Multi-sourcing gives an organization access to the innovations offered by different best-of-breed providers, or the value of 'as-a-service' solutions, within a tightly connected and integrated IT model.
However, organizations must understand that their IT service providers can introduce risks into their carefully...
The old demarcation lines of cybersecurity responsibility have been erased. In this new landscape, risk surface is the unforeseen undercurrent of high velocity digital business.
"Risk Surface Management" is a revolutionary shift in third-party risk management. It's an approach to self-reporting on third-party risk...
One important outcome of digital transformation is an explosion of interconnectivity between organizations and the wide availability of third-party capabilities.
But this transformation is not completely without cost. Third parties (and even fourth parties) can become dependencies for critical business functions....
"How secure is your supply chain?" It's a question that can strike terror into the heart of a CISO - even one who's in charge of a mature security organization.
Download this guide on assessing third-party risk and learn how to:
Be realistic about who chooses who you do business with;
Create a questionnaire and...
More than ever before, companies are investing heavily in their organization's security. But as the threat landscape changes, how do you know that these investments in security are paying off - and how can you determine that you are investing the appropriate amount of security spending in the areas that matter most to...
As of March 1, 2019, the two-year transition comes to an end, and covered entities are required to be in compliance with the New York Department of Financial Services Cybersecurity Regulation Section 500.11, the Third Party Service Provider Security Policy. What are the key requirements of this section, and how might...
Breaches and other cyber incidents involving business associates and other vendors can have a devastating impact. What can healthcare sector entities do to reduce and better manage those risks? Our panel of CISOs and other experts will explore:
The growing risks posed by vendors
Challenges involving cloud vendors...
The apps financial services organizations depend on to fuel productivity, innovation and success are truly unique. But how is the industry evolving to adopt new technology that can offer the reliability, security and compliance it requires?
Download Okta's annual Businesses @ Work report which provides an in-depth...
We all know that May 25 was the enforcement deadline for Europe's General Data Protection Regulation. But what impact will General Data Protection Regulation have on cybersecurity programs?
GDPR, or the "Y2K" of our era, is part of a larger conversation that's been catalyzed by a lot of the recent news around...
Financial institutions have long been aware of the need to manage
risk in third- and fourth-party vendors, and most have a formal
program for managing that risk. Yet an existing third party risk
management (3PRM) program may not address today's increased
levels of outsourcing and new global regulatory...
The Playbook is the definitive study of third-party security risk management practices. Based on in-depth interviews of security executives from 30 domestic and global firms, it reveals the real world capabilities and practices employed to manage third-party security risk.
Learn what real firms are doing to solve...
Vendors play a critical role in supporting key business functions. As a result, companies need to take responsibility for managing their security and risk with the partners they choose, but current methods for managing that risk are inefficient.
A March 2018 study conducted by Forrester Consulting on behalf of...
With the advent of technology in personal healthcare - internet connected glucose monitors, intravenous blood pressure monitoring, personal best friend emotional bots - a lot of highly sensitive data that's rampantly traversing the airwaves. The impact of this data getting in the wrong hands is just starting to be...
Most organizations today have a complex and huge supplier/partner ecosystem. Many different vendors supply many different products and services. And yet most enterprise third-party security programs still rely on manual, point-in-time, largely subjective assessments to evaluate and manage the security risk of their...
The role of the CISO is growing in importance, as is the need to have an enterprise-wide IT security strategy that supports the company's mission and goals.
Download this research report and learn why:
The CISO role is becoming more critical in managing enterprise risk;
CISOs must articulate IT security...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing securityintelligence.inforisktoday.com, you agree to our use of cookies.
