Third Party Thursday - October 17, 2024

Check out this informative newsletter for third-party risk management headlines, educational resources, community happenings, and upcoming webinars. Happy reading!?

A healthcare organization was recently affected by a third-party data breach, compromising medical information. Cyber insurance claims have been impacted by third-party cybersecurity incidents, according to a new study. Entry points in programming systems are vulnerable to supply chain attacks. Experts recommended strategies like robust security frameworks to mitigate the risk of supply chain attacks.

Many of the European Union’s Member States will be delayed in adopting NIS2’s requirements, including supply chain cybersecurity obligations. The U.S. Cybersecurity and Infrastructure Security Agency noted active exploitation of a SolarWinds vulnerability. Organizations should closely scrutinize and verify third-party relationships for risks and experts said taking a proactive approach to third-party cybersecurity can help protect organizations. Read up on this week’s third-party risk management news here.?

Read More

Infographic: 4 Steps to Take When Your Vendor Has Poor Cybersecurity Practices

Blog:?How to Ensure Your Vendors Comply With Cybersecurity Expectations

On-Demand Webinar:?Staffing Your Third-Party Risk Management Program

eBook: How Outsourcing Benefits Both New and Maturing Third-Party Risk Management Programs

Blog:?Business Continuity Planning (BCP) Q&A: Your Questions Answered

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit?www.thirdpartythinktank.com to register and sign in.

• Policy: "We're looking to update our policy and procedures to specifically address due diligence on offshore/foreign-based vendors. Is anyone willing to describe their assessment process for these types of vendors and share how the policy addresses the use of foreign-based vendors?" Help Answer
• Critical Vendor Tasks: "For critical vendors, does anyone collect a GLBA Privacy Statement and Information Security Policy from your vendors annually as part of your ongoing monitoring?" Help Answer
• Exempt Third Parties: "Are there certain vendors your organization excludes from inputting into third-party software?"?Help Answer

Understanding the Elements of Your Vendor's Cybersecurity Program

In today's world, cyberattacks and data breaches are becoming more common, so it's essential to understand the cybersecurity program of your vendors. In this session, we'll discuss vendor cybersecurity posture and its importance, what you should be requesting and reviewing from your vendors, and more.

October 24, 2024 | Basic | 11am ET | Register Now

Using SLAs and KPIs for Effective Vendor Performance Management

Vendor performance is an essential part of third-party risk management and SLAs and KPIs are valuable tools in the performance management process. In this informative session, we'll provide an overview of the vendor performance management process, how to monitor and manage performance, and more.

November 5, 2024 | Intermediate | 2pm ET | Register Now

Managing Vendor Issues and Challenges at Your Credit Union

It's important for your credit union to have an effective system in place for identifying, managing, and tracking vendor issues. In this session, we'll guide you through preparing and handling any vendor issues that may arise and provide valuable tips for resolving these challenges.

November 12, 2024 | Basic | 2pm ET | Register Now

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.