Blog

A Horizon View of Third Party Risk, Cyber-Risk, and Emerging Technologies

 

Sometimes, in the world of third party risk, we spend a lot of time looking at what is directly in front of us (or re-actively, what’s behind us), or even with our heads in the sand. Industry expert, Keith Koo, spends a lot of time looking to the horizon.

When you meet Keith – you are immediately struck by the energy and enthusiasm he brings to the topics near and dear to his heart: disruptive technology, digital innovation and cyber-security, and the intersection of all these trends with third party risk.

Not only has Keith had significant experience in managing large third party risk programs for large banks and enterprise technology companies, he now advises companies with the most complex and pressing third party management challenges as a Managing Partner at Guardian Insight Group.

However, it’s been his experience working in the Silicon Valley, that also spurred Keith’s long-term interest in digital innovation, cyber-security and emerging, disruptive technologies such as cryptocurrencies and blockchain.

Read More

Topics: third party risk management, Data Security & Privacy, data privacy, cyber risk, technology, blockchain, cryptocurrency

Aravo Solutions Wins GRC 20/20 Innovation Award for its Third Party GDPR Compliance Application

The team here at Aravo are particularly honored and excited to receive the 2017 GRC Innovation Award for Third Party Management from independent GRC analyst firm GRC20/20 for our Third Party GDPR Compliance Application, Aravo for GDPR.

This is the second year running that Aravo Solutions has been recognized by GRC 20/20. In 2016 Aravo won the GRC 20/20 Award for Value in Third Party Management, where Aravo’s Enterprise Third Party Risk Management solution was found to drive measurable value, delivering better GRC efficiency, effectiveness and agility to complex third party programs.

Read More

Topics: Data Security & Privacy, GDPR, General Data Protection Regulation, GRC20/20, grc 2020, gdpr compliance, Aravo for GDPR, third party gdpr, gdpr compliance application, GDPR award, innovation award, gdpr application, aravo solutions gdpr, grc award, gdpr report, gdpr solution

Three ways the Internet of Things and the GDPR will impact Third Party Risk

As the Internet of Things (IoT) evolves, it will offer organizations the opportunity to create an unprecedented range of potential products and services. By embedding the internet into computer systems inside of cars, appliances, and other physical things, manufacturers will be able to offer new functionality as well as additional services. Smart homes and intelligent cars are already on the consumer market in many countries. Applications for this technology in a business-to-business environment are equally promising.

Read More

Topics: third party risk management, Data Security & Privacy, GDPR, information security, cybersecurity, cybersecurity regulation, cyber-security, cyber risk, cyber regulation, internet of things, IoT

Third party scorecards: Making an improved culture of collaboration a reality

Scorecards that measure the performance of suppliers and vendors that a company contracts with have been a business tool embraced by procurement for some time now.

However, there’s an evolution underway. Increasingly businesses are recognizing that a holistic third party scorecard that also embeds risk and compliance metrics, can not only help drive continuous improvements in vendor performance, but can also help reduce the risk that third party engagements may bring to the enterprise. What’s more, scorecards can also be leveraged as a collaborative tool to help raise the collective bar of the third party ecosystem – especially in areas such as IT security.  Operational risk, Information Security and Compliance are all now stepping up to the scorecard plate.

Read More

Topics: risk and compliance, third party relationships, Data Security & Privacy, information security, reputational risk, regulatory risk, risk-scoring, third party risk, data privacy, performance scoring, organization risk, regulatory compliance

Five Top Trends in Cybersecurity Regulations

Cyber and information security is considered by some to be the biggest challenge organizations collectively face today. A recent study conducted by Juniper Research predicts the cost of data breaches to reach $2.1 trillion globally by 2019. These incidents – whether they are caused by criminals, foreign governments, or hacktivists – can be costly for organizations, distressing for consumers, and create the possibility of real systemic damage to whole industries; even nations. So, it’s hardly surprising that regulators and legislators around the world are moving into action.  

Read More

Topics: third party risk management, Data Security & Privacy, GDPR, information security, cybersecurity, cybersecurity regulation, cyber-security, cyber risk, cyber regulation

Aravo and SecurityScorecard Partner to Improve Actionable Third Party Cybersecurity

We are delighted to announce the integration of the Aravo Enterprise platform with SecurityScorecard’s platform, to provide a fully integrated solution for enhanced third party cyber-risk management.

Read More

Topics: third party risk management, Data Security & Privacy, cybersecurity, SecurityScorecard

Expert Series Podcast - Pt. 3 - Looking toward the future with GDPR & Third Party Risk – with consideration to privacy regulations in other countries

 
Read More

Topics: third party risk management, Data Security & Privacy, GDPR, General Data Protection Regulation, cybersecurity, data privacy, corporate regulation, podcast

Expert Series Podcast - Session 2 - A Deeper Dive into GDPR & Why Organizations Need To Be Thinking about Third Party Risk

Session 2 of 3 (approx. 15 minutes)

I had the great pleasure to speak with Simon McDougall, GDPR expert and Managing Director at Promontory Financial about GDPR & Why Organizations Need To Be Thinking About Third Party Risk. Simon shared insights around GDPR best practices, possible blind-spots, and approaches for Board members, C-suite and middle-management.

Read More

Topics: third party risk management, Data Security & Privacy, GDPR, General Data Protection Regulation, cybersecurity, data privacy, corporate regulation

Expert Series Podcast - GDPR & Why Organizations Need To Be Thinking About Third Party Risk

Session 1 of 3 (approx. 18 minutes)

I had the great pleasure to speak with Simon McDougall, GDPR expert and Managing Director at Promontory Financial about GDPR & Why Organizations Need To Be Thinking About Third Party Risk. Simon shared insights around GDPR best practices, possible blind-spots, and approaches for Board members, C-suite and middle-management.

Read More

Topics: third party risk management, Data Security & Privacy, GDPR, General Data Protection Regulation

Third Party Risk Management in the Dynamic of Business Scale, Complexity, and Change

Why TPRM objectives fail – and what Global 2000 companies need to succeed

Even though large organizations have invested time, attention, and resources into third party risk management (TPRM) over the past decade, it’s clear that many programs are failing to deliver on their primary objective - keeping the organization safe.

DOWNLOAD THE WHITE PAPER

Read More

Topics: Anti-bribery & Anti-corruption, risk and compliance, third party risk management, Data Security & Privacy, Responsible Sourcing, Global 2000, compliance risk, tprm, business complexity, scale, business change, business scale, white paper, third parties