Third Party Thursday - October 05, 2023

Happy October! As we gear up for a month filled with fall festivities, lets take a quick moment to check out some of the latest vendor risk management resources, news, and upcoming webinars.

It’s National Cybersecurity Awareness Month! While you’re reviewing your organization’s third parties’ security posture, be sure to evaluate the risks of third-party APIs, too. Third-party data breaches impact thousands of people, and the FBI is reminding organizations of cybersecurity best practices to stay safe. Organizations should also ensure third-party compliance with new regulations, especially as states begin to shorten data breach notification requirements.

A bank and the FDIC reached a final consent order, agreeing to address compliance and risk management shortcomings. There are always new and emerging risks to watch for and nature-related risks have claimed the headlines recently. Protecting consumer data is another essential component, but industries like automotive have a long way to go. To stay prepared, follow third-party risk management best practices to protect your organization from harm.?

Read More

eBook: How to Get Organizational Buy-In and Commitment for Third-Party Risk Management

Blog: Manage Geopolitical Risk in the Energy Industry With Third-Party Risk Management

Blog: Your Biggest Cybersecurity Risk Is Probably Your Vendor

On-Demand Webinar: Differences Between Vendor SOC Reports

Interview: Mike Morris, Principal at Wipfli

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit?www.thirdpartythinktank.com to register and sign in.

• Assessments: "When you do an assessment for any third party, are you doing an assessment for the product/service rendered or for the complete third party?" Help Answer
• New June 2023 Interagency Guidance on Third-Party Relationships: Risk Management: "Has anyone published their new policy and program documents with new interagency guidance content? If so, would you mind sharing?" Help Answer
• Manufacturer Information Security Risk Assessments: "We're looking at redoing our criteria for when and how we do third-party risk assessments from an information security perspective. The standard items, such as those with sensitive data, will always top the list for requiring an assessment, but wondering what other organizations are looking at that are in the manufacturing industry?"?Help Answer

Your Vendor's SOC Report: What and How to Review

In this webinar, an expert will help you identify which type of SOC reports you need and the benefits of a thorough vendor SOC report review. We'll explore the various sections of a SOC report, guiding you on what to look for and how to assess the risks.?

October 5, 2023 | Intermediate | 2pm ET?| Register Now

Understanding the Elements of Your Vendor's Cybersecurity Program

Join us for this webinar, presented by an expert in information security and third-party risk management, where we'll explain which vendors require cybersecurity reviews and when and how to do them. We'll also cover what to do in the event of a data breach or other cyber incident.

October 17, 2023 | Basic | 2pm ET?| Register Now

From the Top Down: The Role the Board and Senior Management Play in Third-Party Risk Management

In this webinar, we'll clarify how the board and senior management should be involved in third-party risk management across the organization and the specific roles they play.

November 2, 2023 | Basic | 2pm ET | Register Now

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.