Designing your Third-Party Risk Management program: key essentials
When you are deciding to create a framework for your Third-Party Risk Management Program you need to take the following into consideration:
LS-ISAO Annual Member Gathering: A collaborative approach to Vendor Risk
Last Monday, (9/30) at the LS-ISAO Annual Member Gathering, we had the privilege to help organize a panel about the importance of a legal specific set of controls to help manage your third-party risk management program.
Experts share important metrics for assessing vendor risk
Metrics drive the measure of progress and stand as benchmarks during any assessment, audit or review process. They are the life blood of reporting, but when it comes to vendor risk management, it is not as straight forward as you might think.
Data is the New Oil and Breaches are the New Spills; So Where is the Leak?
The former CEO of Intel, Brian Kzranich said last month, “Data, I look at it as the new oil. It’s going to change most industries across the board. Oil changed the world in the 1900s. It drove cars, it drove the whole chemical industry,” Krzanich explains.
Guest Blog: A GDPR Primer to Meet the Deadline Next Week
Discussions on privacy laws have taken front and center in recent weeks as GDPR (General Data Protection Regulation) begins to be enforced by European Union (EU) member states on May 25, 2018. As we have been discussing for a while, there is confusion as data collectors try to figure out the impact of this legislation. There is…
GDPR and the Integration of Third-Party Service Providers
There remains a significant amount of mis-information and utter chaos regarding the continued use of trusted third parties in support of business operations.
How is Cyber Shaping the Insurance Industry? Learn From Pros at Allstate, Trustmark and BCSF
We participated in a panel at the OnRamp Insurance Conference. Here’s some insight into how cybersecurity is shaping the insurance industry.
TPT Infosec Interviews: Rocio Baeza, CEO CyberSecurityBase
Hi, everyone. This is Jeff Spetter from ThirdPartyTrust and I had the great pleasure of speaking with Rocio Baeza, CEO of CyberSecurityBase. Here’s a recap and audio of the interview. Rocio Baeza the CEO and Founder of CyberSecurityBase, helping rising tech companies get started with information security. The mission is to simplify security, teach that model,…
OWASP Chicago February Meetup Summary and Presentations
The evening at the OWASP Chicago meetup was filled with really informative content in a couple of areas all tied to application security. Here’s a recap.
Emerging Technology, Unknown Risks: DePaul University’s Fourth Annual Cyber Risk Conference Part Two
Panelists answer audience questions at DePaul University’s Fourth Annual Cyber Risk Conference. Including what constitutes a vendor and risk profiles.