The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor selection […]
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
An old fashioned tale of reporting lines impacting effective communication, missing due diligence, disgruntled insiders, social engineering, technical risk blinkers, political incident response and risk owners not being armed with the information they need.
Breaking News Tuesday 6th October: The European Court of Justice Strikes Down The Safe Harbor Agreement The decision as reported by Politico telling us there will be an official announcement at 3pm. Quoting […]
…a potential provider that brags about how comprehensive their due diligence is doesn’t “get it”— it’s about ranking risks and targeting resources where they are needed.
Ponemon Institute and SafeNet Research Reveals that IT is Losing the Battle on Security in the Cloud
Oct. 29, 2014 A majority of IT organizations are kept in the dark when it comes to protecting corporate data in the cloud, putting confidential and sensitive information at risk. This is just […]
Maslow expected us to satisfy basic needs before moving on to more complex ones. Why then is “sexiness” overcoming need when planning security spend?