"Managing Third-Party Cyber Risks," Security in Practice Webinar, Davis Wright Tremaine
Virtually every company relies heavily on a slew of third parties to secure its sensitive data and information systems. No matter how much a company invests in its own cybersecurity program, vulnerabilities at a vendor or other third party can lead to compromises of the company's data and potentially significant liabilities. Look no further than the high-profile MOVEit breach, which has compromised the files of hundreds of companies and millions of individuals, to appreciate the significance of managing third-party risk and the responsibility of companies to oversee their vendors.
But managing these risks is an enduring challenge of balancing diligence with efficiency. In this third installment of DWT's Security in Practice webinar series, panelists from DWT and Kroll discuss strategies for managing your company's third-party cyber risks in a prioritized, consistent, and business-friendly manner.
Topics discussed include:
- Legal requirements and guidance for managing third-party cyber risks
- Effective ways to identify and prioritize your third-party cyber risks
- The core elements of an effective third-party risk management program
- The differences between vendor and supply chain risks, and strategies for addressing each
- Documenting your third-party risk management program and making it iterative