Cybersecurity and Third-Party Risk: Third Party Threat Hunting

$23.75
by Gregory C. Rasner
Shop Now
The secret is out: If you want to attain protected data as a hacker, you do not attack a big company or organization that likely has good security. You go after a third party that more likely does not. Companies have created the equivalent of how to deter car thieves: Ensure that your car looks difficult enough to break into so that thieves move onto the automobile with its doors unlocked and keys in the ignition. When a burglar sees a car with a car alarm, they know that they can look and eventually find a target that isn't so well protected. Exploiting the weakest link is not new. A bank robber could go to the bank to steal money, but a softer target would likely be the courier service as they bring the money into and out of the bank. Learn what the risk is and how to assess the cyber risk - Step-by-step guide on how to create a cyber-risk third-party risk management program without having to be a cyber or risk management expert - Create a mature cyber-focused third-party risk management program that is predictive and less reactive - Learn how to secure your data in a vendor's cloud and how to secure your software supply chain. "Cybersecurity & Third-Party Risk" is both timely and necessary...and should be added to the bookshelves all of cybersecurity and risk professionals regardless of the industry in which they operate." - Edna Conway, VP Chief Security and Risk Officer, MS Azure - "The exact right book at the exact right time" - Adam Gordon, Edutainer, ITProTV " For those looking to create a TPRM program, Cybersecurity and Third-Party Risk is a valuable read. For those who have an existing TPRM program, they may want to reappraise the efficacy of their program after reading the book, given it has some of the best practices for the current state of third-party risk ." Ben's Book of the Month: Review of "Cybersecurity and Third-Party Risk: Third-Party Threat Hunting" As a cybersecurity and risk professional, I looked for a book on how to help me setup a program a few years ago and found none.  There are Third-Party Risk management books, but they don't spend adequate time on the most critical risk domain at present: cybersecurity.  A few years later, and I still see no literature to help others in creating or maturing their programs, and so I wrote this book to assist others in their pursuit of lowering risk in their third-party relationships.  Focuses on a risk-based approach that can be sized for a single proprietorship to a multi-national conglomerate.   - Provides a guide on how to set a cyber-focused third-party risk management program and how to mature existing programs - Explores how to lower the risk to data in the cloud, software development from vendors, and offshore vendors.   - A free tool-kit is available from Wiley Publishing (find the book on their site) to assist with some of the due diligence forms As a professional in this field, it is my goal to increase the level of effort and focus in this field to lower the risk for all.   From Home Depot to Cognizant, third parties (vendors) have too often shown themselves as the weakest link in security to firms. Not only does this lead to financial losses, but reputation loss can last years or drive the business out of the market. STRENGTHEN THE WEAKEST LINKS IN YOUR CYBERSECURITY CHAIN Across the world, the networks of hundreds of different world-class organizations have been breached in a seemingly never-ending stream of attacks that targeted the trusted vendors of major brands. From Target to Equifax, Home Depot, and GM, it seems as if no company is safe from a third-party incident or breach, regardless of size. And the advanced threats are now exploiting the intersection of weaknesses in cybersecurity and third-party risk management. In Cybersecurity and Third-Party Risk , veteran cybersecurity specialist Gregory Rasner walks readers through how to lock down the vulnerabilities posed to an organization’s network by third parties. You’ll discover how to move beyond a simple checklist and create an active, effective, and continuous system of third-party cybersecurity risk mitigation. The author discusses how to conduct due diligence on the third parties connected to your company’s networks and how to keep your information about them current and reliable. You’ll learn about the language you need to look for in a third-party data contract whether you’re offshoring or outsourcing data security arrangements. Perfect for professionals and executives responsible for securing their organizations’ systems against external threats, Cybersecurity and Third-Party Risk is an indispensable resource for all business leaders who seek to: Understand the fundamentals of third-party risk management - Conduct robust intake and ongoing due diligence - Perform on-site due diligence and close vendor risks - Secure your software supply chain - Utilize cloud and on-premises software securely - Continuously monitor your third-party vendors and prevent breaches

Customer Reviews

No ratings. Be the first to rate

 customer ratings

5 Stars
0%
4 Stars
0%
3 Stars
0%
2 Stars
0%
1 Star
0%

How are ratings calculated?
To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyzes reviews to verify trustworthiness.

Review This Product

Share your thoughts with other customers

Dropdown link
Dropdown link
Dropdown link
Dropdown link