Access "Third-party risk management: Horror stories? You are not alone"
This article is part of the July/August 2013 / Volume 15 / No. 6 issue of Unlock new pathways to network security architecture
Cyberattacks leap from the headlines almost daily, yet senior management at some companies still believe their organizations are not potential targets: “Nobody knows who we are, why would anyone want to attack us?” One consistent breach finding may get their attention: Almost without exception, a third-party vendor or affiliate is involved. It may be the client, or it may be the origination point of the breach. The third party is often a quasi-insider, enjoying some degree of the trust afforded employees. Based on a relationship’s longevity and personal interactions, third-party trust levels sometimes meet or exceed the level of insider trust. Unfortunately, the conveyance of trust does not always end well. This is why third-party management and service-level agreements (SLA) are so critical in the management of risk. SLAs are negotiable instruments that reflect the company’s appetite or tolerance for risk; its size and complexity, geographic distribution, type of information managed, as well as the ability to effectively monitor the third-party management ... Access >>>
Premium Content for Free.
Beyond the Page, July/Aug. 2013: Network security architectures
by SearchSecurity.com Staff
In this special report, Dave Shackleford explores advanced network security architectures that help segment and isolate traffic with in your data center.
Third-party risk management: Horror stories? You are not alone
by MacDonnell Ulsch, Contributor
The majority of breaches occur as the result of third parties. MacDonnell Ulsch advises companies to safeguard third-party management agreements.
- Beyond the Page, July/Aug. 2013: Network security architectures by SearchSecurity.com Staff
Unlock new pathways to network security architecture
by Dave Shackleford
Cover story: Want to shed appliances? Consolidation and new platforms hold promise for security teams.
Enterprise mobile security by the numbers
by Kathleen Richards, Features Editor
Almost 60% of respondents in our 2013 Enterprise Mobile Security Survey believe mobile devices present more risk now than in Q2 2012. What’s changed?
- Unlock new pathways to network security architecture by Dave Shackleford
New data on enterprise mobile security
by Kathleen Richards, Features Editor
We polled readers in our annual Enterprise Mobile Security Survey and the 2013 results are in.
Ten years later: The legacy of SB 1386 compliance on data privacy laws
by Randy Sabett, Contributor
A decade after becoming law, the ripple effects of California's SB 1386 have surfaced in a new breed of proactive, granular state data privacy laws.
Is big data education a big failure?
by Doug Jacobson and Julie A. Rursch
Big data presents big challenges for computer science programs from classification to cloud security. Are industry partnerships the answer?
- New data on enterprise mobile security by Kathleen Richards, Features Editor
More Premium Content Accessible For Free
Next-generation authentication technologies emerge to restore balance
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization security dynamics get old, changes ahead
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Insider edition: Layering mobile security for greater control
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...