The BTN recently partnered with Synk, a developer security platform for securing code, dependencies, containers, and infrastructure as code for an exclusive virtual roundtable event. This session looked at 'Security Champions: Providing Scale & Speed for your Developers' and was an opportunity to share insights around the topic of security within organisations.
Cyber security was never a purely technical problem; it is now a leadership imperative in many firms
For the past 20 years, cyber security – information security in its early days – has been seen primarily as a technical matter, to be solved by technologists using technology means.
The PCI certification process is quite comprehensive and relates to infrastructure, software and employee access to systems, in particular to datasets and the way that they are accessed. These checks are critical not only to the wider payments industry but also to create a level of trust with users knowing their data is protected. The PCI compliance process is a number of checks, usually by an accredited third party, to ensure that secure data handling processes are in place.
Recently, RiskRecon founder Kelly White sat down with Sam Olyaei, Director at Gartner Research, and Errol Weiss, Chief Security Officer at Health-ISAC, to discuss their client’s experiences regarding third-party risk management.
In this paper, RiskRecon highlight some of the insights discussed during our Q&A session including:
- Why some organizations are better at managing third-party risks
- The current and future state of TPRM ownership within firms
- How firms are currently identifying risks from Nth parties
By Kelly White, Founder, RiskRecon, a Mastercard Company
The impact of a destructive ransomware attack extends far beyond the organization whose systems are encrypted. It harms all those who depend on the goods and services of the organization that criminals have taken offline.
The pandemic undoubtedly brought eCommerce to the top of many companies’ priority lists. Businesses that were already established in trading online wanted to take advantage of rapid expansion, while those that did not have an internet sales presence quickly tried to catch up.
Not all companies are equally as comfortable in the online world, and the same could be said for their customers.
While the world is becoming increasingly digitally native, not all customers are enthusiastic adopters, and we must consider their needs.
There are real issues in the security operations space but buying more tools won’t help