Skip to content

Third Party Risk Management

GenAi Risks Firecompass and CISO

Generative AI Risks & Impact On CISOs and Their Teams

Generative AI can be used in a variety of applications, including image and speech recognition, natural language processing, and cybersecurity. In the context of cybersecurity, generative AI can be used to learn from existing data or simulation agents and then generate new artifacts. For example, generative cybersecurity AI can be used to develop secure application… Read More »Generative AI Risks & Impact On CISOs and Their Teams

Monthly Breach Report August 2020 – FireCompass

      Kiwi Bank Breach Kiwibank is investigating how it sent 4200 customers an email or online bank statement with their own account number, name and address, but another person’s transaction history. The commissioner, John Edwards, said some people will be identifiable by the statements and information sent. “We generally have an expectation that… Read More »Monthly Breach Report August 2020 – FireCompass

Monthly Breach Report June 2020

This report summarizes the top breaches between mid May to June 2020 accounting for the major breaches the world has seen. This helps you in keeping track of the latest hacks and safeguarding your organization by looking at the trends. We share insights to the breach 1.“Bank Of America (BofA) Data Breach” Bank Of America… Read More »Monthly Breach Report June 2020

Steps To Build An Enterprise Third-Party Risk Management Program

Vendor or enterprise third party risk related breaches are at an all time high. Several of the high profile breaches like Uber, Amazon, British Airways & more has been caused due to 3rd party. Most of the major security related framework, guidelines, compliance and regulations has made 3rd party risk management a mandatory part of overall security program. Following are the key steps for building an effective third party risk management (vendor risk management) program.

Free Supplier Security Assessment Questionnaire

This document is on Supplier Security Assessment Questionnaire (SSAQ) (Security self-Assessment and Reporting) (Courtesy Halkyn Consulting).  This includes the following sections –  Document Control Supplier Name & Address Assessment Completed by Date of assessment Additional Documents ProvidedRelevant Network Diagram Relevant Security Diagram Relevant System Architecture Technical Interface Design Relevant 3rd Party Security Assessment(s) (e.g. SAS… Read More »Free Supplier Security Assessment Questionnaire