Third party risk is certainly not new. But in our hyper-collaborative economy, it’s rapidly rising in significance. The greatest data loss risk occurs when content moves outside an organization’s direct control. Writing in Security Boulevard, Steph Charbonneau, Senior Director for Data Security at HelpSystems, explains how organizations can manage and control this risk without paralyzing their ability to do business.
The Minneapolis/St. Paul Business Journal is announcing the second round of its 2021 Women in Business honorees, including executives from large corporations and entrepreneurs who have launched startups. See the list of second round honorees here: https://bizj.us/1qb234
The security concerns about cloud infrastructure that shadowed the technology from its nascent stages have largely dissipated as cloud adoption has spread and security has improved. While even public cloud infrastructure is now far more secure, data in the cloud is unfortunately still vulnerable due to a different challenge – misconfiguration.
A Yahoo News investigative report concludes that Russia’s SVR foreign intelligence service developed the disinformation that US Democratic National Committee data director Seth Rich was murdered to cover up corruption by then-Presidential candidate Hillary Clinton.
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth parties – those vendors that your vendors use – who may be integral players in your mission fulfillment but who are beyond your direct contractual oversight.
Does an increase in spending lead to an overall reduction in risk? Not necessarily. An organization may spend millions on network security controls but still get breached through an application code vulnerability. New attack methods and new technologies to deal with them show up all the time. So, to maximize efforts at assessing security risk, resources must be allocated such that the most effective tools and strategies are used to protect the most important information assets.