
Sep 18, 2019
4 min read
The 3 Lifecycle Stages of Vendor Security Risk Management: Offboarding
This is the third in a three-part guest blog series looking at risk management throughout the lifecycle of a third party relationship. Previously we looked at the onboarding process, then we explored ongoing security monitoring throughout the relationship [link to posted article], now we look at offboarding and terminating a relationship. Goodbyes are difficult. Humans tend to avoid goodbyes. If...

Sep 16, 2019
5 min read
The 3 Lifecycle Stages of Vendor Security Risk Management: Ongoing Monitoring
Ongoing Security Monitoring has Become a Must Too often organizations conduct security due diligence when onboarding a third party (e.g., vendor, supplier, outsourced, service provider, consultant) and fail to monitor security throughout the lifecycle of the relationship. Ongoing security monitoring throughout a relationship is critical to protect the organizations. Organizations are dynamic, they are in a constant state of change....

Sep 10, 2019
6 min read
The 3 Lifecycle Stages of Vendor Security Risk Management: Onboarding
This is the first of a three-part series on vendor risk management through the lifecycle of the relationship. Today, we focus on steps to achieve a proper and friction-free onboarding process. The Vendor Relationship: Stages in the Lifecycle Traditional brick and mortar business is a thing of the past: physical buildings and conventional employees no longer define organizations. The modern...
Popular Posts

Feb 10, 2022
1 min read
The Most Common Third-Party Cyber Gaps Revealed
As organizations increasingly rely on third-party vendors to provide essential services, they also become more vulnerable to vendor related cybersecurity risks. A recent study by Forrester found that nearly 60% of companies experienced a data breach due to a third-party vendor in the past year. But what are the most common vendor cyber gaps that organizations should be aware of?...

Aug 26, 2021
3 min read
4 Ways to See if You Are at Risk of a Vendor…
Recent supply chain attacks such as Kaseya, Accellion and SolarWinds have illustrated that when it comes to vendor breaches, it’s not if, but when. While it’s impossible to predict cyberattacks, there are key steps that you can take with your vendors to determine if you might be at risk. Here are 4 key strategies: 1. Monitor security posture It’s important...

Jan 03, 2022
3 min read
5 Resolutions for Reducing Third-Party Cyber Risk in 2022
If there’s one thing we’ve all learned, it’s that supply chain attacks are not going away anytime soon. Last year, we saw major cyber incidents involving Accellion, Kaseya, Codecov and others; next year, there will certainly be more. To help prevent and respond to similar cyber incidents, it’s essential to consider how best to reduce third-party risk. How can this...