/* ---- Google Analytics Code Below */

Tuesday, September 10, 2019

Third Party Risk Analysis

Recorded Future writes about the topic.  We examined them for things like competitive risk.   But this topic, especially in today's realm of many technology mal-players, large and small, makes the issue of particular importance.   Below just an intro, much more at the link.

Third-Party Risk Intelligence: Past and Present

After months of searching, budgeting, and vetting, you’ve found the perfect vendor to help take your product offering to the next level. You’re excited to start working together and you’ve initiated the onboarding process. The company has provided the requisite new vendor questionnaires and documentation, and your governance, risk, and compliance (GRC) system has assessed the company for risk and found its current risk score to be acceptable. Everything seems in order.

But what you don’t know is that your soon-to-be partner was the target of a highly stealthy and successful malware attack just nine months ago. They may have taken the appropriate steps to resolve the incident, but wouldn’t you still want to be aware of it?  .... " 

No comments: