
Teepee Blog
The Teepee blog shares insights and news on managing your vendor risk program.
How to Get Through A Backlog of Vendor Security Assessments
Vendor risk management / third party risk management is now a bedrock of most company’s information security program. As companies…
The SCF – A Valuable Resource To Help Determine Vendor Controls For Assessments
It’s the start of a new year and a great time to check what controls you look for from vendors…
Three Challenges For Vendor Risk Professionals
I recently watched the classic Japanese animation film ‘Spirited Away’. It was a magnificent movie, full of visual enchantment and…
Banks and Vendor Risk Management
For a long time, banks in the United States have had a more rigorous vendor risk management process due to…
A New Model For Vendor Risk Management
Teepee has developed a new model for vendor risk management. The prevailing model encourages companies to conduct a risk assessment…
Teepee Manages Your Vendor Risk Program
Teepee is a cybersecurity service that performs vendor risk assessments on behalf of customers. We created Teepee to take a…
Vendor Risk Management Has Arrived
I recently gave a presentation on the topic of vendor cyber risk management and one of the topics that I…
The Renewal Assessment Is What Gets You
Gloria Estefan has a song where she says “The rhythm is gonna get you”. In the world of vendor risk…
Shadow Buying And Vendor Assessments
One of the largest problems in vendor risk management is a company not conducting a security assessment of the vendor…
Vendor Risk In The Media – WSJ: The Industries Most Vulnerable to Cyberattacks—and Why
The Wall Street Journal (WSJ) posted an article with research they conducted entitled The Industries Most Vulnerable to Cyberattacks –…
Vendor Risk Management: The Rise Of The Marketplace App
I had a great conversation with a CISO of a small tech company that brought up a growing issue in…
Should I Assess The Product Or The Company? Using Salesforce As An Example
This is a question that I’ve heard 50+ times over the past few years from a variety of companies that…
Improving Your Vendor Risk Program: Should I Use The SIG Questionnaire?
I talk to a lot of people about their vendor risk program and since the process is so maddeningly difficult,…
In Vendor Risk Management, It’s Not About The So Called ‘Talent Gap’
The amount of security professionals that have been hired by Corporate America over the past 10 years has been truly…
The Saasification of Vendor Assessments
Why are companies drawn to SaaS vendors? I think the reasons for this are many but if I had to…
Medium Sized Businesses and Vendor Risk Management
In starting Teepee, one of the most common questions I get is: “What type of businesses will you be targeting?” …
The SEC and Vendor Risk Management
Vendor risk management is critically important for a number of reasons, and because of this, regulators in various industries have…
The Sales Team and Vendor Risk Assessments – Less Scary Than You Think
A Vendor Security Assessment can be a black box for sales teams but it doesn’t need to be. More or…
The Tale of Zoom Security Breaches, Vendor Risk and How They Converge In The Time Of Covid 19
Zoom Video Conferencing is THE technology company of the 2020 Covid 19 Pandemic. And its security and privacy weaknesses that…
Why Is Vendor Risk Management So Hard
As I’ve mentioned in my other blog posts, the entire model is broken. Currently, a team of one person or…
What Is Vendor Risk Management
Vendor Risk Management is, at first glance, explanatory by its name. What makes it difficult to understand is all the…
Why I Started Teepee For Vendor Risk Management
Two Words – Massive Pain. It has become clear that the information security industry has accepted vendor risk as a…