Looking at the ongoing risks on any company today, no matter how much time and money you'll invest in cyber security as CISO or any security practitioner, You always arrive to same conclusion, it's not enough to achieve high standard of security, you have to do it 24/7 according to the changing cyber threats. In the talk we'll show the different aspects of Cyber Security in the modern world, talking about Cloud and other external services that any size of a company uses nowadays. We'll show from experience that the best and most fit approach is to achieve ongoing monitoring on your security posture. For the "why"? because the only thing that is 100% sure, that the attack surface of every company is changing constantly, So we should keep on validating our security posture accordingly. Your third-party security program could also probably use an upgrade. But it’s tough to scale, streamline and improve what is an already complicated process. Or is it?
In this guide, we provide the guidance you need to make your organization’s third-party security program effective and scalable. In particular, we cover how to:
Implement compensating internal controls when your suppliers don't have or won't reveal their own Collaborate with suppliers to ensure success in the remediation process Create KPIs to help manage, improve the process and demonstrate achievements
Lessons learned promised and a glimpse of the Hackers view, because it's always interesting to see how you look from the outside.