Minimizing third-party cyber-risk is often done through the use of infosec questionnaires and audits of key vendors. Increasingly, these vendors are smaller businesses without the experience or knowledge to be able to accurately answer such questionnaires. This session will present effective techniques that can help to achieve mutually desirable infosec transparency in such small businesses.
Learning Objectives: 1: Learn about SMB and MSP IT for enterprise IT personnel. 2: Learn effective techniques to work with SMB vendors to achieve mutual infosec goals. 3: Learn how 3PDD questionnaires failed their intended purpose.