Using the HECVAT to Measure Vendor Risk
by Brian Kelly on September 8, 2022 at 1:00 PM
Not a day goes by without a conversation about third-party risk management. Our clients are being bombarded in all directions; asked by regulators, auditors, their clients, and customers alike to complete third-party risk assessments (SIG, CAIQ, HECVAT).
Are You Protecting Your Attack Surface?
by Kelly O’Brien on August 25, 2022 at 1:00 PM
Does your organization understand its attack surface? Gartner, Inc., a technological research and consulting firm, recently published the top trends in Cybersecurity for 2022, with attack surface expansion coming in at number one.
MSP Breaches Opening the Door to Further Attacks on Clients
by Jake Dwares on August 10, 2022 at 1:00 PM
Is your Managed Service Provider (MSP) protecting yours and your client’s data? Are you regularly assessing your MSP and the rest of your vendors? It is no secret that hackers have gained access to more and larger companies over the past few years, but a new malicious tactic is coming …
PCI, Service Providers, and You
by Donald Mills on August 19, 2021 at 3:30 PM
As merchants increasingly utilize trusted partners to maintain and manage critical pieces of their business, information technology, and security infrastructure, it becomes necessary to build a program to manage these vendors.
SolarWinds SUNBURST Hack – And You Thought 2020 Couldn’t Get Any Worse
by Danielle Corsa on December 18, 2020 at 2:45 PM
Co-authored by Derek Morris, Senior Information Technology Security Professional SUNBURST – add this to the list of all the wonders this year has brought. Are you one of the 18,000 customers infected by SUNBURST? Have you been ordered by the US Department of Homeland Security to quara …
Vendor Risk Management: Third-Party Risk Analysis / Annual Review
by Andrew Paull on October 8, 2020 at 2:00 PM
We live in a world where our interactions with each other are generally benign, observed to be candid at face value, making it easy to take the assurances of success, functionality, and capability of our colleagues and acquaintances as they are meant. Unfortunately, business interacti …