Third-Party Service Provider Diligence - Why Are We Doing It All Wrong?
Offered By: YouTube
Course Description
Overview
Explore a critical analysis of third-party service provider diligence practices in this 22-minute conference talk from BSidesLV 2014. Delve into the shortcomings of current approaches, examining published diligence, review processes, and scoping issues. Learn about the pitfalls of checkbox mentality and ineffective questioning techniques. Discover the importance of frequency, quantification, and psychometric considerations in assessments. Gain insights from a questionnaire case study and receive practical takeaways to improve your diligence processes. Challenge yourself to seek maturity in your approach and implement more effective third-party risk management strategies.
Syllabus
Introduction
What is published diligence
Review and testing
Scoping
Check boxes
Questions
Frequency
Quantify
Psychometer
Tools are good
Questionnaire case study
Takeaways
Ask yourself
Seek maturity
Outro
Related Courses
Cybersecurity for ExecutivesLinkedIn Learning HCISPP
Cybrary CRISC Cert Prep: 3 Risk Response and Reporting
LinkedIn Learning Supply Chain Cybersecurity: Preventing Supply Chain Attacks
LinkedIn Learning So You’re the First Security Hire - Creating a Security Program and Integrating Security into Your Company’s Culture
Security BSides San Francisco via YouTube