Robo-raters Help Banks Vet Vendors for Cyber Risk
These specialists are touting services for monitoring third parties amid tougher rules on outsourcing risk.
If you want to reduce the risk posed by third parties to your organization, you hire another third party to police them.
This concept may not be intuitive, but cyber risk rating companies such as BitSight, RiskRecon and SecurityScorecard have made it central to their business proposition.
These companies are trying to offer an alternative to the staple methods of third-party risk management, where banks vet vendors using questionnaires, lengthy audits and site visits. Instead, the rating
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Regulation
SEC pulls rulemaking proposals in bid for course correction
The regulator withdrew 14 Gensler-era proposals, including the controversial predictive data analytics proposal.
Trading venues seen as easiest targets for Esma supervision
Platforms do not pose systemic risks for member states and are already subject to consistent rules.
The Consolidated Audit Trail faces an uncertain fate—yet again
Waters Wrap: The CAT is up and running, but with a conservative SEC in place and renewed pressure from politicians and exchanges, Anthony says the controversial database faces a death by a thousand cuts.
Exchanges plead with SEC to trim CAT reporting requirements
Letters from Cboe, Nasdaq and NYSE ask that the new Atkins administration reduce the amount of data required for the Consolidated Audit Trail, and scrap options data collection entirely.
EU banks want the cloud closer to home amid tariff wars
Fears over US executive orders have prompted new approaches to critical third-party risk management.
Friendly fire? Nasdaq squeezes MTF competitors with steep fee increase
The stock exchange almost tripled the prices of some datasets for multilateral trading facilities, with sources saying the move is the latest effort by exchanges to offset declining trading revenues.
Europe is counting its vendors—and souring on US tech
Under DORA, every financial company with business in the EU must report use of their critical vendors. Deadlines vary, but the message doesn’t: The EU is taking stock of technology dependencies, especially upon US providers.
Regulators can’t dodge DOGE, but can they still get by?
The Waters Wrap: With Trump and DOGE nipping at regulators’ heels, what might become of the CAT, the FDTA, or vendor-operated SEFs?
