Sign In  |  Register  |  About Burlingame  |  Contact Us

Burlingame, CA
September 01, 2020 10:18am
7-Day Forecast | Traffic
  • Search Hotels in Burlingame

  • ROOMS:

TBG Security Introduces 3rd Party Vendor Risk Management Services to Mitigate Vendor Risk

TBG Security Logo

TBG Security's Vendor Risk Management Approach

A holistic approach to help mitigate 3rd party vendor risks.

While other organizations offer Vendor Risk Management services, we’ve combined the best tools in the industry with our experience in managing risk to create a solution tailored to your organization.”— Kevin Gorsline, COO, VP Risk Management

BOSTON, MA, USA, February 10, 2021 / -- As organizations continue to shift noncore functions to more experienced providers, they also open themselves up to new sources of third-party risk and vendor risk. Outsourcing services to third party vendors has become the norm in business today but how secure are those services? Third-party vendors may not always have the cybersecurity safeguards that you need to comply with regulations and industry standards. Because most supply chain attacks happen through third-party providers, it’s imperative your organization has a program to ensure proper oversight and assessment of all outside vendors to determine the risks they present to your organization.

Also known as third-party risk management, VRM involves a complex set of risk management processes from risk assessment to monitoring and mitigation, throughout the vendor lifecycle. As more industry regulations are put in place requiring organizations to have a Vendor Risk Management solution, the complexities of managing the program, the lack of skilled resources coupled with the amount of time spend monitoring your vendors has created challenges for many organizations.

Third-party risk management and Vendor Risk management are a critical aspect of overall risk management that involves analyzing and controlling risks associated with outsourcing or working with third parties, including vendors, suppliers, contractors, or service providers. TBG Security has partnered with three of the industry leading vendors to create a TPRM/VRM service to address both the regulatory requirements and best industry practices in this space. TBG security’s VRM service provides everything your organization needs to build, implement and execute a robust comprehensive program to effectively manage the risks posed by the use of third-party vendors.

The three complementary components of our service solution are provided by Whistic, RiskRecon and Osano. Whistic is on Gartner's 2020 Magic Quadrant as a leading provider of IT Vendor Risk Management tools. Whistic makes it easy for buyers to assess their vendors and for vendors to proactively share their security posture directly from Salesforce, including security assessments, documentation, audits, and certifications to build trust early in the sales process. By leveraging RiskRecon, our solution makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties. RiskRecon gives you visibility into a deep risk assessment spanning 11 security domains and 41 security criteria – software patching, network filtering, ip reputation, web encryption, application security, and more. All fully risk contextualized and tuned to match your risk appetite.

While assessing and monitoring your vendors security posture is critical to managing risks in your supply chain, how your vendors handle privacy requirements has become paramount in meeting the ever changing privacy regulatory landscape. California Privacy Protection Act (CCPA), California Privacy Rights Act (CPRA), General Data Protection Regulation (GDPR), Canada’s Consumer Privacy Protection Act (CPPA) all have third party vendor requirements dealing with how your vendors and/or third parties handle protected information. That’s why we’ve partnered with Osano to round out our offering to assess vendors privacy & consent posture. Osano calculates the scores for each vendor based on 163 items assessing cookie policy, enforcement, GDPR/CCPA statements of accessibility, choice, enforcement and numerous others providing you with a real-time assessment of the third party’s privacy posture.

“While other organizations offer Vendor Risk Management services, our VRM solution combines the best tools in the industry with our decades worth of experience in managing risk to create a solution tailored to your organization. No one size fits all when it comes to risk management so acting as your trusted advisor, we tailor our solutions to meet the needs of your organization without impacting your current business practices,” said Kevin Gorsline, COO & VP Risk Management, TBG Security. “By combining these three platforms with TBG’s robust vendor risk management maturity model we’ve created a holistic solution for evaluating maturity of third-party risk management programs."

With TBG Security’s Third Party Risk Management solution you can take advantage of automated workflows for third-party intake, risk ranking and security assessments while leveraging a defined methodology for assessments, validation and scoring allowing you to compare third-parties and focus on those that present the most risk. The combined platform approach allows you to gather, store, query, and report on third-party information and unlock insights previously struck in static spreadsheets while gaining confidence by fully understanding the security risks across all your third-parties.

● Get more information on TBG Security’s Third Party Risk Management

About TBG Security Inc.
TBG Security is a leading provider of information security and risk management solutions for fortune 100 and Fortune 500 companies. TBG designs and delivers cyber security solutions to work in harmony with existing operations. Companies depend on TBG services in areas including risk management, security policy, security strategies for compliance, business continuity, network security, managed services, software and service integration and incident response.

About Whistic
Whistic is a leading provider of proactive vendor security and is changing the way companies evaluate vendors and build trust with customers.

● If you’re a buyer, the Whistic Trust Catalog enables you to perform zero-touch vendor assessments in minutes—not weeks.
● If you’re a seller, you can reuse the work you’ve done completing security assessments and share that information over again.

For more information visit

About RiskRecon
RiskRecon, a Mastercard company, is the only continuous vendor monitoring solution that delivers risk-prioritized action plans custom-tuned to match your risk priorities. RiskRecon provides the world’s easiest path to understanding and acting on own enterprise and third-party cyber risk, enabling organizations to efficiently operate scalable, third-party risk management programs for dramatically better risk outcomes.

For more information visit

About Osano
At Osano, we believe that increasing transparency is for the good of the entire Internet. The web is built on trust, so websites, software vendors, and service providers should be held accountable for how they gather, use, share and handle users’ data. Osano’s data privacy platform, services, and Privacy Monitor tools contribute to the education and transparency that represent the first step toward informing users and protecting data privacy rights.

For more information, visit

Kevin Gorsline
TBG Security
+1 877-233-6651
email us here

Data & News supplied by
Stock quotes supplied by Barchart
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.
Copyright © 2010-2020 & California Media Partners, LLC. All rights reserved.