// POSTS TAGGED "vendor-risk"
Vendor Risk.
All posts tagged vendor-risk.
← back to all posts
Your Vendors Are Your Biggest Security Risk. Here's What to Do About It.
Most community banks can answer every question about their own security posture. But ask about their vendors, and you get silence. Here's how to fix that.
Concentration Risk Wasn't Just About Loans
Community banks have managed concentration risk for a century. Then we handed every customer record to a handful of SaaS aggregators. ShinyHunters is teaching us what that actually costs.
Your Vendor Questionnaire Doesn't Ask the Right OAuth Questions
Regulators have been citing 4th party risk for years. OAuth token chains are how it actually executes, and most vendor programs aren't built to catch it. Here's what to ask.
The AI Questionnaire Your Vendors Aren't Ready For
Your vendors' employees are using AI tools. That means your data is flowing to model providers you've never assessed. Here are the questions to start asking.
Your AI Agent Has a Supply Chain. Did You Audit It?
One in four MCP servers expose AI agents to remote code execution. Most teams deploying agents do not know what an MCP server is. That is a supply chain problem disguised as an AI launch.
How to Respond When Your Customer Sends You a Security Questionnaire
Your biggest deal just sent a 200-question security assessment. Here's your step-by-step playbook for responding without losing the deal or your mind.