A classic procurement conundrum: thoroughness vs. speed. 

When contracts get hung up in procurement, it slows down business operations. Yet, evaluating vendors for the potential new risks they are introducing is time-consuming, not to mention cumbersome. How far do you push the boundaries– should you move on from vendors who don’t comply with your assessment requests in a timely manner? Would you use predictive risk data to evaluate vendors and accelerate your decision? 

A poll from a previous webcast showed 67% of participants were challenged by staff resources and capacity when implementing a third-party risk management (TPRM) program.

The truth is, there’s no shortage of cyber risks, and managing the volume can be overwhelming for any cybersecurity team. The average enterprise has 6,000 third parties– how do you effectively identify, categorize, and prioritize your most critical risks? Where should you start, and how do compliance requirements factor into the equation? We’ll be debating these questions and more in this episode of Cyber Risk Nation.

Employees are the first line of defense for every company, yet CyberGRX data revealed that while 83% of third parties report they are conducting security awareness training, 42% aren’t testing the effectiveness of it. 

Join Erich Kron, Security Awareness Advocate at KnowBe4 & CyberGRX CISO Dave Stapleton as they discuss the threats posed by third-party testing gaps and the steps you can take to protect your organization.

Join CyberGRX CEO Fred Kneip and Richard Seiersen, Chief Risk Officer for Resilience as they conclude this 4-part webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management for Dummies. 

In this adaption of Chapter 4 from this definitive guide, you'll hear from leading experts in the field as they discuss things like:

• How does an Exchange and one-to-many sharing model benefit both customers and their third parties
• Is it possible to gain complete vendor ecosystem visibility
• What role does the MITRE ATT&CK framework play in managing third-party cyber risk?
• Are predictive analytics capabilities the future of third-party cyber risk management

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

The TPCRM revolution continues with the third in our 4-part webinar series with a focus on Chapter 3: Tackling the Traditional (and Outdated) Approach to TPCRM.

Join CyberGRX CEO Fred Kneip and Andy Kirkland, CISO of Starbucks as they continue this 4-part webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management For Dummies.

In this adaptation of Chapter 3 from this definitive guide, you’ll hear from leading experts in the field as they discuss things like:

• Is the current approach to third-party cyber risk management broken?
• Are assessments effective in accomplishing the desired goal of managing risk effectively?
• How can teams better access and analyze third-party cyber risk data at scale so that they can act quickly and effectively to reduce their risk?

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

When it comes to moving a business forward, the time inevitably comes when you need to implement new tools and processes to get things accomplished, and sometimes it takes a little convincing to get others on board with the direction you want to move in.

From the CEO and CISO to the board of directors and other stakeholder departments, it’s imperative that you know how to communicate the benefits of having a third-party cyber risk management (TPCRM) strategy in the languages each unique stakeholder speaks.

In this adaptation of Chapter 2,  join CyberGRX CEO Fred Kneip and Chris McFarland, VP & CISO at Abercrombie & Fitch Co. as they discuss things like:

• How to have important conversations about the need for a comprehensive third-party cyber risk management strategy.
• What are some of the risks associated with maintaining the status quo?
• Steps to take to ensure you have buy-in from the very first conversations through to the implementation and maintenance of the TPCRM solution.

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

Join CyberGRX CEO Fred Kneip and Dave Estlick, CISO at Chipotle Mexican Grill as they kick off this 4 webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management For Dummies.

In this adaptation of Chapter 1 from this definitive guide, you’ll hear from leading experts in the field as they discuss things like:

• Are all third-party cyber risk management solutions and methodologies created equal?
• Is one more appropriate for a specific industry than another?
• How do you ensure all stakeholder departments (and the organization as a whole), play an active role in defending against cyber threats?

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.