When you are deciding to create a framework for your Third-Party Risk Management Program you need to take the following into consideration:
Last Monday, (9/30) at the LS-ISAO Annual Member Gathering, we had the privilege to help organize a panel about the importance of a legal specific set of controls to help manage your third-party risk management program.
Metrics drive the measure of progress and stand as benchmarks during any assessment, audit or review process. They are the life blood of reporting, but when it comes to vendor risk management, it is not as straight forward as you might think.
The former CEO of Intel, Brian Kzranich said last month, “Data, I look at it as the new oil. It’s going to change most industries across the board. Oil changed the world in the 1900s. It drove cars, it drove the whole chemical industry,” Krzanich explains.
Discussions on privacy laws have taken front and center in recent weeks as GDPR (General Data Protection Regulation) begins to be enforced by European Union (EU) member states on May 25, 2018. As we have been discussing for a while, there is confusion as data collectors try to figure out the impact of this legislation. There is…
There remains a significant amount of mis-information and utter chaos regarding the continued use of trusted third parties in support of business operations.
We participated in a panel at the OnRamp Insurance Conference. Here’s some insight into how cybersecurity is shaping the insurance industry.
Hi, everyone. This is Jeff Spetter from ThirdPartyTrust and I had the great pleasure of speaking with Rocio Baeza, CEO of CyberSecurityBase. Here’s a recap and audio of the interview. Rocio Baeza the CEO and Founder of CyberSecurityBase, helping rising tech companies get started with information security. The mission is to simplify security, teach that model,…
The evening at the OWASP Chicago meetup was filled with really informative content in a couple of areas all tied to application security. Here’s a recap.
Emerging Technology, Unknown Risks: DePaul University’s Fourth Annual Cyber Risk Conference Part Two
Panelists answer audience questions at DePaul University’s Fourth Annual Cyber Risk Conference. Including what constitutes a vendor and risk profiles.