May 7, 2020 | Case Study, Information Security, Podcast, Vendor Assessments, Vulnerability Scanning
Podcast: Play in new window | DownloadSubscribe: Apple Podcasts | Google Podcasts | Spotify | Stitcher | Email | TuneIn | RSS | MoreWe live in a world where everything is connected to the internet, even fish tanks, and as we learn in today’s episode, that...
Apr 7, 2020 | Cybersecurity, Incident Response, Information Security, Podcast, Professional Services, Risk Management, Uncategorized, Vendor Assessments
Podcast: Play in new window | DownloadSubscribe: Apple Podcasts | Google Podcasts | Spotify | Stitcher | Email | TuneIn | RSS | MoreThis week we explore security orchestration, automation and response (SOAR) and how managed security service providers (MSSP) can...
Feb 5, 2020 | Information Security, Risk Management, Vendor Assessments
Unless you’re living in a cave, you’ve provided data to a corporation, and a hacker has probably stolen it. Personal data today is one of the most valuable assets on the planet, which leads organizations to spend enormous resources to collect data. However, those same...
Feb 15, 2019 | Information Security, Risk Management, Vendor Assessments
How Vendor (3rd Party) Security Assessments can help you build a better security program By: Justin Fimlaid Are you thinking about Vendor (3rd Party) Security Assessments? Aspirations to build onto your Vendor Security Assessment program? Why wouldn’t you...
Oct 25, 2018 | Risk Management, Vendor Assessments
By: Paul Dusini We’ve all heard about data breach horror stories like Target’s staggering leak of 40 million customer credit and debit card accounts or Home Depot’s stolen 56 million payment card accounts. Considering the significant damage to a brand’s reputation and...
Oct 16, 2018 | Compliance, Information Security, New York Cyber 23 NYCRR 500, Risk Management, Vendor Assessments
By Paul Dusini, Information Assurance Manager In a recent blog Less is More: Focusing Your Third-Party Vendor Risk Assessments on the Basics, we provided guidance for developing the list of questions to use when assessing the security posture of your third-party...
Sep 19, 2018 | Vendor Assessments
By: Paul Dusini, Information Assurance Manager CISOs, CIOs, and Risk Managers often understand the importance of vendor information security assessments but don’t know where to begin. I manage a team of analysts who perform vendor assessments, and we have experience...
Aug 29, 2018 | Risk Management, Vendor Assessments
SOC reports and Vendor Management By: Brianna Blanchard, Information Assurance Analyst Statement on Standards for Attestation Engagements (SSAE) audits are conducted by third party auditors and are used to document and evaluate internal controls. The SOC reports...
Jul 26, 2018 | Vendor Assessments
By: Paul Dusini, Information Assurance Manager There are a growing number of vendor risk assessment services on the market today. These services can be divided into two categories – ones that assess risks outside of the vendor’s firewall and those that assess risks...
Mar 27, 2018 | Risk Management, Vendor Assessments
Third party security assessments are a crucial part of any information security risk management program. Conducting ongoing security assessments of your vendors will give you clarity on the risks you may be inheriting from them. The first step in any vendor security...