Risk Management and Assessment

June 24, 2020
TPRM 101- Your guide to creating a Third-Party Risk Management Program

What is a TPRM strategy and what is the ideal workflow for getting started?  Outsourcing or the use of third parties inherently comes with...

Read More
June 22, 2020
STIG vs CIS part 2: Selecting the Best Baseline for Your Business

This blog is part 2 of our multi-post blog series on STIG vs CIS. In this second post, we’re continuing to unpack the differences...

Read More
June 22, 2020
STIG vs CIS part 1: The Anatomy of Baselines and Compliance

STIG vs CIS This blog is part 1 of our multi-post blog series on STIG vs CIS. In this series,...

Read More
June 2, 2020
What’s the difference between Pen Testing, Red Teaming, and Threat Hunting?

At first glance, it seems like pen testing, red teaming, and threat hunting all seem like a fancy way of saying the...

Read More
May 7, 2020
A Day in the Life of a TPRM Analyst

What it’s like to be a Third-Party Risk Management (TPRM) Analyst This month we’re interviewing Kelley Grogan, a Third-Party Risk...

Read More
April 14, 2020
Keys to A Successful Onsite Vendor Assessment for your TPRM program

How Onsite Assessments fit into your TPRM Strategy TPRM and Third-Party Vendor Assessments Third-Party Risk is a major concern for many organizations, especially...

Read More
March 2, 2020
6 Ways to Get Started with Your Fourth-Party Vendor Program

6 Ways to Get Started with Your Fourth-Party Vendor Program What is Fourth-Party Vendor Risk Management?  According to expert studies, more than...

Read More
February 24, 2020
A Day in the life at MPG: Governance, Risk, and Compliance Manager

What it’s like to Work as a Governance, Risk, and Compliance Manager This month we’re interviewing Anita Walker, a Governance, Risk, and Compliance (GRC) Manager at MindPoint Group (MPG) and...

Read More
September 20, 2018
Insider Threat Mitigation – Just Players in a Risk Management Game

Let’s meet some actors in this game, shall we?  First, we have Roger, who is angry that his peers have...

Read More
July 18, 2018
A Tale Of Two Tools: When Splunk met SecurityCenter

Co-Authors:  Keith Rhea and Alex Nanthavong It was the best of times, it was the worst of times, it was...

Read More
June 26, 2018
Guide to Creating a Cybersecurity Challenge for Kids

By:  Stephanie Carruthers and Nolan Kennedy “Right now, we’ve got about 300,000 unfilled cybersecurity positions as a nation,” said Rick...

Read More
June 10, 2018
Inherent Risk Tiering for Third-Party Vendor Assessments

  Importance of Third-Party Risk Tiering It can be a challenging and overwhelming task to adequately manage the risk associated...

Read More
12