If your third-party risk program does not account for leaks and exposures of your confidential business data, you are giving yourself a false sense of security.
The majority of today’s third party and vendor risk programs are wholly focused on assessing and reporting on the risk posture of third parties. Early solutions for managing third party risk centered their offerings around security ratings produced from the attribution and assessment of an organization’s publicly visible domains and externally facing security settings.
Security ratings have proved extremely helpful for many previously unmet business needs such as internal risk reporting for management & board leadership, security reputation management, and decision making around supplier relationships. For the last few years it’s been easy enough for security teams to believe their risk programs are effective solely using security ratings. However, several high-profile data leaks have made it clear that current risk programs are failing to identify the actual manifestations of risk to an organization -- especially those caused by third parties. How can you ensure that external signifiers of risk that normally indicate sound security practices actually lead to consistently secure outcomes?
If your information risk program is not able to identify when and where data leaks are happening in your information supply chain, then every other precautions and assessments you make will result in lost efforts. And if only one of your vendors leaks sensitive data such as a password or customer data, your organization may be opened up to the consequences of compromised data that may take months to repair. How will you confirm your information is secure?
In this webinar, Director of Cyber Risk Research Chris Vickery will review how data leaks occur in the modern enterprise through supply chain risk. Chris will look into how companies currently think about an effective third party risk program and how this accepted view perpetuates oversight of critical data leaks. Finally, Chris will offer solutions for third party risk managers to detect, resolve, and prevent supply chain data leaks.
In this webinar viewers will learn: