Derrick Coston, CISA, CISSP, GISA

-

Organizations are still not taking the threat of third party vendor compliance serious.  Many organizations brush off third party risk and put up a facade regarding how they are truly assessing third party risk.  I bet if more organizations were honest or participate in the study, the results will be more alarming. ESentire published an article entitled “How to Guard against Third-Party Risk to the nth Degree“, which shows how  Spiceworks surveyed 600 IT and security decision-makers across a mix of industries and company sizes and identified how serious as well as the challenges facing organizations regarding third party risk.  Add this to the lack of doing proper internal cyber security risk management, and you can see it now if, but when we will see another major cyber security breach.



source https://derrick-coston.com/2019/04/16/derrick-coston-cisa-cissp-gisa/

Comments

Post a Comment

Popular posts from this blog

Derrick Coston, CISA, CISSP, GIAC

-
It’s amazing to see on a weekly basis, that organizations are still not taking steps in teh right direction to protect information that it has on its customers and employees.  Kacy Zurkus identified a troubling gap in her article “ Nearly Half of US Orgs Not Ready for CCDA ”   Despite how there was a push by organizations, about a year or so ago, to be compliant with the EU General Data Protection Regulation (GDPR), there now appears to be a less push or concern.  Is it because of the ability to enforce compliance.  Well Politico has identified an alarming fact in their article “ How one country blocks the world on data privacy ”  The GDPR is the world’s toughest standard for data privacy. But nearly a year later, its chief enforcer has yet to take a single action against major tech firms like Facebook and Google.  I applaud the State of California for their efforts, however, will the state be able to use its power to enforce compliance?  On paper...
Read more

Derrick Coston, Cyber Security Consultant. I am looking forward to seeing all of the new products and services at this Year’s RSA conference. Looking forward to speak with Madiant. They released its 2019 MANDIANT M-TRENDS REPORT which has some great information regarding APT37, APT38, APT39 AND APT40.

-
Madiant M-Trends Report source https://derrick-coston.com/2019/03/05/derrick-coston-cyber-security-consultant-i-am-looking-forward-to-seeing-all-of-the-new-products-and-services-at-this-years-rsa-conference-looking-forward-to-speak-with-madiant-they-released-i/
Read more