Are you charged with managing your organization’s third-party security and find yourself manually sorting through spreadsheets, trying to make heads-or-tails of your suppliers’ security questionnaires? Are you frustrated by the weeks or months it takes to onboard a new vendor? Are you concerned that your organization will be the next victim of an expensive third-party cyberattack? Wondering how you’ll ever...

This past year has been a challenging one for the world at large. In the cyber world in particular, it will be remembered as a year that saw an increase of supply chain attacks, affecting as many as 694 entities. This increase in third-party attacks is not surprising given that companies are utilizing vendors more today than in the past....

We all rely on third-party vendors to get our work done. Whether it’s our office supplier, cloud host or a project management tool — we are super dependent on others to make our jobs easier. But by doing so, we’re also making our companies more vulnerable. To illustrate that point, did you know that organizations share sensitive data with an...

Financial. Healthcare. Insurance. Government.  Industries like these, well known for dealing with valuable information such as Social Security numbers, medical records and other personal information, are what most would consider likely security breach targets. However, as organizations increasingly depend on technology, data and vendor supply chains to conduct business, there’s no sector that’s immune and no organization that is safe...

Just a mention of those long, arduous and often confusing security questionnaires evokes eye-rolling, stress and frustration from suppliers. And for good reason. While understandable that an organization must do its due diligence before entrusting a vendor with their data, the process of filling out a security questionnaire is fraught with challenges. Here’s why vendors find the process of completing...

“You can’t manage what you can’t measure,” Peter Drucker, the father of modern business management is famously quoted as saying. While there are many areas in business and in life where this quote can apply, it is especially pertinent to managing vendor cyber risk.  While the world has unprecedented access to data than ever before, it’s turning that data into...

If you’re like most organizations, you are highly dependent on third-party vendors to efficiently run your business. On the flip side, vendors present risks which can have serious legal, financial and business repercussions, making vendor risk assessments more essential than ever. But how do you effectively manage hundreds, if not thousands, of vendors? Here are four key steps that should...

As the world was finally counting down to a new and brighter 2021, the attack on SolarWinds,  one of the most significant supply chain attacks in recent history, closed an already challenging year with a thunderous bang.   This supply chain attack was quite extensive, affecting more than 250 federal agencies and businesses and setting off alarms about the vulnerability of...

If 2020 has taught businesses anything, it’s to “expect the unexpected.” The COVID-19 pandemic showed the world just how ill-prepared we really were for a disruption of this magnitude. As we enter 2021, resolve to protect your assets by employing a third-party security risk management platform and watch your old, manual process quickly transform into an efficient, streamlined one. So...

Companies are finally understanding the importance of having a full due diligence process in place to assess their third-party vendors. But an essential part of the third-party risk management process is what happens at the end: Once you’ve finished assessing your vendors; you need to monitor them. This proactive approach will alert you of any potential or new risks that...