News and Updates

This week's Dcrypted discusses the often overlooked risk that of 3rd party risk. No matter your industry if you are using tech you should be thinking about 3rd party risk, especially in cybersecurity.

Listen to the Podcast here.

Guest: Ishan Girdhar Founder and CEO of Privva (starts ~11 minutes in)

Creator/ Host/ Writer: Jacob Biesiada

In the modern economy, the complex network of third parties on which businesses rely results in expanded business risk. While vendor risk management has taken a greater seat at the board table, many organizations still struggle with how to appropriately assess the layers of risk that external partners impose. A useful framework for approaching it is a con...

FOR IMMEDIATE RELEASE

June 16, 2020

ARLINGTON, VA & BALTIMORE, MD — Privva, a third-party vendor cybersecurity risk assessment and management platform, announced today a growth financing led by Squadra Ventures. Building on rapid adoption by customers in finance, insurance, legal, healthcare, and technology, the company will use the investment to fund sales...

Wherever an organization’s vendor risk management program is in its evolution, a key to success is to simplify and streamline the entire process through iterations that will make it sustainable. This paper presents 7 key Steps that incorporate cross-industry best practices to guide that process and equip your organization with a top-tier approach to manag...

Many organizations widely accept SOC 2 reports in lieu of completing security assessments of their third parties. SOC 2 reports can often be complicated and difficult to align to the products and services provided by third parties so it’s important for organizations to ensure they have the appropriate personnel in security and/or risk management have spec...

How many times have you had vendors say they’re secure because they’re using AWS, Azure or G Suite? Unfortunately, just because AWS is SOC II compliant that doesn’t mean that every vendor application running on AWS is equally compliant. Cloud hosting is based on a shared responsibility model. The cloud service provider is responsible for security of the c...

Beacon Strategies, LLC, a leading consulting and thought leader to enterprise retail wealth firms, is pleased to announce its newest service offering, named Vendor Management.

This new service supplies wealth firms with a vendor management framework. The technology and structure support the ongoing documentation needs demanded by regulators, as well as the...

New integrations adding visualizations of vendor security assessments, financial data and dark web monitoring enrich Privva’s third-party risk management platform providing wider view of breach factors

April 28, 2020 - Arlington, Virginia: Privva, the leading third-party risk management platform, today introduced new continuous monitoring partnerships with...

It’s full steam ahead for the Department of Defense Cybersecurity Maturity Model. This new requirement will start showing up in DoD Requests for Information as of June, although actual certification is not required until contract award.

In preparing for it, hundreds of thousands of defense contractors must take a formalized and structured approach to their...