Escape the Questionnaire Quagmire: A thoughtful approach to addressing security inquiries from customers and prospects presented at BSidesLasVegas 2019

by Katie Ledoux,

Summary : Effective third-party security risk management requires collecting a significant amount of information from vendors. That information gathering process often starts with the customer sending the vendor a lengthy infosec questionnaire.Katie’s team was on the receiving end of those questionnaires, and the significant time and effort required to complete them interfered with progress on imperative security projects. To address this problem, the team created documentation and a new process that lessened their workload, reduced sales cycle friction, and gave customers increased visibility into Rapid7’s security program. Katie will share her approach, the lessons she learned along the way, and the metrics she used to measure success, ensuring you leave this session ready to apply these strategies at your organization.