Cybersecurity Supply Chain Risk Management (C-SCRM) deals with more than protecting an organization from cyber-attacks on third parties. It also addresses third parties to those third parties (known as “fourth parties”). Further still, a vendor to your vendor’s vendor is a fifth party, then a sixth party, etc. Your SCRM should involve knowledge of how far, complex and even convoluted your supply chain is. Then measure this complexity with your risk appetite.
Not long ago, we’d say “slack” to describe not working, as in “slacking on the job.” With the advent of the Slack app, though, the term has become synonymous with productivity. And Slack’s ability to work in tandem with hundreds of applications makes this popular team communication and collaboration tool even more useful.
Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks. Here’s our September 2020 roundup of recent compliance news from around the United States and around the world.
In recent years, both large and small organizations have been affected by data breaches. Business owners, C-suite executives, and CIOs face the reality that they can be a target of security breaches at any time. These incidents can jeopardize your organization's credibility besides leading to financial and productivity losses.
Because of additional regulations and standards pertaining to information security, including Payment Card Industry Data Security Standard (PCI-DSS), the General Data Protection Regulation (GDPR), Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and ISO 27001, organizations are putting more emphasis on compliance as well as the auditing of their cybersecurity policies and cybersecurity controls.
It’s an honor to be named a Leader in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools (ITVRM)! ServiceNow Vendor Risk Management delivers a fast, smart, and connected way to manage third-party risk and build supplier resilience. This recognition as a Leader in the 2020 ITVRM Magic Quadrant comes shortly after Gartner also named ServiceNow as a Leader in the 2020 Magic Quadrant for IT Risk Management and in the 2019 Magic Quadrant for Integrated Risk Management Solutions.
COVID-19 and its impact have demonstrated that change can be rapid, disruptive, and non-negotiable. This is especially relevant to enterprise risk management, where the challenge can be summed up in one word: recalibration. Many financial institutions have been investing in model-driven analysis and data-anchored approaches. We know that the models themselves must adapt as situations change. But what about the processes and policy governance that surround these models?