Third Party Thursday - June 13, 2024

Are you enjoying all the fun, warmer weather activities? Before you take off on those summer vacations, or just some long weekends, quickly catch up on vendor risk management headlines, resources, community happenings, upcoming webinars, and more below.

A cyberattack on a third party may be one of the largest so far, impacting multiple organizations. Another third-party data breach impacted customer data. UK hospitals had patient care disrupted after a third-party ransomware attack. Federal agencies are also investigating a 2023 third-party data breach that compromised at least 14 million records.

Thousands of accounts were targeted in phishing emails after a third-party data breach at a crypto company. Phishing and vendor email compromise attacks rose from April 2023 to April 2024. Experts recommend third-party risk management best practices to protect against cyberattacks.

Read More

On-Demand Webinar:?How to Read and Review a Vendor SOC Report: A Report Walkthrough

eBook: Guidance on How to Master Third-Party Risk Management in 2024

Blog: Meeting the Third-Party Risk Standards of NIST 800-53

Blog: Determining Third-Party Risk Management Metrics for Cloud Service Providers

Templates: Third-Party Risk Management Policy

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit?www.thirdpartythinktank.com to register and sign in.

• Security Scorecard:?"We're using Security Scorecard and would like to understand how other organizations are layering in the data points to third-party risk reporting, due diligence, risk assessments, etc. Can you provide insight into your process flow?" Help Answer >
• Guest Speakers: "Are guest speakers in scope or out of scope in your third-party risk management program?" Help Answer >
• Supplier Diversity Program: "Our organization would like to initiate a supplier diversity program. What are some best practices to follow?" Help Answer >

Assessing Vendor Risk: A Deeper Dive

Assessing the risk in a collaborative manner and leveraging internal resources will allow for a risk-based and documented approach, which will help guide your ongoing oversight function. In this webinar, we'll walk you through how to complete a vendor risk assessment form start to finish.

June 18, 2024 | Intermediate | 2pm ET | Register Now

The Vendor Due Diligence Process: End to End

For effective TPRM, it's essential to conduct appropriate vendor due diligence during the onboarding and ongoing stages of the relationship. The level of due diligence required should be tailored to the level of risk involved. We'll cover the due diligence process in this session.

June 25, 2024 | Basic | 2pm ET | Register Now

Third-Party Risk Management Reports: Right Data, Frequency, & Content

For many, it's a regulatory requirements to report TPRM to your board and senior leadership. It can be a cumbersome task to gather all reports that need to be provided to various departments. In this session, we'll walk you through the basics of TPRM reporting, what should be included, and more.

July 9, 2024 | Basic | 2pm ET | Register Now

Blog: Vendor Centric - What is Vendor Management?

Podcast: Osano - How AI is Changing Data Privacy Forever

Blog: Owlin - Adverse Media Monitoring: Mitigating High-Risk Vendor Risk Exposure for Banks

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.