Connect with us

Top Stories

Catching the Blind Spots of Vendor Risk Management

Catching the Blind Spots of Vendor Risk Management

Written by Tom Turner, CEO and President, BitSight

In my experience there are a number of common blind spots associated with vendor risk management (VRM), or third-party risk management’ as it is sometimes called. In this article I will share with the readers what I see as six top misconceptions surrounding VRM and suggest strategies for businesses to overcome or avoid some of these pitfalls.

  1. Only the highest value business relationships have the most inherent risk

Today we see many high profile data breaches hitting the headlines. That’s because businesses are more connected than ever before, and organisations are having to deal with increasing numbers of third parties. Often, there will be a direct relationship where data is exchanged. However, we’re seeing more indirect relationships where a third party may not be deemed critical to the organisation’s service or product, yet they still have the potential to introduce risk. Take the Netflix ‘Orange Is The New Black’ leak in April last year from Larson Studios. This was a post-production company that was probably thought to be a distant vendor in the supply chain, yet when they were hacked it had a massive impact on the core business.

Likewise, many businesses are using the same third party, which is often unavoidable. For some products and services, there’s only one dominant player in the market to choose from if you need to outsource. This situation can result in massive downstream effects if there’s a data breach, compromise, or service disruption.  For example, theNotPetyamalware hit many companies in Ukraine particularly hard, such as the shipping giant Maersk. This happened because a Ukrainian based software accounting platform was compromised, and the ransomware spread to its customer base.

Breaches and outages aren’t just resulting from typical third parties anymore. They’re also stemming from more distant vendors. While these organisations may not have access to your network, you may rely on their technology or services which could cause considerable risk downstream. 

  1. Your most trusted form of assurance is a diligence questionnaire 

VRM programmes have traditionally focused on setting contractual obligations for vendors. Risk managers would periodically check on whether vendors were meeting certain obligations and move on to the next item on their “to do” list. For a long time, the only way to manage risk was to use questionnaires, audits, and penetration tests. This haschanged, and businesses are now actively ‘hunting’ for risk. They are consuming multiple data feeds about operational, financial, and cyber security risk. In doing so, many organisations have taken a more collaborative approach with vendors, rather than a combative one. The notion that VRM is a game of strong arming between risk and legal departments is changing. Organisations and their vendors are having more constructive dialogues. 

  1. VRM is not a Board level issue

According to Gartner, 80% of security risk management leaders are being asked to present tosenior executives on the state of their security and risk programme and 75% of Fortune 500 companies arenow expected to treat VRM as a board level initiative to mitigate brand and reputation risk. Boards are beginning to request updates more than once a year and this has led to the emergence of security committees.

The challenge for risk managers is how best to contextualise the company’s level of risk. This is where objective, quantitative measurement can really help. For example, being able to say that the aggregate level of cyber risk posed by vendors has dropped 20 percentage points is a lot more insightful than saying, “We’ve mandated that all of our vendors implement multifactor authentication.” It’s important to learn how to speak the right language to the Board. 

  1. Regulations and VRM programmes are two different issues 

The impact of regulationvery much depends on the industry sector, but if you are subject to any regulation at all, then it needs to be included in your VRM programme. Regulations that encompass all industries, such as General Data Protection Regulation (GDPR)which comes into force on 25th May this year, will need to be part of the risk management programme of every single organisation. Article 32 states that organisations that collect personal data must have rigorous due diligence processes to ensure that appropriate controls are in place before sharing data with vendors. 

  1. VRM can be handled manually with existing resources 

Relying solely on subjective point-in-time questionnaires can leave a lot of risk unidentified or unaddressed. Many companies now understand that having a continuous objective view is needed.

Also, you can’t simply just throw people at this problem. There are too many vendors connected to the enterprise and not enough risk professionals in the world to manage them. Companies need to automate processes whenever possible to manage this risk. There’s going to be a huge breakthrough when businesses across all sectors recognise the importance of automation and allow human intervention when urgent action is required. 

  1. Engaging with vendors and the supply chain to correct risk is difficult and confrontational 

Companies have different approaches for engaging with vendors and some have more influence than others. However, we are learning that presenting data and accessing a common platform providessignificant benefits.

Giving non-customers free access to a security ratings platform via a trusted partner will allow third party vendors to investigate potential network issues and allow access to remedial resources. This is a good example of how engagement with vendors can be driven by objective data. It also offers vendors a benefit in return for their engagement and reduces some of the confrontation that can accompany risk assessment.

With economies of scale at play, there are potentially long-term benefits too. With many organisations using the same vendors to rectify issues, we can reach a wider audience and the whole digital economy is better off.

To learn more about vendor risk management, visit www.bitsighttech.com

Top Stories

What is loneliness and how can you manage it?

What is loneliness and how can you manage it? 36

By Iris Schaden Your Business and Personal Coach

A mere century ago, almost no one lived alone. Today, many do and it is not unusual. The recent lockdowns and isolation periods have amplified feelings of loneliness. But why do we feel lonely? Why do our bodies experience social pain? Learn about what we can do to improve our situation, prevent chronic loneliness and minimise the tremendous impact it has on our health.

Solitude and choosing to be alone can be bliss. Over the last sixty years the number of people living alone has increased in developed countries by more than 50 percent. In countries such as Denmark, Sweden and Switzerland, it is very common for people to live alone. But this does not translate into higher levels of selfreported loneliness. Many people have friends or family they can interact with on a regular basis.

However, it is important to recognise that this choice is different to loneliness, which can be a state of profound distress. Loneliness is a purely subjective and individual experience that can be felt by anyone, no matter their social, educational, gender or age demographic. Humankind are social creatures by nature – we struggle without it – and social connections are important to our health and emotional wellbeing.

Loneliness is a problem when we feel that no place is home; when we are in a group and we still feel social separation; when we spend time with our family but we feel like we don’t belong; or when we lose a relationship and struggle to adjust. It is a growing phenomenon in modern times, a by-product of our individualism, long-distance study and career opportunities or time-consuming work commitments.

The pandemic, with its required isolation and social distancing, has added additional stress to many households, but feelings of loneliness or adverse effects of social isolation are particularly prevalent in one-person households and young people aged 12–25. According to a study by VicHealth, even before COVID-19 young adults and adolescents reported high levels of loneliness, social isolation, social anxiety and depressive symptoms. Additionally, it is men who tend to report higher levels of loneliness than women.

Reported loneliness is on the rise. In 2017 and 2018 former US Surgeon General Vivek H. Murthy declared ‘an epidemic of loneliness,’ and the UK appointed a Minister of Loneliness. In these two countries, one in five adults reported that they often or always feel alone; in Australia, it was one in four adults. And this was before COVID-19, which makes us realise the mental and emotional impact lockdown has on individuals.

What happens to our bodies when we experience loneliness?

Neuroscientists, such as John Cacioppo, identify loneliness as ‘a state of hypervigilance whose origins lie among our primate ancestors and in our own hunter-gatherer past’. Our ancestors needed to belong to an intimate social group to survive. Cacioppo explains that our bodies respond to being alone, or being with strangers, as though we were in a dangerous situation.

Separation from other people (the group) triggers a fight-flight-or-freeze response and we feel social pain. While physical pain is primarily a sensory experience, social pain is the emotional state that comes from the distress of being lonely. Like the bodily sensation of hunger, it alerts us to a need, but instead of food the need is social interaction.

Loneliness generates anxiety: our breathing quickens, our heart races, our blood pressure rises and we struggle to sleep or sleep well. If we don’t pay attention, over time we start to act more fearful, defensive and self-involved. All of these actions drive others away and tend to stop those experiencing loneliness from doing what would benefit them the most: reaching out to others. It is a vicious cycle and one that is especially challenging for older and younger individuals.  

Tactics to help cope with feelings of loneliness. 

To belong is to feel at home in a place or situation where you feel included, comfortable and connected with others. In his assessment, Vivek H. Murthy wrote, ‘To be at home is to be known … You can feel at home with friends, or at work, or in a college dining hall, or at church, or in Yankee Stadium, or at your neighbourhood bar. Loneliness is the feeling that no place is home.’ Having relocated to different cities and countries and re-establishing my life over and over again, I can certainly say that loneliness can be a challenge.

Iris Schaden

Iris Schaden

How can we combat the feelings of loneliness and the anxiety that comes with it, before it becomes chronic and we find ourselves even more isolated over time? 

The first step in moving forward is acknowledging how you feel. Give those feelings a name with a specific timeframe; for example, today I feel alone or since I’ve been in lockdown, I have felt alone or since I lost my partner, I feel disconnected and lost. By doing this, we focus on the present and do not label our entire existence as lonely.

My personal strategy is to go outside if the loneliness gets too ‘heavy’; connect with other people through looks and smiles (even under a face mask our eyes can smile); call friends and family regularly; or schedule a brunch or glass of wine with friends (in person or video chat).

Practising random acts of kindness and gratitude, for others and ourselves, is another very effective and very positive way of bringing us back into the present moment and improving our overall wellbeing. Energy flows where our focus goes. It takes effort and sometimes it is indeed easier to just give in and watch a light-hearted movie on the couch. And that’s fine too!

If you are ever experiencing loneliness, I recommend exercising your social muscles and also seeking support. Remember that your feelings are normal as we are biologically fine-tuned to being with and interacting with others. However, you will need to make changes to avoid jeopardising your health. Once loneliness becomes chronic it becomes self-sustained and you will begin exhibiting defensive behaviour. As a defence mechanism, loneliness makes you assume the worst of others and you (your brain) become hypersensitive to social signals that might be interpreted as hostile towards you, when in reality people might just be trying to help you.

Large studies have shown that feeling lonely has a tremendous impact on your health: it can make you age quicker, cause dementia to advance faster, weaken your immune system and lead to anxiety and depression. Many people turn to substance abuse which only serves to numb the symptoms, rather than treat the source. And while you can find so much information online, knowing is not enough. Remember that reaching out for help is not a sign of weakness but one of strength. So please reach out to your network, talk to your health professional or get in contact with me.

There are different ways to improve your overall wellbeing. Let’s discuss.

Continue Reading

Top Stories

Payments in a pandemic: UK consumer trends emerging from COVID-19

Payments in a pandemic: UK consumer trends emerging from COVID-19 37

By Philip McHugh CEO at Paysafe

The outbreak of COVID-19 has been a global catalyst impacting many industries, including payments. It has forced consumers to adjust to different ways of purchasing goods and services; according to our latest Lost in Transaction research, a survey in which 8,000 consumers globally were asked about their payment habits, over half (54%) of UK consumers said they have used a payment method new to them since COVID-19 began.

This change in consumer behavior will serve as a tipping point for the payments industry. Consumers are demanding more choice, and more convenience in how they pay, with 84% of people we surveyed admitting to thinking about payments differently in 2020.

Here are four trends coming out of the COVID-19 pandemic we believe will permanently alter the global payments landscape.

  1. Major shifts to digital

This pandemic has not only been the impetus for change from consumers, but for businesses too. For cash consumers, particularly those who are unbanked, the short and long-term impact of only having to access to products and services digitally is going to be substantial. Providing a smooth transition from retail to online payments will be key. According to our research findings, COVID-19 has led 21% of UK consumers to try online shopping for the first time and 12% using a digital wallet for the first time to make an online payment.

Digital merchants must take this into strong consideration when thinking about the evolution of their checkout. There are many viable options, including incorporating an eCash solution to give the buyer the option to maintain cash as their primary payment method, or introducing a digital wallet that enables people to shop online without sharing their financial data with merchants and potentially compromising their financial security. By 2023, digital wallets are expected to become the most popular online payment method in the UK, accounting for 33% of the market.

Already, nearly half of UK consumers (43%) said they increased their online shopping habits because of restricted access to high street stores and this percentage is expected to grow further. It’s vital that businesses begin to diversify their payment offerings otherwise they’ll fail to meet consumer expectations and risk losing out to their competitors.

  1. The growth of contactless

Despite the World Health Organization not issuing an official warning against using cash, the psychological perception of the safety of handling cash has made an impact.  Nearly two thirds (63%) of UK consumers surveyed said they will be using contactless more in the short term due to health and safety concerns, and 61% saying they are happier using contactless now than they were last year.

At the end of March, cash usage in Britain halved, according to Link , operator of the UK’s biggest network of ATMs. In addition, contactless card limits for in-store spending rose from £30 to £45 to cut the need for physical contact in shops. Increased adoption of mobile wallets like Apple Pay or Google Pay across all generations may be on the horizon, making payments more accessible to society. Restaurants and pubs are also encouraging the trend towards cashless as well, such as prompting people to use an order-ahead app to pay for drive-through orders or removing the need to press a “pay now” button before a contactless payment.

  1. The importance of remittances

With travel restrictions still in place around the world, sending money home quickly, seamlessly, and cost-effectively remains more vital than ever. Half of consumers have given money to family or friends since the crisis began, and nearly a quarter (20%) have done this at least three times. According to our research, 74% of consumers would use a digital payment method to send money abroad, either through a digital wallet, direct bank transfer, or online money transfer services. Effective remittance channels are needed to combat specific issues caused by this crisis, including being financially inclusive for those needing financial support for the first time and who may not have a bank account, or access to digital payment methods because of displacement and isolation.

  1. Embracing the power of technology

Our recent Lost in Transaction research shows that consumers are already adapting to challenges in purchasing, including getting to grips with alternative payment methods, and it is the industry’s job to make those methods even more accessible to society. Both payment providers and online retailers must adapt in line with the demands of consumers, and the requirements of the situation. Ultimately, the accelerated change and improvements made to digital commerce throughout this pandemic will pave the way for the future of both digital and in-store payments.

Once the world resumes ‘business as usual’, the payments industry, guided by changing consumer behavior, will develop further thanks to new technologies such as 5G technology, artificial intelligence and automation – all helping to speed up transactions, improve in-store payments, and enhance user experience. Online and mobile banking will become more ingrained in the mainstream and consumers will come to expect a fully-integrated, unified experience across all channels and touch points. We were already on this path, but the pandemic has served to accelerate consumer appetite for enhanced products and services.

Continue Reading

Top Stories

FinTech Landscape: Synergy and Disruptive Innovation in Investment Banking

FinTech Landscape: Synergy and Disruptive Innovation in Investment Banking 38

By Mr. Kunal Sawhney, CEO at Kalkine

While technological leaps seem to be defining brighter future for some businesses in the post-COVID era, FinTech continues to thrive and transform the landscape of financial services industry. It is about staying ahead of the curve in this race against grabbing a bigger chunk of market amidst shrinking consumer and business confidence – as adoption of advanced technology can be the secret sauce in attracting and retaining customers in the digital era.

Asset management, insurance and lending companies are some of the prominent segments in the broader financial segment that have very swiftly embraced the latest digital technologies. Looking at Investment Banking (IB) space, while COVID-19 pandemic initially brought the sector to its knees, latest trends in financial technology adoption seem to be getting them back on their feet, driven by advanced and streamlined offerings pertaining to M&A advisory, risk management and financial assets management.

In general, we have heard about versions – Fintech Version 1.0 & Fintech Version 2.0, but the modern theory around investment using financial technology does not end here. There is a multitude of factors that can push and prod the IB thematics while channelising the way technology can slither through and give a spin to each and every product and service in Investment Banking space. Tech-based end-to-end models appear to take things one notch up when it comes to dealing with risk profiling, lending, fraud analysis, payments etc. Let’s look at how this is made possible in today’s world:

AI Technology Penetration – The ‘New Normal’: Penetration of Fintech in IB models is charting out new growth prospects for the financial services industry, ensuring cost optimisation of due-diligence, enhancing value for M&A prospects, streamlining legal checks and advancing asset-reporting discrepancies in acquisition deals. Besides, AI-empowered actuarial software is providing a firm nudge to offering top-notch, faster and accurate risk advisory services.

Moreover, seamless utility and penetration of AI and ML in algorithm trading, stock market prediction, fraud detection and prevention, acquisition of new customers, risk profiling and network security deserve much applause. Amidst COVID-induced market volatility, technology-enabled valuation models play an important role in carving out future stock predictions and aiding sound investment decisions.

Big Data Analytics Driving Value-Based Offerings- IB players are increasingly adopting big data models in evolving and providing advanced offerings in terms of building customer-centric asset portfolio valuation models, offering trading and investment support, risk advisory and M&A support. Meanwhile, big data is also leveraged to optimize internal processes such as automated customer support, salary optimization, attrition modelling, fraud analysis, credit/operational risks, etc.

Kunal Sawhney

Kunal Sawhney

Besides, the concept of algorithm trading seems to be gaining wide acceptance across major IB players in ensuring efficient execution of financial trades and robust investment decisions without human intervention.

Empowering revolution in the IB space, adoption of unique predictive models, sophisticated statistical techniques and ensuring privacy and integrating of data is crucial here. Specific set of challenges needs to be carefully catered to, in order to ensure that big data boosts competitiveness and support deeper market penetration.

Robo Advisory – The Next-Gen Frontier: Robo Advisory engages high-tech algorithms and provides secure, faster and self-service functionality via online investment management platforms. As per market experts, asset under management using Robo Advisory is expected to grow multifold in the post COVID era.

With minimal manual efforts, Robo Advisory allows automatic adjustments and rebalancing of the portfolio allocation based on algorithms and pre-defined investment rules. The investments are entirely automated and have self-learning algorithms, while the cost of running a robotic automation tool is far less than doing the same work manually.

Cash Less Transactions – The Immediate Future: With increased comfort and safety associated with online cash-less transactions amidst current health crisis, IBs are able to improve and augment existing products and services, in addition to developing new business models. While social distancing is becoming a new normal in the coronavirus era, financial advisors appear to be harnessing the fruits of tech transformation and heightened cashless transactions.

Undoubtedly, banking giants that are fast in adopting digital technologies have an edge over their peers. However, the biggest challenge for FinTech is data privacy, as transactions that go digital are highly prone to cyberattacks. Nevertheless, digital transition may see emergence of a digital-first model in the near term, ensuring radical shift in the value proposition offered to clients, with an ever-increasing emphasis on digital toolkits and electronic market access. All in all, it’s how firms refine their transformation objectives, evolve from the lessons learned from the pandemic and review their broader strategic agenda.

Continue Reading

Latest Articles

Return to work: Flexibility, preparation and communication are key 39 Return to work: Flexibility, preparation and communication are key 40
Business11 hours ago

Return to work: Flexibility, preparation and communication are key

By Matt Weston, Managing Director, Robert Half UK As lockdown restrictions ease for the foreseeable future, conversations across the business...

How sustainable AI improves the triple bottom line 41 How sustainable AI improves the triple bottom line 42
Technology12 hours ago

How sustainable AI improves the triple bottom line

An investment in green AI enables financial services firms to align people, profit, and planet By Nick Dale, EVP business...

The impact and implications of Covid-19 on financial reporting 43 The impact and implications of Covid-19 on financial reporting 44
Finance12 hours ago

The impact and implications of Covid-19 on financial reporting

By Mark Billington, Regional Director, Greater China & South-East Asia, ICAEW The economic consequences of Covid-19 have been unprecedented, affecting...

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy   45 Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy   46
Business15 hours ago

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy  

Leading payments provider, Contis, has applied for two grants from the RBS & BCR Alternative Remedies Package, totalling £35 million.   Unlike most applicants who...

Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver 47 Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver 48
Business15 hours ago

Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver

Nearly a third (32%) of consumers would switch providers if a brand’s website is unavailable for more than 24 hours...

Demonstrating the value of collaborative leadership during crises 49 Demonstrating the value of collaborative leadership during crises 50
Business2 days ago

Demonstrating the value of collaborative leadership during crises

By Jean Stephens, CEO, RSM International In 2000, a leading expert in behavioural science, Daniel Goleman, outlined the six key...

Empowerment Accelerates Continuous Improvement 51 Empowerment Accelerates Continuous Improvement 52
Business2 days ago

Empowerment Accelerates Continuous Improvement

By Larry Sternberg, JD, Fellow, Talent Plus, Inc. Empowerment First, let me clarify how I am using the word “empowerment”...

What is loneliness and how can you manage it? 53 What is loneliness and how can you manage it? 54
Top Stories2 days ago

What is loneliness and how can you manage it?

By Iris Schaden Your Business and Personal Coach A mere century ago, almost no one lived alone. Today, many do...

How banks can build digital transformation into business continuity 55 How banks can build digital transformation into business continuity 56
Business2 days ago

How banks can build digital transformation into business continuity

By Andrew Warren, Head of Banking & Financial Services, UK&I, Cognizant Businesses around the world are falling victim to the...

Akerton Partners 57 Akerton Partners 58
Finance2 days ago

Akerton Partners

Akerton Partners S.L. is a Spanish independent mid-market corporate finance advisor founded over a decade ago, in 2008, amid a...