by Kevin Hermosura | Apr 11, 2019 | Third Party Risk Management
Recently I came across this blog post, which raises concerns that Amazon Web Services (AWS), a major player in many government cloud contracts worldwide—including the US Department of Defense—may be outsourcing security services to a company run by Russian mobsters.... by Kevin Hermosura | Apr 5, 2019 | Third Party Risk Management
When it comes to vendor risk management questionnaires, less can definitely be more. In this post, I’ll share three value-add tips on why and how to streamline your vendor review process and reduce the length of your questionnaires while maintaining a high level of... by John Verry | Feb 13, 2019 | InfoSec Strategies
Einstein once said, “The more I learn, the more I realize how much I don’t know.” Unfortunately, I have come to that realization not just once, but about 758 times. As I was reviewing/tuning our company’s Risk Assessment in preparation for our ISO 27001... by Kevin Hermosura | Jan 24, 2019 | Third Party Risk Management
In today’s evolving business landscape, there is huge potential for growth and cost savings by partnering with vendors or outsourcing non-core parts of your business. But outsourcing often requires sharing sensitive data (e.g., payroll or customer data) and/or... by Bob Cohen | May 23, 2018 | Disaster Recovery
One of the most important elements of a business impact analysis (BIA) or other business continuity planning exercises is identifying each function’s critical records. The survival of your business may depend on the availability of critical records. Without them,...
