Robo-raters Help Banks Vet Vendors for Cyber Risk
These specialists are touting services for monitoring third parties amid tougher rules on outsourcing risk.
If you want to reduce the risk posed by third parties to your organization, you hire another third party to police them.
This concept may not be intuitive, but cyber risk rating companies such as BitSight, RiskRecon and SecurityScorecard have made it central to their business proposition.
These companies are trying to offer an alternative to the staple methods of third-party risk management, where banks vet vendors using questionnaires, lengthy audits and site visits. Instead, the rating
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: https://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Regulation
Asic probe piles pressure on ASX to deliver Chess replacement
But market insiders think late intervention by regulators could even slow down implementation.
Stakes raised for UK bond, EU derivatives tapes after Ediphy clinches win
The pressure is on for TransFICC, Etrading, Finbourne, and Propellant Digital, who are still vying to provide the UK’s fixed income consolidated tape after Esma awarded the EU’s tape to Ediphy and its partners.
Doing a deal? Prioritize info security early
Engaging information security teams early in licensing deals can deliver better results and catch potential issues. Neglecting them can cause delays and disruption, writes Devexperts’ Heetesh Rawal in this op-ed.
SEC pulls rulemaking proposals in bid for course correction
The regulator withdrew 14 Gensler-era proposals, including the controversial predictive data analytics proposal.
Trading venues seen as easiest targets for Esma supervision
Platforms do not pose systemic risks for member states and are already subject to consistent rules.
The Consolidated Audit Trail faces an uncertain fate—yet again
Waters Wrap: The CAT is up and running, but with a conservative SEC in place and renewed pressure from politicians and exchanges, Anthony says the controversial database faces a death by a thousand cuts.
Exchanges plead with SEC to trim CAT reporting requirements
Letters from Cboe, Nasdaq and NYSE ask that the new Atkins administration reduce the amount of data required for the Consolidated Audit Trail, and scrap options data collection entirely.
EU banks want the cloud closer to home amid tariff wars
Fears over US executive orders have prompted new approaches to critical third-party risk management.
