Cyber Security Third Party Risk

Cyber Security Third Party Risk free download

A comprehensive guide to cyber security third party risk

Understand why Cyber Security Third Party Risk Management is so important for organisations and what steps your organisation needs to take.

You will get a firm grasp of the cyber security third party risk today’s organisations face and what steps organisations and industries like yours can take to help manage this risk and protect themselves.

· Gain a solid understanding of the background and context to Cyber Security Third Party Risk, by looking at the Cyber Security and Third Party Risk backgrounds, and how they “meld” together.

· Learn about the importance of cyber security third party risk for organisations, and see how some of the latest high profile security breaches on organisations have been a result of their third party relationships

· Learn how to assess cyber security third party risk associated with your suppliers and the services their provide. Understand the concepts of Inherent Risk how to assess this using "CIA Triad" of confidentiality , integrity and availability and how we can use these to prioritise due diligence activities.

· Learn what key standards and regulations require organisations to do regarding cyber security third party risk, including ISO 27000, PCI DSS, Cyber Essentials, the GDPR, DORA and NIS 2.

· Learn about the different approaches to undertake due diligence of your third party’s cyber security posture, including design tips for custom questionnaires, and how to gain the most from SOC 2 reports and third party ISO 27001 certifications.

· Learn about the importance of legal contracts in addressing cyber security third party risk, and the importance of contract negotiation

· Understand and see samples of the documentation your cyber security third party risk management programme will require including samples of policy, procedures and templates.

· Learn about the importance of communications with suppliers and key stakeholders during the cyber risk third party risk management lifecycle, and how to manage the remediation of gaps within your third party’s security controls measures.