With new, easy to sign up for and install tools, employees may engage a third-party without involving security teams at all or until the very end of the process. Here are a few tips on how to get them aware and onboard with a security assessment.
We often hear terms like “supplier”, “provider”, “vendor” or “third-party” used indistinctly, but they’re not the same. We believe “third-party” is a much more powerful concept and here’s why.
Although most organizations understand its importance, it can be difficult to start and maintain a scalable third-party risk management program. Bob Wilkinson, Founder & CEO of Cyber Marathons Solutions, shares tips and best practices.
On January 1, 2020 the California Consumer Privacy Act (CCPA) of 2018 came into effect. Although it impacts thousands of businesses across the country, with stiff financial penalties, many business leaders are still unsure about what it means. This blog looks at some key points of the law and its impact on third-party risk management.
Learn how Take-Two overcame its third-party risk management challenges with the ThirdPartyTrust platform.
January 28 is Data Privacy Day, an international effort to empower users and encourage businesses to ‘respect privacy, safeguard data and enable trust.’ In an increasingly data-driven world, you need to make sure your company is going the extra mile to protect your customers and users. That means keeping an eye on your third-parties that…
A third-party risk management dashboard is fundamental for understanding the risk environment within an organization and making informed decisions. When presenting to the board, you probably want to show high level KPIs and insights, and explain the overall health of the program. In this blog, we go through 5 key indicators you should monitor in…
Third-party risks continue to be a serious cybersecurity threat, so properly assessing a third-party is paramount to any risk management strategy. According to Gartner, 71% of organizations reported their network contains more third-parties than it did three years before. This number is expected to grow even larger in the next few years.
Companies can have upwards of a thousand third-parties and it is important to be able to differentiate and categorize each one of them. To that end, inherent risk takes into account how a company is using their third-parties and what risk do they pose to the organization. In this blog, we’ll explain how to calculate…
When you are deciding to create a framework for your Third-Party Risk Management Program you need to take the following into consideration: