Dissecting the crossroads of third-party risk and internal cybersecurity practices

Current trends show it’s no longer enough to only address cybersecurity internally. Cybercriminals are rapidly advancing their tactics by targeting an organization’s third parties, vendors and suppliers – and it’s working. Therefore, an organization needs a cross-functional, comprehensive mitigation strategy. By evaluating cybersecurity risk internally and externally, you will gain complete visibility into your organization’s cybersecurity posture. This visibility is critical for effective program decision-making, reporting and certification.

Join ProcessUnity and the SANs Institute for a one-hour session where we explore third-party risk management trends and how to align cybersecurity practices both internally and externally.

Attendees will learn:

  • How to map your organizational components - controls, assets, and risks - to popular frameworks (NIST 800-53 and ISO 27002) and regulations (GDPR, CCPA, NYDFS, etc.).
  • How to eliminate control redundancy and duplication across regulations
  • How to use ratings, scores and indicators to influence your risk assessments for vendor onboarding and ongoing due diligence for increased visibility and transparency.
  • How to leverage program data and metrics for board-level reporting, program maturity and certification