https://vendefense.com/wp-content/uploads/2018/11/4phases-classification.png 441 843 Suzy Feine /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Suzy Feine2018-11-14 08:59:142019-02-15 11:41:46Phase 2 of VRM: Classification
Now that you've completed your vendor inventory, it's time to classify them according to the risk they pose on your organization. Third-party classification is about rating your third-party providers according to the amount of inherent…
https://vendefense.com/wp-content/uploads/2018/11/4phases-inventory-1.png 441 843 Suzy Feine /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Suzy Feine2018-11-13 13:23:082019-02-15 11:33:28Phase 1 of VRM: Inventory
In the simplest sense, a good vendor risk management program is made up of four phases: Inventory, Classification, Assessment and Treatment. These four phases make up a well-designed third-party information security risk management program. Phase…
https://vendefense.com/wp-content/uploads/2018/11/Do-You-Need-VRM-FEATURES-1.png 441 843 Suzy Feine /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Suzy Feine2018-11-13 09:02:582018-11-19 18:46:35Do You Need a Vendor Risk Management Program?
The topic of vendor risk management (VRM) is on the lips of nearly every CISO, IT Director, CTO/CIO and business owner in the country, and with good reason. Security breaches have reached near epidemic proportions and businesses don't need to…
https://vendefense.com/wp-content/uploads/2018/11/deviating-from-information-security-recommendations-2.png 441 843 Evan Francen /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Evan Francen2018-11-02 14:21:202019-01-15 09:10:23Deviating from Information Security Recommendations
Information security recommendations are supposed to align with business priorities, but sometimes the two are not on the same page. While it's okay for businesses to make decisions independently of their information security programs, this can pose problems within your organization. Find out what you can lose by not having the two agendas aligned.
https://vendefense.com/wp-content/uploads/2018/10/vendor-security-risk.png 441 843 Evan Francen /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Evan Francen2018-10-18 19:13:582018-11-19 18:46:16Vendor Security Risk: Simplify, Standardize and Defend
Vendor risk management is not easy. It's often a monotonous combination of spreadsheets, questionnaires, following up with people, and uncertainty. It's often frustratingly tedious, and it can actually cause otherwise strong information security programs to falter. The best relief is to take a three-step approach to vendor risk management. Simplify. Standardize. Defend.
https://vendefense.com/wp-content/uploads/2017/11/the-four-vendor-risk-management-programs.png 441 843 Evan Francen /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Evan Francen2017-11-16 14:47:092018-11-19 18:45:54The Four Vendor Risk Management Programs
Vendor risk management is a critical portion of every organization's information security program. Almost all organizations fit into one of four categories when it comes to managing the data risk their vendors pose— none, painful, partial, or good. Let's find out where you fit.