Category Archives: Third-Party Risk & Vendor Risk Management
CMMC 101: The Basics of Cybersecurity Maturity Model Certification
WHAT IS CMMC? CMMC which stands for ‘Cybersecurity Maturity Model Certification’ is the upcoming required standard for all contractors and suppliers that work with the Department of Defense (DoD). (more…)
M&A: The Cyber Risk of Business
The impact of the COVID-19 pandemic is profound – every business has been touched, forcing many to explore how their organizations adapt to the new economy. Some industries have bigger challenges due to the nature of their business – travel and lodging, restaurants, transportation, oil and gas and more due to social distancing ordinances. (more…)
Payment Processing in a Remote Working Environment
Organizations are facing a lot of change with remote work set ups – in both physical location and operational shifts. Especially challenged are businesses that manage credit card information electronically and over the phone. These new working conditions unearth new risks for sensitive data. Social distancing can also bring about more social engineering attempts. According to the U.S. Secret Service, social engineering/phishing is a very common online attack right now.* (more…)
Taking Care with Telehealth: Health Care. Cyber Care. Duty of Care.
Social distancing and stay-at-home orders are designed to protect us from the spread of COVID-19, but what about patients that still require check-ups, post-hospitalization follow-ups, continued monitoring due to other conditions – Telehealth is a convenient solution. (more…)
4 Reasons Why Third-Party Risk Management (TPRM) Should Be Reviewed
As people “Stay at Home” and work remotely during the COVID-19 pandemic, organizations have an increased reliance on external partners, suppliers, and third party vendors to keep their businesses running. For some companies, this may be the first time their employees worked outside of their office, without the benefit of established cyber security policies for working from home. It is crucial that third-party vendors be on the same page as their clients to ensure proper safeguards and business continuity. (more…)
Covid-19 Does Not Exempt Compliance nor Security Obligations
While companies are consumed with the task of implementing remote work strategies in response to the COVID-19 crisis, it is critical to remember one thing: No matter how chaotic things get, Coronavirus does not exempt you from your industry or government compliancy obligations such as HIPAA, CCPA and PCI DSS. It also does not release you from your responsibility of employing Duty of Care when it comes to protecting third party personal data. (more…)
CAMP IT Conferences Gallery
CAMP IT produces events designed to help IT professionals understand new technologies and make the critical, strategic and tactical decisions for their enterprises. (more…)
Third-Party Vendors: Are You on the Same Page?
Your Vendors May Be Weak Links in Supply Chain Breaches
(more…)
Insufficient Vendor Reviews = Rampant Third-Party Breaches
According to a survey conducted by the Ponemon Institute in 2018, 59 percent of companies have experienced a third-party breach of some type. Despite the high prevalence of these incidents however, only 16 percent say they effectively mitigate third-party risks. (more…)