November 14, 2018 | Tools & Templates | Vendor and Partner Management
Open source software seems to be everywhere today, but what are the risks associated with open source licensing and usage? In this Ask-an-Expert written response, IANS Faculty Josh More details how open source licensing works and explains why its usage offers few practical risks today.
Some vendors are attempting to extend the financial/credit risk-scoring model to the information security world, enabling organizations to rate vendors according to their "risk score." In this report, IANS Faculty Josh More performs an in-depth review of these services to determine whether they offer a viable approach to vendor assessment.
Contract language becomes especially important when organizations let third parties handle protected health information (PHI). In this Ask-an-Expert written response, IANS Faculty Mike Pinch recommends getting a BAA in place, in addition to specific language around controls like encryption, data sharing, etc.
Security vendors have expanded offerings in a way that has created a lot of overlap and complexity within company environments. In this webinar, Aaron Turner explores how to do an assessment and logically start pruning your stack.