Vendor Risk Management Insights


      Subscribe to our newsletter

      Security never sleeps. Get the most up-to-date information by subscribing to the RiskRecon newsletter.


      Extending GRC with Continuous Vendor Security Monitoring

      We speak with many clients that already have some form of governance, risk management, and compliance (GRC) program in place to assist with managing their ...

      When Apache Struts2 Hits the Fan, Respond with Data and Collaboration

      Mitigating your third-party exposure to Apache Struts2 requires accurate, actionable data -- and fast. If you can apply automated techniques to rapidly ...

      Using Threat Intelligence to Manage Third Party Risk: The Boy Who Cried Wolf

      More and more enterprises are increasing their budgets for threat intelligence in order to stay on top of the latest security risks. The dramatic increase in ...

      Part 2:  Incorporating Continuous Monitoring into Your Third-Party Risk Management Program: The Pilot is Complete – Now What?

      One of the most common questions we’re asked is how to incorporate continuous monitoring into a third-party risk management ...
      AdobeStock_141587175 (1)

      Part 1:  Incorporating Continuous Monitoring into Your Third Party Risk Program: Begin with the End State in Mind

      Like many organizations today, you have existing processes, tools and people laser-focused on ...

      2017 Outlook: Vendor Risk Continues as a Top Challenge Faced by CISOs

      CISOs know that security risks abound. But objectively measuring risk and balancing it against the needs of the business is essential. ...

      Part 2: Are Your Vendors Walking the Walk? Confronting Risk Realities: Your Control Processes are Broken

      In the second part of this two-part blog series, we look at the reality of your risk processes. The complex, extensive vendor ...

      Part 1: Are Your Vendors Walking the Walk? Confronting Risk Realities: Your Measurements Are Incomplete

      You just received an updated security attestation from your third-party provider, but the hair on your arms stands straight up when news of the latest hack ...