Cyber Risk Managenet Group Logo
  • Privacy Policy
  • Home
  • Our approach
  • What we do
  • Points of view
  • Contact us
  • Cookies policy
  • Events
  • Our partners
  • Certified Practitioner Training in the ISF Standard of Good Practice.
  • Our company
  • Our values
    • Categories
  • Company News
  • Cyber Security
  • Cyber Security Governance
  • Executive Management
  • Information Risk
  • Podcasts
  • Privacy & Data Protection
    • 27.11.2019. Information Risk, Podcasts.
    by Nick Frost

    CRMG Podcast: How to Manage Third Party Risk When you Have Thousands of Suppliers

    Not so long ago, the idea of outsourcing critical business functions or IT systems to a third party supplier would have been off limits for many organisations because of the level of risk involved. However today, the use of third party suppliers has increased exponentially, with many organisations outsourcing even core functions of their business. Why? Outsourcing can be financially attractive, efficient and provide competitive advantage.
     
    In delegating key processes to third parties, organisations are potentially exposing themselves to huge amounts of risk, and while you might be able to outsource functions, you can never outsource business risks or reputation. It is common for information security to be last in the process of due diligence when selecting suppliers. So, when you have thousands of suppliers, and they have thousands of suppliers, how far should you go to assess and mange cyber risk?

    In this podcast, CRMG’s Nick Frost, Todd Wade and Andrew Wilson discuss the key risks associated with third party suppliers, how to manage the process of on-boarding suppliers. and how to filter through suppliers to assess those most critical to your business. Our team also discuss the importance of managing the relationships with third party suppliers and the need for an exit strategy in the event of a split.

    About the Series

    This podcast series has been created by the CRMG team whose experience and expertise in cybersecurity and information risks spans many years, working at CISO-level for large reputable organisations. The podcasts cover topics that are at the heart of risk, providing knowledge sharing and insights from different professional experiences.

                                        
    Nick Frost                             Andrew Wilson                      Todd Wade
    Director                                  Principal Consultant              Principal Consultant

    If you would like our team to discuss a topic or address a certain challenge, please contact us at info@crmg-consult.com.

    For more information on assessing third party risk, read our article here.

    Related Articles

    20.01.2020. Cyber Security, Information Risk What Can CISO’s Do to Mitigate Security Risks Posed by Third Party Suppliers?

    In today’s hyper-connected digital age, it’s not unusual for medium to large-sized companies to have hundreds, or even thousands, of third-party suppliers. This can range from product suppliers, to billing processors, to cloud providers, and a variety of different services...

    Read more…
    08.01.2020. Executive Management, Podcasts CRMG Podcast: Changing Senior Managements Perception of Cybersecurity for the Better

    We constantly hear “senior management ‘get it’” – but do they really? Senior managements awareness of information security and cyber threats is essential if security teams are to effectively mitigate against them...

    Read more…
    23.12.2019. Executive Management, Podcasts Building a Business that Serves – Interview with Nick Frost

    In this episode, I interview Nick Frost. Nick is the Co-Founder of CRMG and has been involved in Cyber Security for over 20 years. Prior to starting his own business, he has held leadership roles at PWC and other similar companies. He started his first company in 2015 and just started CRMG in 2018 with a colleague...

    Read more…