There’s a huge misconception in our industry today that a GRC platform is the end all be all to Third Party Risk Management (TPRM). This is so not true! The key to an effective, results driven, TPRM Program is to take the time to lay a solid risk-based foundation. History has shown, that if you just go purchase a tool and haven’t laid a solid foundation, the tool will not give you the results you’re looking to achieve. Regulatory bodies and Industry standards are embracing this philosophy as well. This process can be tedious and time consuming in the beginning but once complete, your result is a mature TPRM program that is ready to be transitioned into any GRC platform.
Topics: Third Party Risk Management
Companies spend millions every year on products and services to fix all their cyber security vulnerabilities. Then they spend just as much money on highly skilled, well-trained cyber professionals to manage those systems. All those resources are useless when an accountant, or a C-level’s executive assistant, or an HR manager, clicks a link they received in their email and BOOM.
A close look at the reasons companies fail reveals that there are substantial risks that don't typically fall under the purview of most GRC programs. The Forrester Report, Extend Compliance And Risk Management To What Really Matters For Your Business, explores how companies can improve business performance by expanding the fundamentals of their GRC program to the aspects of their company that drive success with customer interactions, which will in turn drive growth and revenue for the company.
Lynx Technology Partners is a minority, veteran owned, woman lead company so we know firsthand the reason for the holiday. We understand that it was created to be a day of service. Our employees work hard to support our clients by performing services for them and going above and beyond the call of duty but they also do the same in our communities. There’s a HUGE GAP in Cybersecurity Careers and part of our mission to serve the community is to educate others and expose them to Cybersecurity careers. So, this past week one of our own, Angela Dogan, Director of Vendor Risk and Compliance Services, spoke to the Atlanta Girls Schools, STEAM students about the meaning of Cybersecurity and all of the possible Careers in the industry. This is one of the many ways Lynx Technology Partners decided to perform their day of service.
Lynx proudly announces their selection as a National Best and Brightest Companies to Work For winner. This award recognizes companies that excel at employee relations, use innovation to motivate employees, implement creative compensation programs and more. Winners will be recognized by National Association for Business Resources (NABR) at the National Best and Brightest Summit – Illuminate 2019 symposium and awards gala on September 15-17, at the Renaissance Chicago Downtown Hotel, located at 1 W Wacker Drive, in Chicago, IL.
A privacy program can be multi-dimensional and broken up across the enterprise to align with where the competency lies. But the privacy professional must connect the dots across the whole program. Here are 5 examples of work-streams that could form a privacy program.
In honor of National Bosses Day this month, we wanted to share an article posted by Security Current about our boss here at Lynx!
Gina Mahin, Chief Executive Officer, Lynx Technology Partners
Gina Mahin is a problem solver. It’s just part of her DNA. She puts that quality to work every day for the clients and partners of Lynx Technology Partners, where she is both CEO and role-model for her technical teams.
Military strategy and training changes with every conflict and governmental paradigm shift. The only publication that has maintained relevance in the last 2500 years, is Sun Tzu’s The Art of War. I read this book only after I finished my military career, while I was studying for my degree in Counter-Terrorism, and only then could I relate back to my military service and understand why I was trained that way. Sun Tzu only talks about training once in the thirteen chapters but it is a chapter worth reading, “Victory goes to the army who has better trained officers and men [and women]”.
Topics: cyber range
Much has been written about the benefits of an MSSP, especially if you are a big organization. It allows for a consistent, centralized, and transparent view into your organization’s security platform. But, how do you decide if an “in-house” security management program is effective enough? What is the cost-benefit analysis when deciding to budget expenses for in-house versus out-sourcing?
The nuclear industry is struggling to meet compliance deadlines and find dedicated, knowledgeable resources who can be embedded into the existing workforce and function as a cohesive team. A typical nuclear plant contains thousands of Critical Digital Assets (CDAs) that need identified attributes collected and assessments conducted. With many plants identifying over 80 required attributes for each of thousands of devices, these projects can quickly become overwhelming.