Vendor Risk Management

Home|Tag: Vendor Risk Management

How to reduce your cyber risk with the FAIR cyber risk quantification model

How to reduce your cyber risk with the FAIR cyber risk quantification model Cyber risk is very real for organisations, who must constantly manage the risks and threats of cyber related attacks. According to the World Economic Forum's "The Global Risks Report 2021," cyber security failure ranks high among the top ten risks for business in terms of likelihood, outranked only by extreme weather events, livelihood crises and infectious diseases. But if cyber risk isn’t quantifiable, what’s the point? The key for any organisation is to understand exactly how much it's exposed to cyber risk and how much it's likely to lose. By quantifying that risk, you can set limits for your cyber security expenditures and calculate return on those investments. Read on to learn how you can make cyber risk more measurable for your organisation. Cyber Risk Quantification: Understanding the FAIR methodology A large concern in today’s boardroom is

By |2021-02-18T15:03:14+00:00February 18th, 2021|Blog|0 Comments

A better way to conduct security assessments?

A better way to conduct security assessments? The vendor security assessment process is too long, inefficient and time consuming.  A much better way to perform vendor security assessments would be to use the body of unbiased content that already exists in most companies: the security policy. Here we show you how. The traditional approach to security assessments In 2020, the global average cost of a data breach was $3.86 million, according to Ponemon’s Cost of a Data Breach Report. The report also notes that should a third party cause the data breach, the cost will increase — by more than $370,000. It is no wonder that in the wake of GDPR and large data breaches, organisations require due diligence from their third party vendors, usually in the form of security questionnaires. A security questionnaire assesses your, a vendor or third party's technology systems, physical security and policies. As illustrated in

By |2021-02-11T15:51:19+00:00February 11th, 2021|Blog|0 Comments

Simplifying Third-Party Vendor Risk Management

Simplifying Third-Party Vendor Risk Management For many organisations, setting up, managing and maintaining a third-party vendor risk management programme using questionnaires can be a complex, costly and time-consuming exercise. Vendors are often required to respond to similar questionnaires from multiple organisations. For vendors, this can be a tedious and complex process that takes time and, ultimately, money to answer. In this article we will look at some of the security questionnaire basics and explain how to avoid sending burdensome questionnaires, making your vendor management system more efficient and your questionnaire evaluation process more accurate and far less time consuming. Why is there a security questionnaire in my inbox? According to the Ponemon Institute, the average cost of a data breach in 2020 was $3.86 million. Third-party vendors are now, more than ever, a vital component of an organisation’s supply chain. In fact, research conducted by Gartner shows that third parties

By |2021-02-04T14:04:06+00:00February 4th, 2021|Blog|0 Comments