Checks and Balances in Third-Party Security presented at cisoglobal 2017

by Stephen Boyer, Dave Estlick,

Summary : In the digital age, two things are likely — a third party will have access to your data, and that data will be involved in a breach. For CISOs, assessment of third parties is both a science and a gamble. Checks and balances must be put in place, not only by choosing the right methodology during the assessment process, but also by establishing continuous monitoring to make sure those vendors don’t become breach-enablers down the line. Join BitSight CTO Stephen Boyer and Starbucks CISO Dave Estlick they explore what happens when third-parties secure (or don’t secure) your data.