Quote:Cybersecurity is typically viewed as the boogeyman, and vendors are responsible for 63% of reported data breaches in organisations. And as businesses grow, they will use more and more third parties to provide specialty services. Typical cybersecurity training programs focus on phishing awareness and email hygiene. This is not enough. Navigating Supply Chain Cyber Risk: A Comprehensive Guide to Managing Third Party Cyber Risk helps companies establish cyber vendor risk management programs and understand cybersecurity in its true context from a business perspective.
The concept of cybersecurity until recently has revolved around protecting the perimeter. Today we know that the concept of the perimeter is dead. The corporate perimeter in cyber terms is no longer limited to the enterprise alone, but extends to its business partners, associates, and third parties that connect to its IT systems. This book, written by leaders and cyber risk experts in business, is based on three years of research with the Fortune 1000 and cyber insurance industry carriers, reinsurers, and brokers and the collective wisdom and experience of the authors in Third Party Risk Management, and serves as a ready reference for developing policies, procedures, guidelines, and addressing evolving compliance requirements related to vendor cyber risk management. It is unique since it provides strategies and learnings that have shown to lower risk and demystify cyber risk when dealing with third and fourth parties.
The book is essential reading for CISOs, DPOs, CPOs, Sourcing Managers, Vendor Risk Managers, Chief Procurement Officers, Cyber Risk Managers, Compliance Managers, and other cyber stakeholders, as well as students in cyber security.