The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor selection criteria […]
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
Far too many do far too little to assess and govern 3rd party security…it’s time for that to change.
An old fashioned tale of reporting lines impacting effective communication, missing due diligence, disgruntled insiders, social engineering, technical risk blinkers, political incident response and risk owners not being armed with the information they need.
The cyber headline says ‘JUMP’, do you say ‘How high?’ Here we suggest turning red-teaming on it’s head to raise awareness of the defence status quo and build confidence in the response to new nasties.
She-ra. Space hosting. Status Quo. The Usual Suspects. TEA and Taylor Swift…what I said and didn’t have time to say at BSides London