
Third-party risk assessments in Legal: SIG, SOC-2, ISO 27001 and other stories

Third-party risk assessments in Legal: SIG, SOC-2, ISO 27001 and other stories

Blog
With all the different types of certifications and risk assessments in Legal, what’s the definite proof that a third-party can be trusted?
Read More
How to think of your TPRM program from a governance perspective

How to think of your TPRM program from a governance perspective

Blog
Sometimes, risk accountability is shared among multiple areas or business owners. So how to build a central program to be deployed across the organization?
Read More
Third-Party Risk Management for Financial Services Organizations

Third-Party Risk Management for Financial Services Organizations

Blog
Financial services organizations have to stay on their toes to ensure compliance in the context of outsourcing and third-party risk management (TPRM).
Read More
Why Your Audit Trail is a Goldmine

Why Your Audit Trail is a Goldmine

Blog
The audit trail can track active, non-active and total third-parties over time, helping you get a better understanding of capacity and planning.
Read More
4 Challenges of Moving Cyber Initiatives Forward

4 Challenges of Moving Cyber Initiatives Forward

Blog
With growing executive demand for changes to cybersecurity processes and awareness comes inherent challenges to an organization.
Read More
Third-Party Risk Management for Healthcare Organizations: What, Why, and How

Third-Party Risk Management for Healthcare Organizations: What, Why, and How

Blog
Healthcare organizations need to bring in a large number of technology providers to assist in delivering medical services, protecting data and complying with strict standards like HIPAA. So it’s fair to say that third-party risk management for healthcare organizations is a must.
Read More
3 Things You Need to Know About Fourth-Party Risk

3 Things You Need to Know About Fourth-Party Risk

Blog
So you have assessed your third-parties and established a TPRM program. But what about the risk posed by your vendors’ third-parties? It’s time to start thinking about fourth-party risk.
Read More
Location Risk Monitoring: Ongoing versus real-time

Location Risk Monitoring: Ongoing versus real-time

Blog
Modern businesses are increasingly dependent on third-parties who are geographically dispersed across the globe. Here’s why you should start thinking about continuous location risk monitoring.
Read More
Should Legal increase spending in third-party risk management technology?

Should Legal increase spending in third-party risk management technology?

Blog
Gartner predicts that by 2023, organizational spending on third-party risk management (TPRM) technologies within the Legal industry will increase by 50%. What can tech actually do for the industry?
Read More
How to Get Legal, Procurement and Business Owners Onboard with Security

How to Get Legal, Procurement and Business Owners Onboard with Security

Blog
With new, easy to sign up for and install tools, employees may engage a third-party without involving security teams at all or until the very end of the process. Here are a few tips on how to get them aware and onboard with a security assessment.
Read More
Vendor or Third-Party? Towards a holistic risk management approach

Vendor or Third-Party? Towards a holistic risk management approach

Blog
We often hear terms like “supplier”, “provider”, “vendor” or “third-party” used indistinctly, but they're not the same. We believe "third-party" is a much more powerful concept and here's why.
Read More
Building a Scalable Third-Party Risk Management Program

Building a Scalable Third-Party Risk Management Program

Blog
Although most organizations understand its importance, it can be difficult to start and maintain a scalable third-party risk management program. Bob Wilkinson, Founder & CEO of Cyber Marathons Solutions, shares tips and best practices.
Read More
How does CCPA impact Third-Party Risk Management?

How does CCPA impact Third-Party Risk Management?

Blog
On January 1, 2020 the California Consumer Privacy Act (CCPA) of 2018 came into effect. Although it impacts thousands of businesses across the country, with stiff financial penalties, many business leaders are still unsure about what it means. This blog looks at some key points of the law and its impact on third-party risk management.
Read More
Take-Two Case Study: Assessments Take a Week Less with ThirdPartyTrust

Take-Two Case Study: Assessments Take a Week Less with ThirdPartyTrust

Blog
Learn how Take-Two overcame its third-party risk management challenges with the ThirdPartyTrust platform.
Read More
Data Privacy Day: 3 ways to keep third-party data exposure under control

Data Privacy Day: 3 ways to keep third-party data exposure under control

Blog
January 28 is Data Privacy Day, an international effort to empower users and encourage businesses to ‘respect privacy, safeguard data...
Read More
5 Key Indicators of a Third-Party Risk Management Dashboard

5 Key Indicators of a Third-Party Risk Management Dashboard

Blog
A third-party risk management dashboard is fundamental for understanding the risk environment within an organization and making informed decisions. When...
Read More
7 Questions for Assessing a Third-Party

7 Questions for Assessing a Third-Party

Blog
Third-party risks continue to be a serious cybersecurity threat, so properly assessing a third-party is paramount to any risk management...
Read More
ThirdPartyTrust raises an additional $4.45M to help enterprises manage their third-party risk

ThirdPartyTrust raises an additional $4.45M to help enterprises manage their third-party risk

Press Releases
ThirdPartyTrust, a network-based third-party risk management platform that allows enterprises and third-parties to simplify third-party risk processes, today announced a...
Read More
The Importance of Inherent Risk To Your Third-Party Risk Management Process

The Importance of Inherent Risk To Your Third-Party Risk Management Process

Blog
Companies can have upwards of a thousand third-parties and it is important to be able to differentiate and categorize each...
Read More
Designing your Third-Party Risk Management program: key essentials

Designing your Third-Party Risk Management program: key essentials

Blog
When you are deciding to create a framework for your Third-Party Risk Management Program you need to take the following...
Read More
Global Resilience Federation and ThirdPartyTrust establish partnership allowing members to peer-source vendor risk assessments

Global Resilience Federation and ThirdPartyTrust establish partnership allowing members to peer-source vendor risk assessments

Press Releases
Reston, VA USA – October 23, 2018 – Global Resilience Federation (GRF) and ThirdPartyTrust today announced a new partnership that...
Read More
LS-ISAO Annual Member Gathering: A collaborative approach to Vendor Risk

LS-ISAO Annual Member Gathering: A collaborative approach to Vendor Risk

Blog
Last Monday, (9/30) at the LS-ISAO Annual Member Gathering, we had the privilege to help organize a panel about the importance...
Read More
Experts share important metrics for assessing vendor risk

Experts share important metrics for assessing vendor risk

Blog
Metrics drive the measure of progress and stand as benchmarks during any assessment, audit or review process. They are the...
Read More
Shared Assessments and ThirdPartyTrust bring the SIG to the Masses

Shared Assessments and ThirdPartyTrust bring the SIG to the Masses

Press Releases
ThirdPartyTrust has announced that it has joined the Shared Assessments Program, the member-driven trusted source in third party risk assurance...
Read More
Data is the New Oil and Breaches are the New Spills; So Where is the Leak?

Data is the New Oil and Breaches are the New Spills; So Where is the Leak?

Blog
The former CEO of Intel, Brian Kzranich said last month, “Data, I look at it as the new oil. It’s going...
Read More
Guest Blog: A GDPR Primer to Meet the Deadline Next Week

Guest Blog: A GDPR Primer to Meet the Deadline Next Week

Blog
Discussions on privacy laws have taken front and center in recent weeks as GDPR (General Data Protection Regulation) begins to...
Read More
GDPR and the Integration of Third-Party Service Providers

GDPR and the Integration of Third-Party Service Providers

Blog
There remains a significant amount of mis-information and utter chaos regarding the continued use of trusted third parties in support of business operations.
Read More
How is Cyber Shaping the Insurance Industry? Learn From Pros at Allstate, Trustmark and BCSF

How is Cyber Shaping the Insurance Industry? Learn From Pros at Allstate, Trustmark and BCSF

Blog
We participated in a panel at the OnRamp Insurance Conference. Here's some insight into how cybersecurity is shaping the insurance industry.
Read More
TPT Infosec Interviews: Rocio Baeza, CEO CyberSecurityBase

TPT Infosec Interviews: Rocio Baeza, CEO CyberSecurityBase

Blog
Hi, everyone. This is Jeff Spetter from ThirdPartyTrust and I had the great pleasure of speaking with Rocio Baeza, CEO of...
Read More
OWASP Chicago February Meetup Summary and Presentations

OWASP Chicago February Meetup Summary and Presentations

Blog
The evening at the OWASP Chicago meetup was filled with really informative content in a couple of areas all tied to application security. Here's a recap.
Read More
Argos Risk announces partnership with ThirdPartyTrust

Argos Risk announces partnership with ThirdPartyTrust

Press Releases
MINNEAPOLIS, MN AND CHICAGO, IL - April 11, 2017 Argos Risk, specialists in providing universal solutions for managing and monitoring...
Read More
Emerging Technology, Unknown Risks: DePaul University’s Fourth Annual Cyber Risk Conference Part Two

Emerging Technology, Unknown Risks: DePaul University’s Fourth Annual Cyber Risk Conference Part Two

Blog
Panelists answer audience questions at DePaul University's Fourth Annual Cyber Risk Conference. Including what constitutes a vendor and risk profiles.
Read More
EMERGING TECHNOLOGY, UNKNOWN RISKS: DEPAUL UNIVERSITY’S FOURTH ANNUAL CYBER RISK CONFERENCE | PART ONE

EMERGING TECHNOLOGY, UNKNOWN RISKS: DEPAUL UNIVERSITY’S FOURTH ANNUAL CYBER RISK CONFERENCE | PART ONE

Blog
Here are our takeaways from the panel moderated by Anders Norremo, CEO of ThirdPartyTrust, on the topic of The Cloud and Third Party Vendor Managament.
Read More
2017 VENDOR RISK MANAGEMENT BENCHMARK STUDY | PROTIVITI & SHARED ASSESSMENTS

2017 VENDOR RISK MANAGEMENT BENCHMARK STUDY | PROTIVITI & SHARED ASSESSMENTS

Blog
The external risk environment is changing quickly as massive and costly cyber attacks have struck in the past couple years, continuing to challenge organizations to re-think approaches to vendor risk management.
Read More
Keynote Panel: Building Trust in the Third-Party Ecosystem

Keynote Panel: Building Trust in the Third-Party Ecosystem

Blog
We attended the Cyber Security Chicago conference and share some insights about the third-party ecosystem, including IoT Security and DevSecOps.
Read More
Data Risk in the Third-Party by Ponemon Institute

Data Risk in the Third-Party by Ponemon Institute

Blog
Here are our main takeaways from the second annual study of Data Risk in the Third-Party Ecosystem by the Ponemon Institute.
Read More
Cybersecurity and Manufacturing in the Digital Era

Cybersecurity and Manufacturing in the Digital Era

Blog
Here are the main takeaways from our panel about cybersecurity and manufacturing in the Digital Era at the OnRamp Conference in Milwaukee, WI.
Read More
7 Risks to Data in the Third-Party Ecosystem

7 Risks to Data in the Third-Party Ecosystem

Blog
The Ponemon Institute conducted a study back in April of 2016 surveying companies to understand the risks to data and...
Read More
Morningstar & Uptake Discuss Vendor Risk Management Best Practices With Anders Norremo

Morningstar & Uptake Discuss Vendor Risk Management Best Practices With Anders Norremo

Blog
Commercial transactions and informational exchanges no longer represent linear processes between two parties; rather, the shared data travels past the...
Read More
At Morningstar Security Summit, Experts Discuss Vendor Risk Management

At Morningstar Security Summit, Experts Discuss Vendor Risk Management

Blog
We discussed best practices in cybersecurity and third-party risk assessment at the Morningstar Security Summit on June 26th.
Read More
Event Recap: Panelists Discuss NY DFS Cybersecurity Regulation

Event Recap: Panelists Discuss NY DFS Cybersecurity Regulation

Blog
On June 11th, we discussed the NY DFS Cybersecurity Regulation at the Changing Landscape of Cybersecurity Regulation event, hosted by Currency.
Read More
Vendor Risk and the Regulatory Response

Vendor Risk and the Regulatory Response

Blog
The attacks of 2016 & 2017 revealed that no individual, no organization and no region is impenetrable. We dive into Vendor Risk and the Regulatory Response.
Read More
CAMP IT Data Breach Discussion: Impact on Security/Risk Strategy

CAMP IT Data Breach Discussion: Impact on Security/Risk Strategy

Blog
At the CAMP IT Chicago Panel Discussion, Anders Norremo of ThirdPartyTrust moderated a panel of IT executives to analyze trends in cyber security.
Read More
Who will be in charge of IoT security?

Who will be in charge of IoT security?

Blog
Usually as an after thought to new technology, IoT security will come into play amidst a huge promise to improve efficiencies.
Read More
BITS SIG & PDF Reports Available on ThirdPartyTrust

BITS SIG & PDF Reports Available on ThirdPartyTrust

Blog
The ThirdPartyTrust platform now includes BITS SIG full questionnaire online, custom labels for sorting and managing vendors, and vendor PDF reports.
Read More
The White House’s Cyber Policy Impact on the Digital Supply Chain

The White House’s Cyber Policy Impact on the Digital Supply Chain

Blog
President Donald Trump signed an Executive Order to implement a new policy to improve the digital supply chain, including networks and critical infrastructure.
Read More
Essential Security Software for Businesses

Essential Security Software for Businesses

Blog
A new report states that 60% of organizations go out of business within 6 months of a cyber attack. Here's why you need to invest in security software for businesses.
Read More
New York’s DFS Cybersecurity Regulations in a Nutshell

New York’s DFS Cybersecurity Regulations in a Nutshell

Blog
We break down the new DFS Cybersecurity Regulations and what they mean for your vendor risk management program.
Read More