Whenever a company announces a data breach has taken place hearing that an error by a third-party vendor was behind the disaster is a very common occurrence.
With that in mind JP Morgan Chase, Bank of America, Wells Fargo, and American Express have banded together and created a company called TruSight. This new firm's expressed mission is to provide a consistent assessment of potential third-party vendors for a company before one is hired. This will be done designing and using a common questionnaire with all vendors and include online and on-site reviews to ensure that what the potential vendor said is true.
Any such investigation would ensure that the vendor is using approved cybersecurity practices.
“TruSight will establish a consistent approach to managing third-party risks associated with cyber threats and leverage best practices that will improve the industry as a whole,” said Craig Froelich, Bank of America's Chief Information Security Officer, said in a statement.
Trusight will begin operations during the first quarter of 2018, the company said.
To say that third-party oversight is needed when it comes to cybersecurity would be a major understatement. In the last several months errors by third-party vendor errors have been blamed for numerous breaches, including Forever 21 POS breach, Maine IT office, several healthcare facilities and the takeover of Dell's domain.