TPRM Academy

TPRM (Third-Party Risk Management) is part of a proactive approach to monitoring and controlling risks associated with supplier failure. In a context where companies and government agencies rely heavily on external partners (IT service providers, SaaS publishers, HR firms, etc.),…

As a business, you rely on numerous suppliers and partners to carry out your activities. While outsourcing can be a source of agility and performance, it can also expose you to risks and lead to data loss or business interruption. And the consequences can be far-reaching, affecti…

In June 2024, 77 entities, including 10 French banks, fell victim to a remote access Trojan called "DroidBot." Resold to cybercriminal networks, more than 776 infections were detected in Western Europe within banking organizations, cryptocurrency platforms, and financial companie…

In today's digital age, protecting information systems is a priority for all organizations, regardless of their size (SMEs, mid-cap companies, large corporations) and their sector of activity (banking, insurance, manufacturing, automotive, aviation, logistics, agri-food, etc.). T…

Facing the digitalization of their activities, companies must now deal with a growing risk of cyber threats. Financial losses, theft of sensitive data, damage to brand image… the impacts of an incident are numerous. In 2024, the French National Cybersecurity Agency (ANSSI) observ…

Our dependence on service providers and SaaS applications increases every year: HR, payroll, project management, business processes... Third-party risks directly threaten business operations. The approach is now fairly well established for CISOs. For all new suppliers, it is nece…

External Attack Surface Management (EASM): assess, prioritize, remediate External Attack Surface Management (EASM) encompasses the practices, procedures, and tools aimed at mapping, monitoring, and securing all of a company’s digital assets exposed on the Internet. It provides or…

The due diligence process, also known as reasonable diligence, is an essential in-depth investigation that companies must perform before establishing business relationships with third parties, particularly suppliers. This process often includes a supplier due diligence to assess …

Managing cyber risk associated with suppliers is now a strategic issue for all organisations. In this third edition of the Supplier Cyber Risk Observatory, Board of Cyber and CESIN give a voice to more than 170 CISOs, CIOs, CTOs and compliance directors based in France. Their fee…

Why has supplier risk become a major cybersecurity issue? Supplier risk is significant, but it does not fully describe the challenges currently facing businesses. At AXA France, we mainly support SMEs and mid-cap companies, which are less focused on managing their supply chain th…

How do you assess the cyber maturity of your supply chain? Crédit Agricole has several thousand suppliers who do not all have the same level of cyber maturity. Large companies have anticipated and are following regulatory developments such as DORA, which establishes principles bu…