Introduction Velocity helped a large hospital system quadruple the speed of vendor risk assessments, increase accuracy of reviews, create a continuous assessment process, and track internal risk using the Center for Internet Security (CIS), NIST Cybersecurity Framework (CSF), and the HIPAA Security Rule. Background The hospital was struggling to manually review hundreds of vendor (business […]
If the SolarWinds hack taught us anything, it’s that the security of a company’s infrastructure is dependent on the resilience of their vendors. A breached vendor is a trojan horse that bypasses normal defenses and accesses the trusted areas of the network. Threat actors have cunningly discovered that a trusted vendor is often the easier […]