Vendor Risk Management
The Silent Supply Chain: Why Your Fourth-Party Vendor is Your Biggest BlindspotÂ
The CDK Global breach exposed how niche vendors can cripple entire industries. Move beyond questionnaires to continuous, AI-driven monitoring of third-, fourth- and nth‑party dependencies, dynamic prioritization, and threat‑informed supply‑chain risk management ...
7 Steps To Secure Critical InfrastructureÂ
Critical infrastructure and public sector organizations such as government and municipalities, manufacturing units, communication networks, transportation services, power and water treatment plants, et. al, have been battling a growing wave of breaches ...
What is Vendor Risk Management (VRM)?
Vendor risk management, or VRM, is a program within an organization that is responsible for identifying and remediating risks associated with vendors. What is a vendor? While sometimes used interchangeably, a vendor ...
Ask the Expert: How has third-party risk changed in the last year?
Dawn Ward, Senior Solution Consultant at Iceberg Networks and Chris Murphey, VP Advisory Services at Iceberg Networks, discuss how the third-party risk landscape has evolved in the last year. The following is ...
Prime Contractor CMMC Rollout: Supporting Your Supply Chain
In an effort to strengthen U.S. national security, DoD contractors must roll out the Cybersecurity Maturity Model Certification (CMMC) across their internal business, and expect that their supply chain does the same ...
CIP-013 Implementation: Know Supplier Posture & Accelerate Compliance
As the deadline for NERC CIP-013 compliance approaches, power and utility organizations are focused on implementing supply chain risk management strategy across their global vendor base ...
Guidance for CIP-013: Effective Date, Guidelines, and Enforcement
Updated April 2, 2020 - Latest NERC CIP-013 Guidance ...
Vendor Risk Management: The Secret Ingredient
A people-centric approach to vendor risk management can remove some of the headaches in assessing third-party risk Just a few years ago, companies ran their own payroll, benefits, recruiting, marketing and mainframe ...
The Value of Risk Committees and Board Security Engagement
While at this year’s RSA Conference, I had the chance to have a conversation with Catherine Allen, chairman and CEO of strategic consulting firm The Santa Fe Group and a cybersecurity visionary ...
Carbon Black Report Indicates Industries Most Targeted For Cyber Attack
In their third Global Incident Response Threat Report our Massachusetts neighbor, Carbon Black, illustrates not only the top industries for cyber attack but a deeply concerning new trends that faces business regardless ...
