TRENDING:

3rd Party Risk Management , Governance & Risk Management

Third-Party Risk Management Essentials

Mark Sangster of eSentire Shares Lessons Learned Mathew J. Schwartz (euroinfosec) • August 27, 2019    
Mark Sangster, vice president and industry security strategist, eSentire

Third-party vendors continue to be a major security risk for organizations. Despite new research finding that 60 percent of organizations have formal policies for managing third-party risk, almost half of organizations still report having suffered a data breach that traces to a third-party vendor, says Mark Sangster, vice president and industry security strategist at eSentire.

See Also: What to Do Based on 2022: Expert Analysis of TPSRM Survey

In a video interview at Information Security Media Group's recent Cybersecurity Summit in New York, Sangster also discusses:

  • Examples of real-world adversarial campaigns and tools used to infiltrate third parties;
  • Evaluating a vendor’s third-party risk to your business;
  • How organizations can best implement policies and procedures to mitigate third-party risk.

Sangster is a vice president and industry security strategist at eSentire. He's previously worked at Avvasi, RapidMind (acquired by Intel Canada), DiskStream and BlackBerry.

Previous
Access and Identity: With 'Zero Trust,' Less Is More
Next
Mobile Workforce Security: Why 'Zero Trust' Is a Must

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.



Around the Network

How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.