23      0

1778573 - How to Effectively Communicate to the Board about Third Party Risk

‐ Oct 18, 2021 4:15pm

Cybersecurity risk posture only considers the capability of bad guys to penetrate network defenses, but risks resulting from doing business with third-party vendors who have unvetted access to company data pose just as great a risk. Communicating this to a board of directors may pose the biggest challenge of all to cybersecurity leaders. Whether your company outsources software developers not properly trained in security or uses a payment processing vendor whose cyber defenses are not as stringent as their customers', you are exposing your data to exploitable vulnerabilities. This session will detail the third-party risk issues that are fundamental to a mature cyber risk program and offer a process you can take to effectively communicate this to your board.

Learning Objectives:

  • Discover how to evaluate a third party's security posture and perform a gap analysis to uncover any cyber gaps.
  • Explore tactics for explaining third-party risk type of risk to company board members.
  • Learn how to monitor vendors throughout the business relationship to identify any new cyber gaps and provide updates to the board.