Search results
How to Incorporate 4th Parties Into Your TPRM Program
Fourth and Nth parties are the vendors of your vendors – many of which you may not even be aware of. With increasing numbers of supply chain breaches,
understanding risks in your extended vendor ecosystem is more critical than ever. The problem is that most risk management programs cannot effectively
evaluate threats at all levels of a supply chain without the right visibility. Join Bob Wilkinson, CEO of Cyber Marathon Solutions and former CISO at Citigroup…
Risk-Based Approach to TPRM Due Diligence
Performing due diligence is pivotal in identifying, assessing, and mitigating risks associated with third-party relationships. One of the biggest trends in
third-party risk management (TPRM) is managing various types of third parties, diverse activities, and approaches to due diligence, all while adopting a
risk-based strategy. So, where do you start? Join Samira Duijnmayer of Booking.com as she leverages her experience to share insights on how robust due …
The CEO's Take: Bridging the Cybersecurity Divide To Address Cyber Risk
“150 companies account for 90% of the technology products and services across the global attack surface. 41% of those companies had evidence of at least
one compromised device in the past year.” With organizations as interconnected as they are, even organizations who “have” good cybersecurity are only as
good as their weakest link. Join Aleksandr Yampolskiy (SecurityScorecard) and Joe Levy (Sophos) for their take on: -- Shifts in the cybersecurity landscape (…
Optimizing Risk Classification in Nth Party Relationships
Understanding the intricacies of nth party relationships is paramount for effective risk management. Optimizing risk classification in nth party relationships
entails a multifaceted approach geared towards enhancing visibility, comprehending dependencies, and implementing proactive risk management strategies.
In this webinar we will delve into the concept of nth party relationships, the inherent risks involved, and strategies for optimizing risk classification in these …
Ensuring Compliance and Operational Resilience Ahead of the January 2025 DORA Deadline
From real-life examples of conducting thorough business impact assessments and protection need evaluations to pinpointing potential compliance
weaknesses and disruptions, our experts will guide you through the intricate process of mapping vendors to critical business functions. Ready to bridge the
gap between your vendor management and Third-Party Risk Management (TPRM)? Join us on for our webinar and walk away with insights on how to: - Id…
(German Version) Ensuring Compliance and Operational Resilience Ahead of the January 2025 DORA
Deadline
From real-life examples of conducting thorough business impact assessments and protection need evaluations to pinpointing potential compliance
weaknesses and disruptions, our experts will guide you through the intricate process of mapping vendors to critical business functions. Ready to bridge the
gap between your vendor management and Third-Party Risk Management (TPRM)? Join us for our webinar and walk away with insights on how to: - Iden…
Ensuring Compliance and Operational Resilience Ahead of the January 2025 DORA Deadline with KPMG
Watch this webinar on demand to learn how to prepare your organization to meet the DORA compliance deadline in January 2025, with practical steps to
achieve readiness within the one-month compliance window. Our experts walk you through how to: - Gain insights into which mandatory contract clauses
are required for vendors and nth parties to ensure compliance and mitigate risk. - Link these processes to a robust control framework and regulatory tec…
The CISO’s Take: Navigating Risk, Resource Constraints, Compliance, & More
99% of Global 2000 companies are directly connected to vendors that have had recent breaches, per our latest collaboration with the Cyentia Institute. (Isn’t
that a thought just in time for spooky season?!) Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Tom Quinn (CISO, T. Rowe Price) as
they dive into: - 3rd-, 4th-, and nth- party risk management with respect to evolving business needs - Navigating the new normal of CISOs, including compli…
Fourth Parties And Beyond: Managing Risk In The Extended Supply Chain
Just as managing the risk of your direct suppliers is critical, understanding the risk of your suppliers' suppliers is imperative. While you may work most directly
with secure third-party vendors and platforms, unknown Fourth Parties (vendors of vendors) can cause significant disruptions to your business. How do you
manage the threats posed by these Fourth or Nth Parties? Participants will learn practical ways to identify and manage fourth parties through an overview o…
DORA compliance explained: what it means for your business
With the Digital Operational Resilience Act (DORA), the EU is set to revolutionise the IT security and resilience of financial companies. This groundbreaking
legislation impacts not only banks, insurance companies, and investment firms but also critical information and communication technology (ICT) providers
that work with financial institutions. DORA complements other key regulations such as NIS2, FCA, and LkSG, with the shared goal of strengthening operatio…