Vendor Risk Management Insights


      Subscribe to our blog

      Security never sleeps. Get the most up-to-date information by subscribing to the RiskRecon blog.


      GDPR: Third-party Risk Management Obligations

      Historically, organizations have sometimes been able to shift some liability for data breaches to their third-parties, if not all liability (this has been ...

      Making Risk Surface Real

      An argument for risk surface’s leading role in corporate risk registers By Richard Seiersen: Risk Management Author, Serial CISO, CEO ...

      What You Need to Know about the NYDFS Cybersecurity Regulations

      If you’re even loosely connected to the financial services industry, you’ve no doubt heard about the newest cybersecurity requirements issued by the New York State ...

      Join us for the Fair Institute Tech Sponsor Webinar Featuring RiskRecon Founder and CEO Kelly White

        RiskRecon Founder and CEO Kelly White will be presenting a FAIR Institute Tech Sponsor Webinar titled ...

      Extending GRC with Continuous Vendor Security Monitoring

      We speak with many clients that already have some form of governance, risk management, and compliance (GRC) program in place to assist with managing their ...

      When Apache Struts2 Hits the Fan, Respond with Data and Collaboration

      Mitigating your third-party exposure to Apache Struts2 requires accurate, actionable data -- and fast. If you can apply automated techniques to rapidly ...

      Using Threat Intelligence to Manage Third Party Risk: The Boy Who Cried Wolf

      More and more enterprises are increasing their budgets for threat intelligence in order to stay on top of the latest security risks. The dramatic increase in ...

      Part 2:  Incorporating Continuous Monitoring into Your Third-Party Risk Management Program: The Pilot is Complete – Now What?

      One of the most common questions we’re asked is how to incorporate continuous monitoring into a third-party risk management ...
      AdobeStock_141587175 (1)

      Part 1:  Incorporating Continuous Monitoring into Your Third Party Risk Program: Begin with the End State in Mind

      Like many organizations today, you have existing processes, tools and people laser-focused on ...

      2017 Outlook: Vendor Risk Continues as a Top Challenge Faced by CISOs

      CISOs know that security risks abound. But objectively measuring risk and balancing it against the needs of the business is essential. ...