Premium Content

Access "Vendor risk management and the CISO"

Eric Holmquist Published: 13 Oct 2012
Handle with care: Calculating and managing risk is tricky business

This article is part of the February 2011 issue of Handle with care: Calculating and managing risk is tricky business

Every business today depends to some extent on third parties -- it's a reality that's becoming even more pronounced as companies move to more cloud-based services. And in order to effectively provide a product or service, a certain percentage of those third parties will require access to confidential corporate and/or customer information. Obviously, it is incumbent on management to ensure that not only is the third party capable, but also in the course of its operations can ensure that the data entrusted to it remains secure. Traditional vendor management programs have tended to focus to a large degree on "ability to deliver" with data security being an almost secondary consideration. What managers often fail to fully appreciate, especially for large or very visible companies, is that while a third party's failure to deliver would in all likelihood be operationally disruptive, a massive data breach could be devastating. The challenge for companies is how to ensure protection when they often have little ability to monitor day-to-day operations, evaluate the ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Already a member? Login to access this content.

What's Inside

Features

More Premium Content Accessible For Free

Back to top