by Andrea VanSeveren | Apr 21, 2021 | Third Party Risk Management
Reading Time: 4 minutes
It’s axiomatic that many organizations “fail” information security, in the sense that they have significant unmitigated vulnerabilities that they are unaware of… until it’s too late. What are some of the reasons why? At the level of...
by Andrea VanSeveren | Apr 20, 2021 | Third Party Risk Management
Reading Time: 3 minutes
With the SolarWinds megahack still being unpacked, the issue of third-party risk management (TPRM) is once again in the cybersecurity headlines. Why can’t our industry do a better job addressing the red-alert risks that certain...
by Andrea VanSeveren | Apr 19, 2021 | Third Party Risk Management
Reading Time: 3 minutes
It’s ironic that the timing of the SolarWinds breach, which compromised all five branches of the US military along with potentially thousands of other organizations, hit the headlines just two weeks after the initial rollout of the...
by Jeremy Sporn | Oct 7, 2020 | Third Party Risk Management, Vendor Due Diligence
Reading Time: 3 minutes
With so much critical data now residing in the cloud, and so many newly mobile workers now dependent on cloud-based services, third-party risk management (TPRM) is more vital than ever. Dealing with vendors can significantly...
by Jeremy Sporn | Sep 29, 2020 | Vendor Due Diligence
Reading Time: 3 minutes
These days organizations are more reliant than ever on vendors and other third parties, especially to support remote workers. The results of this tectonic shift in IT infrastructure include a big expansion of most companies’ cyber...
by Jeremy Sporn | Sep 28, 2020 | Vendor Due Diligence
Reading Time: 2 minutes
When it comes to vendor due diligence, I often see organizations make the mistake of overlooking one key aspect. Most vendor risk management programs and practitioners are always focused on the vendor risks – the risks that...
