Why a Telephone Might Be the Best Tool to Stem Third Party Cyber Risk

FutureCon Dallas
Share this post

Compliance checklists and attestations only go so far in mitigating cyber risk. They demonstrate a partner’s commitment to cybersecurity awareness however they only capture a snapshot in time. A vendor, contractor or supplier is just one connected device or phishing email away from a security incident. That vulnerability puts your partners, and therefore you, at risk. Therefore organizations that rely on contracts and agreements to prevent a data breach do so at their own peril. A more hands-on approach is needed. Consider for example a more customer focused mindset in your vendor relations. All too often, vendor communication only occurs at contract renewal time. By contrast, businesses that build strong relationships with their partners make fewer assumptions about cybersecurity preparedness. For starters, conduct quarterly check-ins and discuss current or emerging threats and vulnerabilities. Consider monthly check-ins for larger, more critical vendors. A phone conversation lets organizations address nuances in risk that legal documents cannot. Ultimately, businesses mitigate third party risk when they look beyond checklists to better understand their partners’ security capabilities.

I recently moderated a CISO panel in Dallas and asked panelists about their perspectives on several cybersecurity issues and trends. In this video, two panelists discuss the challenges behind managing and mitigating third party risk.

CISO Perspectives is a complimentary resource for cybersecurity professionals featuring insightful viewpoints, best practices, and sage career advice from a cross section of CISOs. These videos and blogs are proudly offered by Accellion, the leader in secure email and secure file sharing for mitigating third party cyber risk.


Share this post

Keep Reading about CISO Perspectives

Futurecon - Dallas

CISOs Enable Business Growth With This Strategy

by Laureen Smith
Share this postCan you blame the CISO who wants to quash any tool, system, or process that invites risk into the organization? CISOs face embarrassing data breaches and unceremonious terminations when employees connect unauthorized devices...
Alan Levine, CISO for Alcoa (retired)

Want to Be a CISO? Know This First.

by Joel York
Share this postFrom the outside looking in, the CISO career appears pretty glamorous: lots of responsibility, lots of influence, and lots of technology. The reality unfortunately is quite different. Sure, there’s lots of responsibility, however,...