Vendor Risk Management Insights

    iconemail-box

    Subscribe to our blog

    Security never sleeps. Get the most up-to-date information by subscribing to the RiskRecon blog.

    New RiskRecon Cybersecurity Risk Rating Model: The Risk Reality

    Correlation of Unsafe Network Services With Critical Cyber Risks

    As we continue to explore the key findings from our latest research report, Third-Party Security Signals, this blog ...

    Part 2:  Incorporating Continuous Monitoring into Your Third-Party Risk Management Program

    In part one of this short blog series we introduced the value the continuous monitoring can bring to a third-party risk management program and how you can start to introduce it into your practice. ...

    Unsafe Network Services Exposures Across Industries and the World

    In early September we released a new research report with

    Prevalence of Unsafe Services

    You might wonder just how widespread the problem of unsafe services is. “Unsafe” refers to instances where companies ...

    Part 1:  Incorporating Continuous Monitoring into Your Third-Party Risk Program

    Continuous monitoring is a valuable tool for organizations seeking to improve their cyber third-party risk ...

    When TLS Problems Signal Broader Security Hygiene Flaws

    As organizations examine their vendor relationships with an eye toward cyber risk, there's rarely a single factor that would tell a decision-maker that any given third-party is too risky to do ...

    Understanding AWS Core Security Essentials

    Amazon Web Services provides a mind-boggling expanse of systems, services, and applications. An all-encompassing AWS security assessment guide would fill ...

    In Cybersecurity it’s Not Good Enough to Simply Trust

    Unfortunately, too many enterprises today are completely blindsided by down-stream impact from

    You Can't Abstract Away Risk

    The fundamental truth about third-party risk is that an organization can abstract away IT complexity and outsource IT work, but it can never outsource the cyber ...