Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Intel Partner Connect 2021

12 Lessons Learned From The SolarWinds Breach: RSA Conference

From scrutinizing technology suppliers and code used during the application development process to axing on-premise Active Directory, here are 12 key takeaways from the SolarWinds breach.

Back 1 ... 2   3   4   5   6   ... 13 Next
photo

Scrutinize Suppliers On A Continuous Basis

Most businesses do a thorough inspection of a supplier’s security practices before agreeing to work with them, but very few organizations maintain that level of scrutiny on an ongoing basis, according to OneTrust Chief Revenue Officer Kevin Kiley. Companies must continuously assess the security practices of their suppliers and use that to recalibrate the level of risk each supplier might represent, Kiley said.

Organizations need to move beyond simply asking for security certifications when putting out a request for proposal and make supply chain security an ongoing practice. Specifically, he said companies should examine how third parties are being used, what data is being shared with them, whether it’s necessary to share all that data with them, and if/how data is being destroyed after it’s no longer being used.

From there, Kiley said businesses should examine the risk represented by fourth and fifth-party companies that work with their suppliers or their suppliers’ suppliers. Since the SolarWinds attack, Kiley said organizations have invested heavily to gain more insight into who they’re working away and what kind of risk they represent.

 
 
Back 1 ... 2   3   4   5   6   ... 13 Next

sponsored resources