Shopping For a GRC Platform

Almost every blog entry listed here makes some reference to a Governance, Risk, and Compliance (GRC) software tool and how it can help you manage cyber risk. But what if you don’t have one of these? What about spreadsheets? Or home grown database tools you made yourself and are certain are “good enough”? And suppose[…]

cyber security software

When The Cyber War Comes Home

The modern battlefield has a new extension—cyberspace! And the modern battlefield is no longer confined to simple geographies of land masses, airspace, oceans, valleys and mountains. Better (more destructive) bombs, missiles, rockets, guns, and fighter aircraft, weren’t enough for us feisty humans. Just as the global economy has blurred once sharply defined geographical and economic[…]

EBI

Harvesting Information From GRC Data—The Promise of Business Intelligence Tools

Thirty-five years ago, my first article was published in a professional journal. It was the outgrowth of a talk I gave at a business conference on the use of computer generated graphical information reporting. In 1987 those technologies were in their infancy. Computerized business graphics, pie, line, and bar charts, generated using desktop systems and[…]

Resilience in 2022—A Key to Cyber Risk Management

As we enter another year of challenges to business, to cyber-survival, and to living in a time where past norms of operation seem more historical than current, one is left to question what is important, and within that set, what is feasible now? There are many voices aloft across social media channels, news channels, thought[…]

When The Cyber Event Strikes Home

Over the years I’ve written about many possible cyber risks, their potential impacts upon companies, their stakeholders, clients, and associates. We’ve talked about third party risk (TPRM) and associated measures to be taken to protect, detect, remediate, and respond. Well, recently one of these events struck home, literally, and the scenario, as described to me[…]

When Come The Rains, Floods, Hurricanes, Earthquakes, and More

There is a whole category of threats to cyber risk and security often ignored despite its potential to impose catastrophic disruption and damage—business interruption! We attend to human malice in many forms, and its diverse efforts to gain unauthorized access to secure information, capture control of devices and systems, or perform all kinds of mischief[…]

The Executive Order on Improving the Nation’s Cybersecurity—Its Impact On Your Risk Management Program

Overview“It is the policy of my Administration that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security. The Federal Government must lead by example.”[1]  So states the Executive Order (EO) on Improving The Nation’s Cybersecurity! Noble by intent, and certainly appropriate, it has not[…]

Summertime, And The Cyber Risk Is Easy…

Summertime, and the living is, once again, easy—sort of. Just a few summers ago these were the days of occasional remote work, long weekends, holidays, vacations, and for some companies, shortened “summer hours”. As our work routines have made the separation of office, work, and personal time a fluid continuum, our risk perimeter and footprint[…]

Integrating Third Party Data Into Your Risk Management Processes (TPRM)

Some Risk Managers rely upon reported findings from internal risk assessments as the primary source of risk data in their Third Party Risk Management (TPRM) programs. Too often this approach generalizes over time from a primary to an exclusive source. That’s a missed opportunity to leverage value from other contributors to your operations, by incorporating[…]

A Look At DoubleCheck’s Approach to TPRM (Third Party Risk Management)

This month, I’m going to depart a bit from the independent discussions of IT risk and cybersecurity to explore some of the specific ways this blog’s host, DoubleCheck Software, provides tools, resources, and value to companies working to manage their supply chain and partner risk—TPRM (Third Party Risk Management). The DoubleCheck GRC offers a platform[…]

Top

DoubleCheck Third Party Risk Management.

Now with access to D&B® data for key insights about your 3rd parties.

X