Vendor Risk Management
How secure is your data? What happens when you are being cheated or robbed by trusted people?
These are questions that raise the hackles of all business owners who are at a loss not knowing whom to trust when it comes to securing their confidential data or the data that is essential to an organization.
Security experts like Adrian Davis, a senior research consultant with a UK based Information Security Forum opine that US security leaders need to learn more from their counterparts in the UK and elsewhere, in terms of payments, privacy and third party relationships.
Adrian vouches that the biggest threat with regard to cyber security is the threat of crimeware as a service, which takes in the fraud. Secondly malware embedded in websites too is the next big problem which is in turn linked to social networking. There is an ongoing debate whether Facebook should be blocked or continued despite the enormous security problem that it poses to governments, organizations and financial institutions the world over. Lastly he also feels application development and secure coding that are being used by hundreds of thousands of applications in an iPhone or Smartphone, to interact with the corporate systems, too pose a threat to security.
Coming to vendor management security experts opine that problems for organizations arise due to failures in security in their third parties. When an n organization buys a service from a third party, the vendor vouches to take care of everything that the organization wants. But it is difficult to prove if in fact these vendors are minimizing the risks or maximizing them.
BITS {an organization made up largely of major financial institutions) in America and ISF in the European countries are seriously trying to formulate active third party standards, there is still lot that needs to be done. Everyone is waiting for that special formulation that guarantees to secure their trust.
Organizations should try and see if there are a set of guidelines or policies or procedures that can be implemented when availing the services of the vendor, the outsourcing community that provides the organizations with the services. Thereby everyone will have a baseline of security that can be checked on a regular basis.
Gauging the risk posed by vendors can be prevented if organizations get their house in order, by patching up critical systems quickly and managing their access points through access management swiftly and cleverly.
Processing your request, Please wait....
