0      0

ENG2356 - Navigating Your Third Party Technology and Cybersecurity Risk (TCH, PRAC, FIN)

‐ Jun 8, 2023 2:45pm

Our worlds and our businesses are becoming more and more interconnected. Name a company, non-profit, government entity or agency that is able to keep all of their data on internally created applications; that can run without third-party technology. Of course, with each new application and third-party, our cybersecurity risk increases. There are various tools and techniques available to help us navigate our third-party risk. "Silver Bullets" don't work on these were-risks. Putting in the effort to acknowledge, comprehend, and document the third-party risk will allow you to communicate that risk appropriately to those charged with governance so they can decide to accept, mitigate, transfer or avoid the risk.

Learning Objectives:

  • Understand how to properly evaluate a SOC 2 report (or a framework compliance certificate) from your vendor
  • Understand how to integrate 3rd party risk into the organization Risk Assessment using a Cyber Risk Assessment
  • Understand how 3rd party technology impacts your cybersecurity risk
  • Understand the how a data inventory (or lack thereof) can impact your cybersecurity risk
  • Understand the importance of culture on 3rd party technology risk management





Concurrent Session Onsite and Online

You must be logged in and own this session in order to post comments.