Fusion Risk Management Introduces Generative AI-powered Assistant to Help Businesses Build Resilience
Blog
Why the Old Way Isn’t Working for Information Security
Posted on: January 2, 2019 Author:
Steve Richardson
As organizations seek ways to solve the security problems inherent in many of their business partnerships, they require a flexible and collaborative system tailored to different user experiences and needs that is accessible by all parties, integrating their separate data-gathering and sharing efforts within a core risk management system.
Unfortunately, many companies are unsure how to approach this, and end up relying on legacy governance, risk management, and compliance (GRC) solutions. Or, even worse, using spreadsheets and email to track and maintain their risk assessments and third-party relationships.
Manual processes, spreadsheets, and email are not a scalable or sustainable model for managing third-party risks for many reasons. Increased spending with third parties, new and stricter privacy legislation, and an heightened media focus on information security breaches increase the levels of risk a business faces when entering third-party relationships as well as the risks resulting from inconsistent or error-prone assessment processes.
Companies are spending more money, and are relying more heavily, on third parties to manage crucial areas of their business because it can reduce internal costs and cut down on internal hiring and training of full-time employees.
While there is added convenience in sourcing a business process service to a third party, companies must also pay attention to how third parties protect and store sensitive data as well as address their own risk and compliance obligations.
Companies must also consider the General Data Protection Regulation (GDPR), which took effect in the European Union on May 25, 2018 and consolidated all privacy laws into one regulation. GDPR has expanded the privacy rights of individuals in every EU country and has put much stricter rules around how organizations handle the personal data of their customers and employees.
GDPR enforcement not only applies to countries in the EU — but to every company that does business there where EU citizen data is stored or processed.
The broad nature of GDPR makes it even more evident just how much emphasis people around the globe place on their privacy. The result is an increased obligation a company has to ensure that privacy for its employees and customers — which includes a thorough vetting of all third-party relationships.
What’s more, regulations that resemble GDPR are being adopted elsewhere. In California, the Consumer Privacy Act was signed into law in June, and will go into effect in 2020, giving residents of the state much more control over their data.
The media attention paid to data breaches can be intense and highly critical. Journalists pay close attention to how and why such incidents occurred, and what could have been done better by the compromised company.
If an organization has not done its due diligence to protect consumer data by assessing the risks associated with their partners, it will become a key point of the news coverage, and can permanently damage the company’s brand and consumer confidence.
Learn more about how Fusion can help with your GDPR and other regulations by visiting our data protection page.
Subscribe to our Newsletter
Stay up-to-date and receive our monthly insights!
Categories
Industries
Solutions
Information Technology and Security Risk, Third-Party Management
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Cookie Authorization Preferences
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Third-Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!