Over the past four years, I’ve had countless conversations with hundreds of companies around third-party cyber risk issues. It’s been my personal Groundhog Day, so to speak.

Regardless of sector or size of company, the conversations are almost identical as most everyone faces a similar challenge:

"How can I truly  manage risk from third parties where I have little or no control over their information security practices?"

Read more