How has supplier due diligence responded to modern supply chain threats?

supplier due diligence

With the European Union forecasting that this year will see a four-fold increase in software supply chain attacks in 2021, compared to last year, vendor security has become an enormously important priority for almost every business this year. On the heels of cybersecurity incidents like the SolarWinds breach and the Codecov cyberattack, we need to relook at our processes; all … Read More

Trends shaping the traditional compliance risk assessment in 2021

traditional compliance risk assessment in 2021

In today’s tumultuous global landscape and complex regulatory environment, compliance is the one reliable way organisations can make sure the wheels aren’t flying off. What we’ve seen though is that our general approach to compliance risk assessments fail to create a more proactive spirit across our operations. With the disruptions caused by the pandemic, the insidious nature of modern cyberattacks, … Read More

The case for automation in compliance mapping

RiskXchange is one of the firms leading the fight against cybercrime.  Due to the increase of cybercrime, compliance documentation processes are becoming increasingly more in demand. Automation has become an important part of the industry, especially now that hacks are more sophisticated and the talent able to tackle them is sparse.   Automation processes throw up seemingly infinite options, making it extremely difficult … Read More

How changes in cybersecurity regulation by the DOD could impact your VRM strategy

RiskXchangecan fully assess third-party risk factors to ensure your business complies with specific programs and frameworks. The Department of Defense (DOD) has launched a relatively new protection mechanism called the Cybersecurity Maturity Model Certification (CMMC), which is a unifying standard for the implementation of cybersecurity across an organisation. The CMMC has been created to help regulate the cybersecurity practices of … Read More

Understanding FISMA and its impact on government organisation’s cybersecurity

RiskXchange can ensure organisations across America and around the world are FISMA compliant. The Federal Information Security Management Act (FISMA) is a federal law passed in the United States in 2002 that outlines an information security framework for government agencies and their third-party vendors to follow. The aim of the act is to ensure that information security is a high priority for … Read More