ThirdPartyTrust Blog

Data is the new oil and breaches are the new spills; so where is the leak?

Posted by Jeffrey Spetter on 7/6/18 9:11 AM

The former CEO of Intel, Brian Kzranich said last month, “Data, I look at it as the new oil. It’s going to change most industries across the board. Oil changed the world in the 1900s. It drove cars, it drove the whole chemical industry,” Krzanich explains.

Read More

Topics: Vendor Risk Management

The Real Challenges of Moving Cyber Initiatives Forward

Posted by Jeffrey Spetter on 5/29/18 9:45 AM

With growing executive demand for changes to cybersecurity processes and awareness comes inherent challenges to an organization. To set the stage, the NotPetya attacks on Moeller-Maersk shipping company took them offline for ten days. Jim Haggemann Snabe, the Chairman, describes the heroic efforts to get 45,000 PCs and 2,500 servers back and up and running (see video) proves that ransomware attacks or never before seen attacks can have tremendous impact on business operations.

Read More

Topics: third party risk, Vendor Risk Management, IoT Security, Regulation

Guest Blog by Todd Tressler - Tick tock: a GDPR Primer to meet the deadline next week

Posted by Jeffrey Spetter on 5/23/18 2:52 PM

Discussions on privacy laws have taken front and center in recent weeks as European Union (EU) member states begin enforcing the General Data Protection Regulation (“GDPR”) on May 25, 2018.  As we have been discussing for a while, there is confusion as data collectors try to figure out the impact of this legislation.  There is no question that large, multi-national corporations will have to comply and many of these corporations are already in compliance.  However, with this deadline just around the corner, smaller companies that do not actively target EU residents are struggling with how this legislation impacts them.

Read More

Topics: GDPR, third party risk

How is Cyber Shaping the Insurance Industry? Learn From Pros at Allstate, Trustmark and BCSF.

Posted by Jeffrey Spetter on 4/23/18 3:28 PM

Anders Norremo, CEO of ThirdPartyTrust, had the pleasure of moderating a panel at the OnRamp Insurance Conference on Thursday April 12th, 2018.  The panelist included Mia Boom-Ibes, Fawaz Rasheed, Steve Timmerman, and Tammy Kocher. They all gave great insight to how cybersecurity is shaping the insurance industry. 

We will explore questions surrounding the New York Department of Financial Services Cyber Regulation, next-generation technologies and the biggest needs from these organizations. 

Read More

Topics: Panel Discussions, third party risk, Regulation

Guest Blog by Mike Baier on GDPR and the Integration of Third Party Service Providers

Posted by Jeffrey Spetter on 4/5/18 4:13 PM

While the entire world is seemingly melting with the terrifying onslaught of the enforcement of the General Data Protection Regulation (GDPR…coming to a theater near you on May 25th, 2018) there remains a significant amount of mis-information, confusion, and utter chaos within some of the world’s largest corporations (HQ’d outside of the EU) and on social media regarding the continued use of trusted third parties in support of business operations…especially, those companies not too experienced with heavily regulated environments such as banking, insurance, and other financial services.

Read More

Topics: third party risk, GDPR

TPT InfoSec Interviews: Rocio Baeza, CEO Cybersecuritybase

Posted by Jeffrey Spetter on 3/27/18 12:39 PM

Hi, everyone. This is Jeff Spetter from ThirdPartyTrust and I had the great pleasure of speaking with Rocio Baeza, CEO of CyberSecurityBase. Here's a recap and audio of the interview. 

Read More

Topics: Vendor Risk Management

OWASP CHICAGO FEBRUARY MEETUP SUMMARY AND PRESENTATIONS

Posted by Anders Norremo on 3/5/18 8:00 AM

Big thank you to Morningstar for hosting the recent OWASP meetup. The evening was filled with really informative content in a couple of areas all tied to OWASP.

Read More

Experts Share Important Metrics for Assessing Vendor risk

Posted by Jeffrey Spetter on 1/10/18 4:43 PM

Metrics drive the measure of progress and stand as benchmarks during any assessment, audit or review process. They are the life blood of reporting and when it comes to vendor risk management, it is not as straight forward as you might think. Let's take a deeper look into what Guy Dulberger of Ritchie Bros. has to say about the key metrics to track when assessing vendor risk and how a risk-based approach is the new norm for vendor risk management. 

 "I think an important aspect of what makes a great security report, KPI or metric is understanding your business and where your greatest orgnizational risk lies."

- Guy Dulberger, Information Security Executive

Read More

Topics: Best Practices

Emerging Technology, Unknown Risks: DePaul University's Fourth Annual Cyber Risk Conference | Part Two

Posted by Yasmeen Ghazal on 12/20/17 9:10 AM

Part one of the DePaul Cyber Risk Panel covered: 

- How to start building a vendor risk management program

- Key vendor risk management metrics 

- How to keep the vendor engaged after the contract has been signed

In Part 2, panelists answer audience questions. Including what constitutes a vendor and varying risk profiles for vendors. 

Read More

Topics: Panel Discussions, Vendor Risk Management

Emerging Technology, Unknown Risks: DePaul University's Fourth Annual Cyber Risk Conference | PART ONE

Posted by Yasmeen Ghazal on 11/29/17 12:00 AM

DePaul University's Arditti Center for Risk Management hosted its 4th annual Cyber-Risk Conference earlier this week with over 100 attendees. Three panels took place that day, one moderated by Anders Norremo, CEO of ThirdPartyTrust, on the topic of The Cloud and Third Party Vendor Managament. Panelists included Kyle Brunell, IT Risk manager at Ernst & Young; Shane Hibbard, Director of Information Security at Invenergy; Richard Latayan, Cybersecurity and Network Infrastructure Manager at Hollister.

Read More

Topics: Panel Discussions

ThirdPartyTrust is a vendor risk management platform strengthening cyber risk intelligence and simplifying the management process for enterprises performing vendor risk assessments.
 
By analyzing both third and fourth party vendor cyber risk using a network-based solution, like 3PT, trust is built and mapped within your vendor eco-system.

Subscribe to Email Updates

Recent Posts