Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
How far should we drill down when Assessing Third party Suppliers ?
In a world were industries are more and more integrated, and in a landscape were Saas, IaaS and Paas are becoming the norm, how deep should a company go to protect its assets and the PII of its customers?
When it comes to Risk based Third Party Management should we limit ourselves to the first level Vendor for our Due diligence or should we try to dig deeper and get info on the Subcontractors of the third party vendor we have a contract with?
Thoughts on the subject ?
You must be logged in to reply to this topic.