Related Posts
Subscribe via Email
Subscribe to our blog to get insights sent directly to your inbox.
Are you thinking about Vendor (3rd Party) Security Assessments? Aspirations to build onto your Vendor Security Assessment program? Why wouldn't you -- you go through all the effort to secure your own business or corporation only to send you data to a trusted third party to have them lose your data for you. Or better yet, your Vendor gets breached and they become a pivot point which bad-guys can hop onto your network -- case in point, the famous Target breach.
Vendor Security Assessments are usually an area for improvement for most security shops. However those same security shops barely have enough security bodies to put out internal fires never mind assessing the security posture of Vendors. Because of this I often see Vendor Security Assessments passed over by Security teams or they only conduct a "kick the tires" type of assessment.
Vendor (3rd Party) Security Assessments are very important and more importantly they help you build a better enterprise security program. Here's how they help you build a better Security Program:
Vendor Security Assessments are hard to do well. Let's face it -- in most cases your Security needs to get out in front of fast moving business peers who have their own business goals and don't want to slow down or wait for a Security Assessment of the Vendor and any remediation time. For small Security teams in large organizations, this is a kin to chasing a bear with a bb gun. At the end of the day, the most important thing is that you look at the Security of your vendors and partners--they can lose your data, violate your privacy policy, and violate your compliance standing. To do this right means you're driving awareness within your organization to self-select the correct security behaviors and developing your internal staff so they can do the other parts of their job better.
If you need help with Vendor Assessments NuHarbor Security has solutions to help! https://nuharborsecurity.com/vendor-assessments
Justin (he/him) is the founder and CEO of NuHarbor Security, where he continues to advance modern integrated cybersecurity services. He has over 20 years of cybersecurity experience, much of it earned while leading security efforts for multinational corporations, most recently serving as global CISO at Keurig Green Mountain Coffee. Justin serves multiple local organizations in the public interest, including his board membership at Champlain College.
Subscribe to our blog to get insights sent directly to your inbox.