Prevalent’s Legal Vendor Network Sets the Standard for Third Party Risk Management

As focus continues to grow on the risks associated with third party vendors, law firms must include a robust, scalable third party management program into their firm’s risk assessment culture if they are going to keep their client’s happy and data breaches at bay.
By:
Brenda Ferraro
,
Vice President of Third-Party Risk
August 13, 2018
Share:
Screen Shot 2018 08 10 At 3 37 02 Pm

As focus continues to grow on the risks associated with third party vendors, law firms must include a robust, scalable third party management program into their firm’s risk assessment culture if they are going to keep their client’s happy and data breaches at bay. Due to the highly sensitive data in their care, it’s imperative for these legal entities to maintain the highest levels of protection possible. To achieve this, law firms are increasingly employing innovative technology to manage this risk and function more efficiently…and they are looking at Prevalent to help them. Prevalent is the only company that combines third party threat intelligence monitoring, assessment collection, and a shared repository of validated vendor questionnaires with supporting documents across several industry focused networks, including the legal community. One of the top law firms in the world, Paul, Weiss, understands this. In a recent CEO magazine piece, Chairman Brad Karp states, “Technology is changing every industry at warp speed and the legal industry is certainly not immune from these forces. By sharpening our strategic focus and embracing innovation, we can become the best.”

In fact, Paul, Weiss, along with Prevalent, pioneered the Legal Vendor Network (LVN). It’s the first of its kind, made up of more than 50 top legal firms with access to thousands of completed assessments in a shared repository and hundreds of thousands of vendor threat monitor reports to focus on potential risk and mitigation. Prevalent and members of the LVN community agreed on a risk-based approach to scope vendor assessments using a unified platform to obtain threat intelligence and manage risk, using an industry agnostic, securely stored standardized questionnaire for sharing. This drives efficiency and places the top priority on reducing risk.

“Paul Weiss along with other top Law Firms, working together with Prevalent, have built the Legal Vendor Network (LVN) in leading the charge for third party risk management. The collaboration has built the standards to successfully address the evolving regulatory and cyber security environment for the betterment of the law firm community.” Andreas M. Antoniou, Chief Information Officer (CIO), Paul, Weiss, Rifkind, Wharton & Garrison LLP.

The Prevalent LVN is governed by a C-Suite level Steering Committee to strategically and cost effectively share information and a Practitioner level User Group to collaborate on best practices to remove technology barriers.

To learn more, visit Legal Vendor Network.

Brenda Ferraro is a Senior Director at Prevalent, Inc. She is a sought after Third Party Risk Practitioner that has received recognition from Regulators, Information Security and Analysis Centers (ISACs) and Standardized Third Party Framework organizations. She brings surmounted attention to Third Party Risk by providing her metrics, reporting, and process mastery experience to lead corporations to a single solution ecosystem that breaks through the complexities of Third Party Risk Governance.

Tags:
Share:
Leadership brenda ferraro 2
Brenda Ferraro
Vice President of Third-Party Risk

Brenda Ferraro brings several years of first-hand experience addressing the third-party risks associated with corporate vendors, services and data handling companies. In her quest to economize third-party risk, she organized a myriad of stakeholders and devised an approach to manage risk, receiving recognition from regulators and a multitude of Information Security and Analysis Centers (ISACs). In her role with Prevalent, Brenda works with corporations to build single-solution ecosystems that remove the complexities of Third-Party Risk Management by way of a common, simple and affordable platform, framework and governance methodology. Prior to joining Prevalent, Brenda led organizations through control standardization, incident response, process improvements, data-based reporting, and governance at companies including Aetna, Coventry, Arrowhead Healthcare Centers, PayPal/eBay, Charles Schwab, and Edwards Air Force Base. She holds certifications in vBSIMM, CTPRP, ITIL and CPM.

  • Ready for a demo?
  • Schedule a free personalized solution demonstration to see if Prevalent is a fit for you.
  • Request a Demo