January 11, 2021

Why does risk management have such a bad reputation?  Too often ‘Risk assessments’ are seen as an excuse not to do something.  And lengthy ‘risk review’ meetings, where 1000 ...

Read More

December 17, 2020

The SolarWinds “Sunburst” supply chain attack is challenging security teams across the world. From a Vendor Risk Management perspective, it is already a time of ...

Read More

December 9, 2020

In a recent survey, KPMG found that 77% of respondents said that Third-Party risk management is a strategic priority for their business. But just because everyone is doing ...

Read More

November 18, 2020

How can risk assessments help manage third parties? In our last blog we talked about what a third-party security assessment is and how it needs to be:  Relevant   Efficient  Accurate Timely Actionable In this blog ...

Read More

November 12, 2020

At first sight this question might appear facile or answering itself.  “Surely a Third-Party Security Assessment is an assessment of the security of a Third-Party”.  There are many different ...

Read More

October 6, 2020

Ransomware encrypts files on the infected system or network. It then demands a ransom to decrypt the infected files. It often charges in bitcoin. What often happens ...

Read More

September 21, 2020

COVID-19 has revolutionised the flexibility of work, whether that is working from home or in public. But it has also significantly increased the use of public Wi-Fi and other insecure methods ...

Read More

September 14, 2020

If the risk of a data breach in third-parties increases, so can the risks of a breach in fourth- and fifth- parties. That is why ...

Read More

September 4, 2020

PCI-DSS or Payment Card Industry Data Security Standard is an information security standard for organisations that handle branded credit cards from the major card schemes. It is ...

Read More