Due Diligence Meets Small Business: Nightmares from the Other Side


Posted on in Presentations

Minimizing third-party cyber-risk is often done through the use of infosec questionnaires and audits of key vendors. Increasingly, these vendors are smaller businesses without the experience or knowledge to be able to accurately answer such questionnaires. This session will present effective techniques that can help to achieve mutually desirable infosec transparency in such small businesses.

Learning Objectives:
1: Learn about SMB and MSP IT for enterprise IT personnel.
2: Learn effective techniques to work with SMB vendors to achieve mutual infosec goals.
3: Learn how 3PDD questionnaires failed their intended purpose.

Pre-Requisites:
3PDD, audit, risk assessment, and/or understanding of basic security controls.

Participants
Lawrence Cruciana

Participant

President and CSE, Corporate Information Technologies


Share With Your Community