Come to our session at #PSR18 – Vendor Risk Management: Maintaining Relationships While Limiting Liability

Are you at IAPP - International Association of Privacy Professionals P.S.R.  #PSR18 in Austin? If so, please come to our Thursday 10:30 - 11:30 session on Vendor Risk Management: Maintaining Relationships While Limiting Liability in Lone Star Ballroom A, Level 3. It should be great as I get to be with great panelists Tami Dokken and Melissa Krasnow and we will have Mark Smith as our … Continue reading Come to our session at #PSR18 – Vendor Risk Management: Maintaining Relationships While Limiting Liability

Hacked F-35 Fighter Info from Australian Contractor Exemplifies Third-Party Risk in Cybersecurity

See: China hacked a Navy contractor and secured a trove of highly sensitive data on submarine warfare Third-party risk (or nth-party risk) is a hot topic in cybersecurity. While it can mean many things, at its core third-party risk describes a situation in which an organization that does a good job of protecting its own … Continue reading Hacked F-35 Fighter Info from Australian Contractor Exemplifies Third-Party Risk in Cybersecurity

Third-Party Risk in Cybersecurity Exemplified by North Korea’s Stealing of US War Plans

Third-party risk (or nth-party risk) is a hot topic in cybersecurity. While it can mean many things, at its core third-party risk describes a situation in which an organization that does a good job of protecting its own network and data, within its environment, works with other organizations that do not do such a good … Continue reading Third-Party Risk in Cybersecurity Exemplified by North Korea’s Stealing of US War Plans

Checklist: Managing Third-Party Risk in #Cybersecurity

If I timed this right, when this post publishes, I will be about to present at the ISACA CSX 2017 North America Cybersecurity Nexus Conference in Washington, DC. My talk is titled Legal Issues Associated with Third-Party Risk. I am publishing this post with the #CSXNA and #CyberAware hashtags in the title so that conference attendees can … Continue reading Checklist: Managing Third-Party Risk in #Cybersecurity

Uber’s Settlement With FTC Emphasizes Companies’ Need for Cyber Risk Management Programs

The FTC and Uber have settled the enforcement action the FTC brought against the company. This action stems from Uber's data breach of more than 100,000 individuals' PII despite its promises that their data was "securely stored within our databases." The FTC found this promise was misleading when compared with the actions the company was … Continue reading Uber’s Settlement With FTC Emphasizes Companies’ Need for Cyber Risk Management Programs