All Third Party Risk articles
-
ArticleBig week for breaches: McDonald’s, Carnival, and more
Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
-
Webcast
CPE Webcast: Continuous monitoring — the key to effective TPRM
Third-party risk management has always been a challenging area for risk and compliance professionals, never more so than today. As the global economy rebounds, third-party risk has taken on new dimensions.
-
Webcast
CPE Webcast: TPCRM best practices that reduce supply chain risk
Organizations are adopting digital transformation and, as a result, increasing their reliance on third parties faster than they can scale their third-party cyber-risk management programs.
-
Article
Bracing for impact: Supply chain risk management post-Suez Canal blockage
A month has gone by since a 1,300-foot cargo ship ran aground and blocked one of the busiest waterways in the world. For many industries, the ripple effects will continue to batter global supply chains for weeks to come, absent having in place a sound supply chain risk management program. ...
-
Article
Suez Canal blockage serves as reminder for key supply chain risk lessons
The grounding of the Ever Given is the latest unexpected incident to cause severe supply chain disruptions around the world. The lessons learned from others, such as the coronavirus pandemic, are just as relevant, writes Aaron Nicodemus.
-
Webcast
CPE Webcast: Navigating financial regulations for third-party risk management
Today’s financial services industry operates in an environment characterized by significant regulatory scrutiny. To be compliant, organizations must be aware and adhere to regulations, guidelines, and industry standards as it relates to their vendors, suppliers and third parties.
-
Article
Kroger joins victims of Accellion data breach
Two months after cloud service vendor Accellion first identified one of its legacy products was targeted by a sophisticated cyber-attack, users of the product continue to feel the impact, with grocery chain Kroger the latest to reveal its exposure.
-
Article
Done right, outsourcing compliance can be rewarding
Should you consider outsourcing some of your firm’s compliance functions? Perhaps, even, all of them? The answer is complicated and requires a thorough analysis of the risks and rewards.
-
Resource
White paper: Rethinking Third-Party Cyber Risk Management
This guide will help you better understand the choices before you, no matter if your organization hasn’t even cracked the seal on third party cyber risk management.
-
Article
SolarWinds hack turning into Pandora’s box of cyber-risk
The more we learn about the SolarWinds hack, the more troubled compliance officers should be by the scope and breadth of the risks their companies might have incurred.
-
Article
Norwegian DPA warns Grindr of $11.7M GDPR fine
Norway’s data privacy watchdog issued gay dating app Grindr with a notice of intention to fine it NOK 100 million (U.S. $11.7 million) for sharing personal data with third parties without users’ consent.
-
Webcast
CPE Webcast: How to manage third-party risk: Expected trends for 2021
Join Deloitte’s leading practitioners in third party risk management for a one-hour webinar as they explore key findings from their fifth annual extended enterprise risk management (EERM) survey.
-
Article
Deutsche Bank to pay $130M to settle bribery, ‘spoofing’ charges
Deutsche Bank has agreed to pay more than $130 million to resolve charges that it paid bribes to third parties to secure business deals in Asia and the Middle East, in addition to a separate commodities fraud “spoofing” case.
-
Article
Learning from SolarWinds: Five steps to fortify your cloud supply chain
For most companies, supply chain risk management traditionally focuses on managing physical third-party risks. But what the SolarWinds cyber-attack revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.
-
Article
Cyber-security lessons from the SolarWinds hack
The lessons from the massive SolarWinds hack on where vulnerabilities still lurk in the third-party vendor supply chain cannot be grasped soon enough.
-
Webcast
CPE Webcast: How to get your TPRM program ready for success in 2021
To say that 2020 was filled with change and challenges would be an understatement. As businesses adjust to new ways of working, many are reassessing the risk profiles of their third parties and re-evaluating their third-party risk management programs as they prepare for the new year.
-
Webcast
CPE Webcast: Third party risk: Tough challenges and real-world solutions
Join this educational session as we outline best practices for developing and optimizing efficient processes within your third party risk management program.
-
Article
Preparation, monitoring key to combating third-party cyber-security risk
A spate of recent cyber-security breaches occurring via third parties is a reminder of the importance for companies to stay on top of risk management. Regulators have shown to not take kindly to finger-pointing.
-
Article
Trio of U.K. fines expose third-party risks under GDPR
Recent GDPR fines against British Airways, Marriott, and Ticketmaster by the U.K. Information Commissioner’s Office each saw the regulator dismiss claims by the companies that third parties were primarily responsible for the data breaches in question.
-
Webcast
CPE Webcast: Build a world-class vendor risk program with limited resources
Today, many organizations find themselves stretched thin with limited resources and unable to put together a world-class vendor risk management program.
