Ascending Everest - Managing Third Party Risk in the Modern Enterprise
Offered By: YouTube
Course Description
Overview
Explore the complexities of managing third-party risk in modern enterprises through an analogy to ascending Mount Everest in this conference talk from Central Ohio Infosec 2015. Delve into the background of IT security challenges, examining how unmanaged risk can lead to obvious and organization-specific impacts. Learn about common risk areas in third-party relationships and traditional management methods. Discover why resolving these issues can seem overwhelming but is ultimately achievable. Examine tiering criteria for IT security and explore tools like Shared Assessments, NetSkope, and BitSight. Gain insights into the role of third parties in incident response and review a simplified roadmap for addressing these challenges in your organization.
Syllabus
Intro
BACKGROUND
THE MOUNT EVEREST CONNECTION
RISK LIES IN THE UNMANAGED
STATE OF IT SECURITY TODAY
THE EFFECTS ARE OBVIOUS
IMPACT DIFFERS BY ORGANIZATION
TABLE STAKES: COMMON AREAS OF RISK IN THIRD-PARTY RELATIONSHIPS
TRADITIONAL THIRD-PARTY RISK MANAGEMENT METHODS
TOO BIG TO RESOLVE?
DIFFICULT, BUT NOT IMPOSSIBLE
TIERING CRITERIA (IT SECURITY)
SHARED ASSESSMENTS
NETSKOPE
BITSIGHT
THERE'S MORE TO THIS STORY...
THIRD-PARTIES & INCIDENT RESPONSE
AN (OVER)SIMPLIFIED ROADMAP
Related Courses
Cybersecurity for ExecutivesLinkedIn Learning HCISPP
Cybrary CRISC Cert Prep: 3 Risk Response and Reporting
LinkedIn Learning Supply Chain Cybersecurity: Preventing Supply Chain Attacks
LinkedIn Learning So You’re the First Security Hire - Creating a Security Program and Integrating Security into Your Company’s Culture
Security BSides San Francisco via YouTube