Skip to main content
Concurrent Session Onsite and Online

ENG2356. Navigating Your Third Party Technology and Cybersecurity Risk (TCH, PRAC, FIN)

Our worlds and our businesses are becoming more and more interconnected. Name a company, non-profit, government entity or agency that is able to keep all of their data on internally created applications; that can run without third-party technology. Of course, with each new application and third-party, our cybersecurity risk increases. There are various tools and techniques available to help us navigate our third-party risk. "Silver Bullets" don't work on these were-risks. Putting in the effort to acknowledge, comprehend, and document the third-party risk will allow you to communicate that risk appropriately to those charged with governance so they can decide to accept, mitigate, transfer or avoid the risk.

Learning Objectives:

  • Understand how to properly evaluate a SOC 2 report (or a framework compliance certificate) from your vendor
  • Understand how to integrate 3rd party risk into the organization Risk Assessment using a Cyber Risk Assessment
  • Understand how 3rd party technology impacts your cybersecurity risk
  • Understand the how a data inventory (or lack thereof) can impact your cybersecurity risk
  • Understand the importance of culture on 3rd party technology risk management
CPE Credits
NASBA Field of Study
Information Technology
0-2 years in the Profession
Advanced Preparation
Session Tags