Bank consortium founds company to vet third-party vendors


Whenever a company announces a data breach has taken place hearing that an error by a third-party vendor was behind the disaster is a very common occurrence.

With that in mind JP Morgan Chase, Bank of America, Wells Fargo, and American Express have banded together and created a company called TruSight. This new firm's expressed mission is to provide a consistent assessment of potential third-party vendors for a company before one is hired. This will be done designing and using a common questionnaire with all vendors and include online and on-site reviews to ensure that what the potential vendor said is true.

Any such investigation would ensure that the vendor is using approved cybersecurity practices.

“TruSight will establish a consistent approach to managing third-party risks associated with cyber threats and leverage best practices that will improve the industry as a whole,” said Craig Froelich, Bank of America's Chief Information Security Officer, said in a statement.

Trusight will begin operations during the first quarter of 2018, the company said.

To say that third-party oversight is needed when it comes to cybersecurity would be a major understatement. In the last several months errors by third-party vendor errors have been blamed for numerous breaches, including Forever 21 POS breach, Maine IT office, several healthcare facilities and the takeover of Dell's domain.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.