Since US’ Target in 2014 to recent SolarWinds breach, including the NotPetya cyberattack, 3rd parties are a key element of company’s risk management. In some sectors, 3rd party’ security evaluation is now strictly regulated. Moreover, new data privacy laws enforce data processors responsibilities.
How to evaluate the risks? How are suppliers handling such evaluation? How to enforce security requirements in RFPs? What can bring cyber insurance in this context?
The objective of this presentation is to provide feedback of experience and give some hints to start or improve your 3rd party security management
