There’s No Tech Like Old Tech

CISO Panels

Compliance checklists and attestations only go so far in mitigating cyber risk. They demonstrate a partner’s commitment to cybersecurity awareness however they only capture a snapshot in time. A vendor, contractor or supplier is just one connected device or phishing email away from a security incident. That vulnerability puts your partners, and ultimately you, at risk. Therefore organizations that rely on contracts and agreements to prevent a data breach do so at their own peril. A more hands-on approach is needed. Consider for example a more customer focused mindset in your vendor relations. All too often, vendor communication only occurs at contract renewal time. By contrast, businesses that build strong relationships with their partners make fewer assumptions about cybersecurity preparedness. For starters, conduct quarterly check-ins and discuss current or emerging threats and vulnerabilities. Consider monthly check-ins for larger, more critical vendors. A phone conversation lets organizations address nuances in risk that legal documents cannot. Ultimately, businesses mitigate third party risk when they look beyond checklists to better understand their partners’ security capabilities.

CISO Street recently moderated a CISO panel in Dallas and asked panelists about their perspectives on several cybersecurity issues and trends. In this video, Chris Gathright, CTO at Sentinel IPS, and Eric Ballantyne, Chief Risk Officer and CISO at General Datatech, discuss the challenges behind managing and mitigating third party risk.

RELATED POSTS

Measuring a Cyber Awareness Culture

Measuring a Cyber Awareness Culture

Until recently, cyber awareness metrics have been treated by many as a tick-box exercise driven by regulations. The regulator requires x number of hours of cyber awareness training per employee per year, and once that is done, the organisation ticks a box and waits...

Good Enough Isn’t Good Enough Anymore

Good Enough Isn’t Good Enough Anymore

The cyber risks we face today are more than we faced previously but also fundamentally different in several respects. Our adversaries are more adept and their tools and tactics more protean in capability.  In light of these increasing challenges, our cyber defenses...

Stagehand: Episode 3

Stagehand: Episode 3

Cyprus ~ 2006 Ali Hassan was a low-level operative in Hezbollah, but we had it on solid authority that he knew where three high-level leaders of the terrorist organization were hiding. Keith arrived fifty-seven hours into Hassan’s interrogation and by the looks of it,...

Cyber Trends and Predictions for 2021
Share This