Vendor Risk Management Insights

    iconemail-box

    Subscribe to our blog

    Security never sleeps. Get the most up-to-date information by subscribing to the RiskRecon blog.

    Third-Party Technical Relationships: More Present Than You Think

    Many organizations realize that they need to do a better job at managing third-party risk, but they don’t prioritize the problem because they don’t realize the true scope of the ...
    ISO 20071

    Third-Party Risk Management and ISO 20071

    In mid-2019, a medical testing company was informed by one of its vendors that the vendor had experienced a significant data breach. This data breach involved ...

    How to Start Thinking About Nth Party Risk - Part 2

    If you're starting to explore the issue of Nth-party risk, our first piece of advice is to have some serious talks with your insurers and your lawyers. Frank discussions with insurers over ...
    Nth Party Risk

    How to Start Thinking About Nth Party Risk - Part 1

    As many enterprises are finally starting to wrap their arms around the problem of third-party risk, they're also recognizing that the risks they incur from connections with outside organizations ...

    Dimensions of the Financial Sector Risk Surface

    As Digital Transformation ushers in a plethora of changes, critical areas of risk exposure are also changing and expanding. We view the risk surface as anywhere an organization’s ...

    The Industries that Cause the Widest Breach Ripples

    Many cyber breaches today impact organizations far beyond the initial victim. Depending on the incident, the effects can ripple across numerous other parties, ...
    Downstream impact of databreaches

    What Makes Measuring Cyber Ripples So Hard: Part 2

    In late 2019 RiskRecon partnered with Cyentia Institute to examine the effect of cyber incidents on companies downstream of the initial attack. In part two of this blog series with the data ...
    How many organizations have affected by multi-party data breaches?

    What Makes Measuring Cyber Ripples So Hard: Part 1

    A couple of months ago RiskRecon partnered with the data scientists at the

    EBA: Third-Party Risk Strategy

    In July 2019, UK authorities announced that Marriott Hotels would be fined $124 million under GDPR for a data breach of one of its subsidiaries, Starwood Hotels. ...
    AMCA multi-party cyber breach

    Multi-Party Incidents in the Headlines

    In May of 2019, the American Medical Collection Agency (AMCA) disclosed a breach of its systems that compromised the personal information of over 24 million individuals. Most of the individuals ...