TPRM Academy

TPRM (Third-Party Risk Management) is part of a proactive approach to monitoring and controlling risks associated with supplier failure. In a context where companies and government agencies rely heavily on external partners (IT service providers, SaaS publishers, HR firms, etc.),…

As a business, you rely on numerous suppliers and partners to carry out your activities. While outsourcing can be a source of agility and performance, it can also expose you to risks and lead to data loss or business interruption. And the consequences can be far-reaching, affecti…

Banks, insurers, and financial institutions are facing unprecedented cyber pressure. With the DORA regulation coming into force in January 2025, the NIS2 directive, and the growing wave of supply chain attacks, CISOs in the financial world are looking for benchmarks, methodologie…

In June 2024, 77 entities, including 10 French banks, fell victim to a remote access Trojan called "DroidBot." Resold to cybercriminal networks, more than 776 infections were detected in Western Europe within banking organizations, cryptocurrency platforms, and financial companie…

In today's digital age, protecting information systems is a priority for all organizations, regardless of their size (SMEs, mid-cap companies, large corporations) and their sector of activity (banking, insurance, manufacturing, automotive, aviation, logistics, agri-food, etc.). T…

Our dependence on service providers and SaaS applications increases every year: HR, payroll, project management, business processes... Third-party risks directly threaten business operations. The approach is now fairly well established for CISOs. For all new suppliers, it is nece…

In a digital landscape where corporate boundaries are dissolving into interconnected ecosystems, your organization's security no longer depends solely on your own ramparts, but on the strength of every link in your supply chain. Third-Party Risk Management (TPRM) has shifted from…

External Attack Surface Management (EASM): assess, prioritize, remediate External Attack Surface Management (EASM) encompasses the practices, procedures, and tools aimed at mapping, monitoring, and securing all of a company’s digital assets exposed on the Internet. It provides or…

Managing cyber risk associated with suppliers is now a strategic issue for all organisations. In this third edition of the Supplier Cyber Risk Observatory, Board of Cyber and CESIN give a voice to more than 170 CISOs, CIOs, CTOs and compliance directors based in France. Their fee…

Why has supplier risk become a major cybersecurity issue? Supplier risk is significant, but it does not fully describe the challenges currently facing businesses. At AXA France, we mainly support SMEs and mid-cap companies, which are less focused on managing their supply chain th…

How do you assess the cyber maturity of your supply chain? Crédit Agricole has several thousand suppliers who do not all have the same level of cyber maturity. Large companies have anticipated and are following regulatory developments such as DORA, which establishes principles bu…

Managing cyber risk associated with suppliers is now a strategic issue for all organisations. In this third edition of the Supplier Cyber Risk Observatory, Board of Cyber and CESIN give a voice to more than 170 CISOs, CIOs, CTOs and compliance directors based in France. Their fee…

Why has supplier risk become a major cybersecurity issue? Supplier risk is significant, but it does not fully describe the challenges currently facing businesses. At AXA France, we mainly support SMEs and mid-cap companies, which are less focused on managing their supply chain th…

How do you assess the cyber maturity of your supply chain? Crédit Agricole has several thousand suppliers who do not all have the same level of cyber maturity. Large companies have anticipated and are following regulatory developments such as DORA, which establishes principles bu…