Skip to main content
ISC2 Security Congress 2024 Main banner
 
Icon Legend
Additional Fee Required
Additional Fee Required
Pre-Registration Required
Pre-Registration Required
Online & Virtual
Online & Virtual
Onsite Only
Onsite Only
Earn CPE Credits
Earn CPE Credits
Livestreamed Session
Livestreamed Session
Included in Guest Pass
Included in Guest Pass
Invite Only
Invite Only
Session Recorded
Session Recorded
Student Experience
Student Experience
Back

Call for papers Proposals

Governance, Risk & Compliance (GRC)

Improving Security in the Supply Chain and Negotiated Requirements for Your Suppliers

Monday, October 14, 2024
2:55pm – 3:55pm PT
Location: Milano VII - VIII
CPE Credits 1
Online & Virtual Earn CPE Credits Livestreamed Session Session Recorded
FULL DESCRIPTION: Most companies utilize suppliers for a majority of their data processing and handling making them an extended area of risk. Ensuring and being aware of the increased security controls is important for all security teams. Increased security starts at vendor onboarding and especially the negotiation of terms. This presentation will outline the management of vendors for the entire lifecycle including the RFP process, negotiations of standards and expectations, ongoing management and assurance of data handling, and off boarding/end of relationship. A discussion on tooling requirements will also be part of this presentation.

SUMMARY: Looking beyond the "guarded castle", this presentation will dive into how to improve your supplier and consequently your security efforts for a mutually beneficial outcome.

Learning Objectives:

  • Consider everywhere data is shared and how extended control can be effective
  • View the supply chain as an extension of the business team. Both share the responsibility of safe data handling
  • ...describe steps that can be taken to more effectively protect data in the supply chain