Vendor Risk Management Insights


      Subscribe to our blog

      Security never sleeps. Get the most up-to-date information by subscribing to the RiskRecon blog.

      RiskRecon Observed Malicious Activity During the COVID-19 Pandemic

      Third-Party Risk Management and ISO 20071

      How to Start Thinking About Nth Party Risk - Part 2

      How to Start Thinking About Nth Party Risk - Part 1

      The Analyst View: Measurement and Reporting

      Jesse Card - RiskRecon's Founding Developer

      Takeaways from the Latest Marriott Data Breach

      The Analyst View: Operationalization and Value

      Dimensions of the Financial Sector Risk Surface

      The Analyst View: Why Cybersecurity Risk Ratings Technology Matters

      The Maturity of Third-Party Risk Management

      Financial Firms - How Well Are You Managing Digital Risk?

      RiskReconer: Deepak Jeevankumar - CEO Builder

      The Industries that Cause the Widest Breach Ripples

      What Makes Measuring Cyber Ripples So Hard: Part 2

      What Makes Measuring Cyber Ripples So Hard: Part 1

      EBA: Third-Party Risk Strategy

      Multi-Party Incidents in the Headlines

      From Ideas in the Basement to Successful Enterprise – It Takes Great People

      Digital Transformation and the Risk of Costly Cyber Ripples

      Securing Critical Infrastructure with the NIS Directive

      Come See One of the Top Startups at RSAC 2020

      What is Third-Party SecOps?

      RiskRecon Commits to Continued Innovation

      EBA Guidelines on Outsourcing Arrangements - Summary of Requirements

      HIPAA & HITECH: Third-party Risk Management

      RiskRecon is Acquired by Mastercard to Enhance Cyber Threat Intelligence

      HIPAA & HITECH | Today's Health Data Privacy Laws in the USA - Part 2

      HIPAA & HITECH | Today's Health Data Privacy Laws in the USA - Part 1

      HITECH Foundations: Part 2

      HITECH Foundations: Part 1

      What's a Cyber Ripple Event?

      Healthcare CyberSecurity: HIPAA Foundations - Part 2

      Healthcare CyberSecurity: HIPAA Foundations - Part 1

      Comparing and Contrasting GDPR & CCPA

      Measuring Risk Surface: Part 3

      What's the Board's Role in Managing Cyber Risk?

      GDPR Foundations: Part III

      GDPR Foundations: Part II

      A Conversation on Digital Transformation and Third-Party Risk

      GDPR Foundations: Part I

      5 Risk Factors for Deciding Where to Host Cloud-Eligible Assets

      CCPA: Third-party Risk Management

      How the Goldilocks Zone Impacts Multi-Cloud Risk

      CCPA Foundations Part II

      CCPA Foundations Part I

      Measuring Risk Surface: Part 2

      GDPR: Third-party Risk Management Obligations

      Measuring Risk Surface: Part 1

      GDPR Fines: What they mean for your organization and what you can do

      Responding to Risk Surface

      GDPR: How organizations go from violations to fines

      The What and Why of Risk Surface

      Making Risk Surface Real

      What You Need to Know about the NYDFS Cybersecurity Regulations

      What's Risk Surface?

      How Universities Fail to Protect Student Data

      What the Ascension Breach Means for You

      RiskRecon Partners with RSA Archer

      6 Tips for Administering Better Vendor Questionnaires

      SC Magazine Unveils RiskRecon Review

      How to protect yourself through the hazards of the M&A process

      2019 Cybersecurity Predictions

      Product Enhancement: Vendor Information Header Update

      Product Enhancement:  Issue Risk Matrix for your Entire Vendor Portfolio

      Seventh Deadly Sin: Limiting vendor risk management to periodic assessments

      Sixth Deadly Sin: Trusting, but not verifying

      Fifth Deadly Sin: Not knowing your vendors

      Fourth Deadly Sin: Failure to address information security in third-party contracts

      Third Deadly Sin: Not measuring and reporting risk and risk outcomes

      Second Deadly Sin: Failing to make third-party risk management about business risk management

      RiskRecon Announces the Invention of Ground-Breaking Asset Risk Valuation Algorithms, Transforming How Enterprises Manage Third-Party Cyber Risk

      Blog Post Series: The Seven Deadly Sins of Third-Party Cyber Risk Management

      New Enhancements to RiskRecon Portfolio Dashboard

      Lockpath and RiskRecon Further Partnership to Increase Third-Party Risk Visibility

      RiskRecon Advisor Yong-Gon Chon Shares Cybersecurity Tips

      CEO of RiskRecon Weighs in on Vendor Risk Management

      Who’s Monitoring Your Third-Party Vendors for Cyber Risk?

      You Can’t Manage What You Can’t Measure – Integrating Risk Formulas into Your Cyber Risk Management Framework

      Breaking the Cybersecurity Insanity Cycle

      Security Vulnerabilities Don’t Equal Security Risk – So How Do You Prioritize?

      Join us for the Fair Institute Tech Sponsor Webinar Featuring RiskRecon Founder and CEO Kelly White

      Why the Security of Your Vendor’s Entire Enterprise Matters

      Meet with RiskRecon at the Financial Services-ISAC Annual Summit

      What is the True Cost of Administering Your Vendor Security Questionnaire?

      Public Customer Vendor References – Good Partnership but Risky Business

      When the media wrongly implicates you in a third-party data breach

      You Can’t Outsource Risk - A regulatory guide to third-party cyber security risk management

      We Are Proud To Announce Our Exclusive Partnership With the FAIR Institute.

      The Playbook for Managing Third-Party Security Risk

      Why Third-Party Security Risk Matters

      Managing Third-Party Meltdown & Spectre Risk Exposure Strategic Recommendations Beyond Patching

      Principles for Fair and Accurate Security Ratings

      Extending GRC with Continuous Vendor Security Monitoring

      When Apache Struts2 Hits the Fan, Respond with Data and Collaboration

      Using Threat Intelligence to Manage Third Party Risk: The Boy Who Cried Wolf

      Part 2:  Incorporating Continuous Monitoring into Your Third-Party Risk Management Program: The Pilot is Complete – Now What?

      Part 1:  Incorporating Continuous Monitoring into Your Third Party Risk Program: Begin with the End State in Mind

      2017 Outlook: Vendor Risk Continues as a Top Challenge Faced by CISOs

      Part 2: Are Your Vendors Walking the Walk? Confronting Risk Realities: Your Control Processes are Broken

      Part 1: Are Your Vendors Walking the Walk? Confronting Risk Realities: Your Measurements Are Incomplete