ThirdPartyTrust Blog

Experts Share Important Metrics for Assessing Vendor risk

Posted by Jeffrey Spetter on 1/10/18 4:43 PM

Metrics drive the measure of progress and stand as benchmarks during any assessment, audit or review process. They are the life blood of reporting and when it comes to vendor risk management, it is not as straight forward as you might think. Let's take a deeper look into what Guy Dulberger of Ritchie Bros. has to say about the key metrics to track when assessing vendor risk and how a risk-based approach is the new norm for vendor risk management. 

 "I think an important aspect of what makes a great security report, KPI or metric is understanding your business and where your greatest orgnizational risk lies."

- Guy Dulberger, Information Security Executive

Read More

Topics: Best Practices

Emerging Technology, Unknown Risks: DePaul University's Fourth Annual Cyber Risk Conference | Part Two

Posted by Yasmeen Ghazal on 12/20/17 9:10 AM

Part one of the DePaul Cyber Risk Panel covered: 

- How to start building a vendor risk management program

- Key vendor risk management metrics 

- How to keep the vendor engaged after the contract has been signed

In Part 2, panelists answer audience questions. Including what constitutes a vendor and varying risk profiles for vendors. 

Read More

Topics: Vendor Risk Management, Panel Discussions

Emerging Technology, Unknown Risks: DePaul University's Fourth Annual Cyber Risk Conference | PART ONE

Posted by Yasmeen Ghazal on 11/29/17 12:00 AM

DePaul University's Arditti Center for Risk Management hosted its 4th annual Cyber-Risk Conference earlier this week with over 100 attendees. Three panels took place that day, one moderated by Anders Norremo, CEO of ThirdPartyTrust, on the topic of The Cloud and Third Party Vendor Managament. Panelists included Kyle Brunell, IT Risk manager at Ernst & Young; Shane Hibbard, Director of Information Security at Invenergy; Richard Latayan, Cybersecurity and Network Infrastructure Manager at Hollister.

Read More

Topics: Panel Discussions

2017 Vendor Risk Management BenchMark Study | Protiviti & Shared Assessments

Posted by Yasmeen Ghazal on 11/21/17 4:40 PM

The external risk environment is changing quickly as massive and costly cyber attacks -- Home Depot, Boston Medical Center and the Department of Veterans Affairs, among others -- have struck in the past couple years, continuing to challenge organizations to re-think approaches to vendor risk management.

Read More

Topics: Vendor Risk Management

Keynote Panel: Re-thinking How to Build Trust in the Vendor Eco-System

Posted by Yasmeen Ghazal on 10/30/17 9:00 AM

 

On October 18th, 2017, McCormick Center held 3,000 attendees as the first annaul Cyber Security Chicago conference. It offered invaluable insights around hot topics in the industry including IoT Security, DevSecOps and the Equifax Breach. On the Keynote Stage, Anders Norremo, CEO of ThirdPartyTrust, led a keynote on Re-Thinking How to Build Trust in the Vendor Eco-System alongside   Fawaz Rasheed , CISO  of Trustmark Companies, and  Matt Dechant , CISO of Tempus
Read More

Topics: Vendor Risk Management, third party risk

Data Risk in the Third-Party | Ponemon Institute

Posted by Jeffrey Spetter on 10/12/17 8:29 AM

The Ponemon Institute recently rolled out there second annual study of Data Risk in the Third-Party Ecosystem. The study aims to understand trends in the challenges companies face in protecting sensitive and confidential information shared with third parties and 4th party vendors. 

Read More

Topics: Vendor Risk Management, third party risk

Panel: Cybersecurity & Manufacturing in the digital era

Posted by Yasmeen Ghazal on 9/11/17 4:20 PM

On September 6th, 2017, Anders Norremo, CEO of ThirdPartyTrust, moderated a panel of manufacturing experts on the topic of CyberSecurity & Manufacturing in the Digital Era at the OnRamp Conference in Milwaukee, WI.

Panelists included Chris Merkel, CISO of Brunswick Corp; David McPhee, the Regional Information Security Manager at Caterpillar; Michael Goetzman, CISO at Master Lock; and Steve Brukbacher, the Application Security Manager at Johnson Controls. 

Read More

Topics: Vendor Risk Management

7 Risks to Data In the Third Party Eco-system

Posted by Jeffrey Spetter on 8/21/17 8:30 AM

The Ponemon Institute conducted a study back in April of 2016 surveying companies to understand the challenges they face in protecting sensitive and confidential information shared with third parties resulting in Data Risk in the Third-Party Ecosystem study.

Read More

Topics: Regulation, Vendor Risk Management, Best Practices

Morningstar & Uptake Discuss Vendor Risk Management Best Practices with Anders Norremo

Posted by Olivia Mandell on 7/31/17 8:55 AM

Commercial transactions and informational exchanges no longer represent linear processes between two parties; rather, the shared data travels past the involved entities and into each organizations expansive network of third and fourth party vendors. Through infiltrating these organizations, hackers are most often able to access the data of larger connected companies. According to a Soha Survey, 63% of all data breaches stem from vendor related attacks. IT experts predict that number of vendor related attacks will rise, as companies increasingly resort to outsourcing for innovation and expanded services.

Read More

Topics: Vendor Risk Management

At Morningstar Security Summit, Experts Discuss Vendor Risk Management

Posted by Olivia Mandell on 7/27/17 8:00 AM

      At the Morningstar Security Summit on June 26th, 2017, Morningstar's CIO and team gathered industry experts to discuss best practices in cyber security and risk assessment. Sessions throughout the day included: State of the Security Industry, Understanding Emerging Threats and Regulatory Trends, Amazon Web Services Security, Protecting What Matters and a panel discussion on "Should You Trust Your Third Party Vendors?."

Read More

Topics: Partnerships, Vendor Risk Management

ThirdPartyTrust is a vendor risk management platform strengthening cyber risk intelligence and simplifying the management process for enterprises performing vendor risk assessments.
 
By analyzing both third and fourth party vendor cyber risk using a network-based solution, like 3PT, trust is built and mapped within your vendor eco-system.

Subscribe to Email Updates

Recent Posts