TPRM Academy

TPRM (Third-Party Risk Management) is part of a proactive approach to monitoring and controlling risks associated with supplier failure. In a context where companies and government agencies rely heavily on external partners (IT service providers, SaaS publishers, HR firms, etc.),…

As a business, you rely on numerous suppliers and partners to carry out your activities. While outsourcing can be a source of agility and performance, it can also expose you to risks and lead to data loss or business interruption. And the consequences can be far-reaching, affecti…

In June 2024, 77 entities, including 10 French banks, fell victim to a remote access Trojan called "DroidBot." Resold to cybercriminal networks, more than 776 infections were detected in Western Europe within banking organizations, cryptocurrency platforms, and financial companie…

In today's digital age, protecting information systems is a priority for all organizations, regardless of their size (SMEs, mid-cap companies, large corporations) and their sector of activity (banking, insurance, manufacturing, automotive, aviation, logistics, agri-food, etc.). T…

Facing the digitalization of their activities, companies must now deal with a growing risk of cyber threats. Financial losses, theft of sensitive data, damage to brand image… the impacts of an incident are numerous. In 2024, the French National Cybersecurity Agency (ANSSI) observ…

Our dependence on service providers and SaaS applications increases every year: HR, payroll, project management, business processes... Third-party risks directly threaten business operations. The approach is now fairly well established for CISOs. For all new suppliers, it is nece…

External Attack Surface Management (EASM): assess, prioritize, remediate External Attack Surface Management (EASM) encompasses the practices, procedures, and tools aimed at mapping, monitoring, and securing all of a company’s digital assets exposed on the Internet. It provides or…

The due diligence process, also known as reasonable diligence, is an essential in-depth investigation that companies must perform before establishing business relationships with third parties, particularly suppliers. This process often includes a supplier due diligence to assess …

Get your copy as soon as the report is released Managing cyber risk associated with suppliers is now a strategic issue for all organisations. In this third edition of the Supplier Cyber Risk Observatory, Board of Cyber and CESIN give a voice to more than 170 CISOs, CIOs, CTOs and…

CESIN and Board of Cyber unveil the 2024 Observatory on Cyber Risks Linked to Suppliers This second edition surveyed more than 100 cybersecurity leaders, members of CESIN, from organizations of all sizes and sectors, about how they manage supplier-related cyber risk — methods, to…

Cyber risk management for suppliers: digital service providers face the dual challenge of compliance and performance With the rise in cyberattacks and the introduction of new European regulations (NIS2, DORA, CRA), digital services companies (DSCs) are facing a strategic challen…