by Terry Crowley | Mar 20, 2018 | Third Party Risk Management
Unless you’ve been meditating in a cave for the past month (and maybe even then) you’ve most likely heard some of the hype and wrangling around the Spectre and Meltdown vulnerabilities announced just after the New Year. These flaws have significant security...
by Michael Walsh | Jan 3, 2018 | ISMS Consulting, Third Party Risk Management
It seems to be an artifact of how technology is designed and developed that “new and improved” also frequently means “less secure.” In my experience, being an early adopter also makes you a de facto beta tester for security bugs. A quick scan of recent security news...
by Jeremy Sporn | Dec 21, 2017 | ISMS Consulting, Third Party Risk Management
The Importance of Cybersecurity for Legal Entities The American Bar Association (ABA) clearly appreciates cybersecurity as a major concern for law firms and legal entities, and views issues around third-party risk management (TPRM) as particularly crucial for its...
by Chris Dorr | Aug 25, 2017 | Third Party Risk Management
An interesting and potentially troubling event happened in the information security world on Wednesday, August 16, 2017. It wasn’t a major hacking attack or a massive data breach. It wasn’t the release of a new security tool, or the failure of a critical...
by Chris Dorr | May 9, 2017 | Third Party Risk Management
As hacker monikers go, TheDarkOverlord (TDO) picked a pretty catchy one. Not much is known about this hacker yet (not even whether it’s an individual or a group, but I’m guessing the latter), but we do know a few things. They know what they’re doing. They’re an...
by Chris Dorr | Apr 18, 2017 | Third Party Risk Management
An Agreed Upon Procedures document is a great tool for third-party risk management (TPRM) and could be a far better option for smaller businesses when compared to the better-known SOC 2 report. SOC 2 is, by far, the single most requested document in TPRM circles. The...
