Access "Third-party risk management: Horror stories? You are not alone"
This article is part of the July/August 2013 / Volume 15 / No. 6 issue of Unlock new pathways to network security architecture
Cyberattacks leap from the headlines almost daily, yet senior management at some companies still believe their organizations are not potential targets: “Nobody knows who we are, why would anyone want to attack us?” One consistent breach finding may get their attention: Almost without exception, a third-party vendor or affiliate is involved. It may be the client, or it may be the origination point of the breach. The third party is often a quasi-insider, enjoying some degree of the trust afforded employees. Based on a relationship’s longevity and personal interactions, third-party trust levels sometimes meet or exceed the level of insider trust. Unfortunately, the conveyance of trust does not always end well. This is why third-party management and service-level agreements (SLA) are so critical in the management of risk. SLAs are negotiable instruments that reflect the company’s appetite or tolerance for risk; its size and complexity, geographic distribution, type of information managed, as well as the ability to effectively monitor the third-party management ... Access >>>
Premium Content for Free.
Beyond the Page: Network security architectures
by SearchSecurity.com Staff
In this special report, Dave Shackleford explores advanced network security architectures that help segment and isolate traffic with in your data center.
Third-party risk management: Horror stories? You are not alone
by MacDonnell Ulsch, Contributor
The majority of breaches occur as the result of third parties. MacDonnell Ulsch advises companies to safeguard third-party management agreements.
- Beyond the Page: Network security architectures by SearchSecurity.com Staff
Unlock new pathways to network security architecture
by Dave Shackleford
Cover story: Want to shed appliances? Consolidation and new platforms hold promise for security teams.
Enterprise mobile security by the numbers
by Kathleen Richards, Features Editor
Almost 60% of respondents in our 2013 Enterprise Mobile Security Survey believe mobile devices present more risk now than in Q2 2012. What’s changed?
- Unlock new pathways to network security architecture by Dave Shackleford
New data on enterprise mobile security
by Kathleen Richards, Features Editor
We polled readers in our annual Enterprise Mobile Security Survey and the 2013 results are in.
Ten years later: The legacy of SB 1386 compliance on data privacy laws
by Randy Sabett, Contributor
A decade after becoming law, the ripple effects of California's SB 1386 have surfaced in a new breed of proactive, granular state data privacy laws.
Is big data education a big failure?
by Doug Jacobson and Julie A. Rursch
Big data presents big challenges for computer science programs from classification to cloud security. Are industry partnerships the answer?
- New data on enterprise mobile security by Kathleen Richards, Features Editor
More Premium Content Accessible For Free
Unified threat management aspires to the enterprise class
Unified threat management (UTM) long focused on small and medium-sized businesses, but now it's climbing the ladder and attempting to become ...
Threat intelligence and risk: Why cybersecurity hangs in the balance
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
How to respond to the latest distributed denial-of-service attacks
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...