News outlets are wrought with stories of breaches, and no signs of this easing up are anywhere to be found. With attackers becoming more sophisticated by the day, it often feels like a daunting battle to keep our information safe. Despite organizations putting lots of dollars and bandwidth towards their information security efforts, sometimes it still feels like the popular quote from the show Cheers: “It’s a dog-eat-dog world, and I’m wearing Milkbone underwear.” One of the most pervasive and overwhelming problems facing businesses today is how to limit and reduce risk introduced into your company by the vendors you do business with. In fact, in today’s information landscape, nearly two-thirds of all breaches stem from third-party risks.

managing third party risks

No one is immune to it. Routinely, we see world-class enterprises breached by a vendor who is not as diligent as they should be about protecting the information they access. This lack of diligence (or that of the organization in vetting their vendors) poses incredible risk for any company that belongs in their vendor matrix.

Perhaps the best-known instance of this is the Target breach of 2013. The breach happened because of an HVAC vendor who fell prey to a phishing attack. The hackers gained access to Target’s information through the network connection the vendor had. The attack design was brilliant, and the results were disastrous, costly, and well publicized. 

No doubt Target has taken serious steps forward to ensure that the vendors they have are adequately protecting the information they have access to. But for many, third-party risk management is not even yet a blip on their organization’s security radar. If you’re like these organizations, you likely haven’t even begun thinking about how to handle the risk of your vendors, or you understand it’s important but don’t quite have an idea how to get started tackling it.

If this describes you, please join us for the spring 2019 installment of our Hacks & Hops event series. FRSecure’s CEO, Evan Francen, will be joined by a panel of industry experts who will all discuss the topic of third-party risk management in digestible terms. The event is aimed at offering tips that you can use to start managing the risk you assume when working with third parties.

DEFEND! Step Up Your Data Security Defenses Against Third-Party Risks will take place on March 28, 2019 at the Day Block Event Center in Minneapolis. Join us for a fun-filled afternoon with lively conversation, great appetizers, and delicious beer made on site at Day Block.

For more information and to register online, please visit our Eventbrite page.


Jim Nash on EmailJim Nash on Linkedin
Jim Nash
Information Security Evangelist at FRSecure
Jim's experiences in both politics and the InfoSec industry have cultivated him into a strong and animated communicator that has the ability to crystallize difficult concepts into digestible ideas. These skills and experiences have morphed him into a cybersecurity and information security evangelist, focusing on publicizing the need for organizations to make cyber threats a business liability and not just an IT problem.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *