Smart Home Cyber Risks to Operational Technology and Your Cloud Enriched Enterprise

Smart technologies’ home presence grows with each passing day. The work-from-home (WFH) migrations for many workers seeking convenience while coping with “covid-19 encouraged isolation” have spurred this transformation to new levels of ready adoption. Smart thermostats, lights, home security cameras, front doorbells, automobile integration, automated window shades and curtains, TV’s and more, all managed through[…]

Query or Consequences; When Third Party Risk Management (TPRM) Goes Awry

Over a number of past articles, we’ve explored the why, what, and how of Third Party Risk Management (TPRM). Looking back there’s much to review about the nature of the processes and methods that help companies understand the risks associated with partner, supplier, provider, and even inspector relationships. Some provide key services, some backup resources[…]

Making Third Party Risk Management Scalable, Efficient, Accurate, and Affordable

In prior articles we’ve explored why third-party risk management (TPRM) is an essential part of comprehensive risk management, and what steps need to be taken to assemble and execute an effective TPRM process. In this article, we’ll explore approaches to make those steps scalable and efficient without sacrificing quality, all while managing overall associated costs.[…]

The Six Basic Steps To Effective Third Party Risk Management (TPRM)

Managing third party risk is a primary component of any comprehensive risk management program. Without it, you ignore important external processes, resources, commitments and opportunities that may have specific, critical impacts upon your operating performance, regulatory and legal compliance, and brand reputation. In past discussions, we’ve explored what functions need to be performed to effectively[…]

Revisiting The Value In Risk Management—Why Bother Now?

There are so many challenges facing businesses today as we all focus upon sustaining demand, revenue, and operating infrastructure while confronting new paradigms for staff retention, safety, and service delivery. Technologies we may have just begun to touch like mobile device management, cloud-based infrastructure and remote, digital client services, may suddenly be existential realities needed[…]

Ransomware: An Existential Threat To Remote Organizations! What Actions To Take To Mitigate Risk

Ransomware is a category of malware that infects your systems, encrypts your files and data, then threatens to destroy or publish this confidential material unless a ransom is paid for the decryption keys, usually requiring electronic deposits to some anonymous account. It has been around for decades. It’s made the headlines when large corporations, municipalities,[…]

Managing Cyber Risk In A Remote Organization

Cyber risk is adaptive. As you reconfigure operations to function with much of your staff resources working remotely, your risk footprint, vulnerabilities, and threat vectors adjust too, and realign right along. So, the question becomes how adroitly will your defenses, detection capabilities, recovery, and remediation strategies address these risk opportunities? Cybersecurity employs numerous technical components.[…]

Is Your TPRM A Weak Link In Your Continuity and Cyber Risk Plans?

All too often when we think of business continuity planning, we think of detailed checklists and tabletop tests, and situations approaching disaster recovery scenarios. We think of key suppliers and residual power supplies, and more. America’s current novel coronavirus situation has many of us finding ourselves facing periods of varying lengths where we will be[…]

Integrating Audit and Cyber Risk Management Processes to Address AI Risks

Audit and risk management are really two perspectives or “flavors” of the same measurement and inspection processes. In blogs of October and November 2018, I’ve discussed some of the key aspects of these processes and offered some arguments for the benefit of their integration to offer executive management a sharper picture of their true risk[…]

Third Party Risk Management (TPRM) Made Simple

Over the past several articles I’ve gone into some depth about TPRM; why it’s a critical part of managing cyber risk, how to integrate TPRM into your enterprise risk program, and the importance of assessment and governance to the overall effort. In doing so it’s possible this focus has created the impression that TPRM is[…]

Top

DoubleCheck Third Party Risk Management.

Now with access to D&B data for key insights about your 3rd parties.

X