The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor selection […]
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
My contribution to the reams written about the catastrophic OPM breach. Born out of weariness and the realisation that cybersecurity breach related news is sometimes repetitive for a reason…
Are you seriously going to ask your milkman the same security questions as your network hosting partner?
Of course not. But between those extremes, companies have a world of pain working out how much vendor and change assurance is enough…
….its the all new Trustwave Security Pressures Report. Last year 80% IT pros felt pressure to deliver insecure IT solutions. What’s changed?
…a potential provider that brags about how comprehensive their due diligence is doesn’t “get it”— it’s about ranking risks and targeting resources where they are needed.