by Kristen Hicks | April 25, 2022 | Data & Cybersecurity, Data Protection
We tend to think of the internet as mostly existing in the ether or “cyberspace,” but the online systems we depend on are tied to physical structures. And the physical side of your technology brings its own set of risks. When considering risk and vulnerabilities, many companies think first of ....
by Gary Roboff, Senior Advisor | April 20, 2022 | Environmental Social Governance (ESG), Third Party Risk Management
Every April, we mark the anniversary of the birth of the modern environmental movement: Earth Day. The first Earth Day, April 22, 1970, "was a day for learning and expressing concern, not for protesting — a big news event, but one with little of the drama and tension" as reported by the New York ....
by Vivian Nguyen | April 19, 2022 | Third Party Risk Management
The geopolitical impact of ESG (environmental, social, and governance) has been out of the spotlight. The recent Russia-Ukraine crisis has changed that reality. In our recent Russia-Ukraine Conflict: Geopolitical ESG Fallout Webinar panelists explored the short and long-term consequences of signi ....
by Eric Krell | April 19, 2022 | Risk Assessment, Third Party Risk Management, Tools & Templates
If a group of risk professionals and their third party partners wound up at a karaoke bar at a certain hour, they might select a classic Stones tune for a heartfelt duet: “My back is broad, but it’s a-hurting,” the third party professional would croon. “I’ll never be your beast of burden, ....
by Ron Bradley | April 18, 2022 | Cyber Risk, Data & Cybersecurity
The human element is considered the weakest element in the security “onion.” How do we understand what our users may or may not be doing to create some level of risk to our cyber environments? Organizations need a way to detect anomalies that arise intentionally or unintentionally. I recently ....
by Eric Krell | April 18, 2022 | Data & Cybersecurity, Internet of Things (IoT)
In case you haven’t heard, Internet of Things (IoT) adoption is soaring. This mobilization has cybersecurity and third party risk management implications that are often overlooked. By 2030, McKinsey research projects that IoT applications “could enable $5.5 trillion to $12.6 trillion in value ....
by Mark Rudio | April 14, 2022 | Corporate Culture, Third Party Risk Management
During the 1990s, Procurement professionals were at the heart of strategic sourcing initiatives, focusing on reducing costs, enhancing quality, expanding services, and founding organizations like the International Association of Outsourcing Professionals and the Sourcing Industry Group. Composed of ....
by Eric Krell | April 13, 2022 | Banking and Financial Services, Industry Verticals, Third Party Risk Management
As tax season comes to a welcome close (file your returns – or an extension -- by April 18!), a recent spike in phishing attacks camouflaged as official IRS emails reminds us that basic cyber-hygiene, like fundamental third party risk management (TPRM) practices, remain pivotal even when tax-filin ....
by Kristen Hicks | April 12, 2022 | Data & Cybersecurity, Health Insurance Portability and Accountability Act (HIPAA), Healthcare, Industry Verticals
Data privacy is a fraught subject in any industry. But in healthcare, the stakes are especially high. Many consumers have made (at least some degree of) peace with trading personal data for the convenience of entertainment offered by their favorite apps. But people aren’t necessarily willing to ma ....
by Sabine Zimmer | April 11, 2022 | Certification, Certified Third Party Risk Professional (CTPRP), Education and Training, Risk Professionals
Risk practitioners wonder about it: “CTPRP vs. CTPRA? Which certification is right for me?" Poet Robert Frost wrote about it: “Two roads diverged in a yellow wood…” Major League Baseball player Yogi Berra spoke of it: “When you come to the fork in the road, take it!” Doing busin ....