Blog

Third-Party Risk Requires a New Role

Change and challenge were the watchwords of 2020, but one area that has not received the attention it merits, according to Joel Schwarz, director for MBL Technologies and a cybersecurity, privacy and data protection expert, is the growth of third-party risk. “Bottom line is that third-party providers today have become integral to many of our business processes,” he writes in ACC Docket. “But with that dependency, these third parties have increasingly introduced risk from both a cybersecurity and privacy perspective.” Among a number of good suggestions from Schwartz, one stands out: add a new C to the C-suite – someone ultimately responsible for overseeing all third-party relationships. He calls it a “Chief Third-Party Oversight Officer,” or C3POO. Sound kind of Star Warsish? Why not? “Ideally,” he writes, “this person would report to senior leadership, ensuring visibility and accountability from the top down.” Check out “4 Best Practices for Third-Party Threats” at ACC Docket.


More from the CCBJ Blog