Premium Content

Access "Third-party risk management: Horror stories? You are not alone"

MacDonnell Ulsch, Contributor Published: 18 Jul 2013

Cyberattacks leap from the headlines almost daily, yet senior management at some companies still believe their organizations are not potential targets: “Nobody knows who we are, why would anyone want to attack us?” One consistent breach finding may get their attention: Almost without exception, a third-party vendor or affiliate is involved. It may be the client, or it may be the origination point of the breach. The third party is often a quasi-insider, enjoying some degree of the trust afforded employees. Based on a relationship’s longevity and personal interactions, third-party trust levels sometimes meet or exceed the level of insider trust. Unfortunately, the conveyance of trust does not always end well. This is why third-party management and service-level agreements (SLA) are so critical in the management of risk. SLAs are negotiable instruments that reflect the company’s appetite or tolerance for risk; its size and complexity, geographic distribution, type of information managed, as well as the ability to effectively monitor the third-party management ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Next-generation firewalls play by new rules
    ism_cover_0913.png
    E-Zine

    Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...

  • Developing your endpoint security management transition plan
    endpoint_security_management_cover_0913.png
    E-Handbook

    This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...

  • Emerging threat detection techniques and products
    threat_detection_technologies_cover.png
    E-Handbook

    Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...