Security leaders understand the importance of third-party risk. We have created questionnaires and invested in tools to support the process. Even with these investments, orgs find themselves on a hamster wheel; pouring resources into a process that doesn’t make anything more secure. We're here to challenge old ways of thinking and to inspire new approaches to third-party risk management.


RSAC 2023 brought together thousands of cybersecurity professionals for four incredible days of expert perspectives, groundbreaking innovation, and best practices. 

Your Third-Party Risk Management Program Is Bad and You Should Feel Bad

Conference: RSA Conference 2023

Authors: Chris Castaldo, Brian Markham

Abstract

Post a comment

Related work

Isolate the Users! Supporting User Namespaces in K8s for Increased Security

Narrow – SCA Reachability Analysis without the Effort

Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths

Transparency in the Software Supply Chain: Making SBOM a Reality

20+ Ways to Bypass Your macOS Privacy Mechanisms

Death to the IOC: What's Next in Threat Intelligence