The Cyber Radar

On April 20, 2026, the Everest ransomware group published two major US banks on its leak site. Both confirmed: the breach didn't come from their internal network but from a common third-party vendor. A chain of a few minutes, a single compromised vendor, two financial institutions exposed. TPRM — Third Party Risk Management — is no longer a compliance topic. It has become a business continuity topic. And yet, most TPRM programs in 2026 still rely on a static annual questionna