Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Vendor Management 



February 5, 2018 | Vendor and Partner Management
By Aaron Turner, IANS Faculty

 Understand and Manage Offshore Contractor Risk

Using offshore contractors in countries like India presents a host of risks, beyond those faced when working with U.S.-based third parties. In this Ask-an-Expert written response, IANS Faculty Aaron Turner urges companies to focus on both geopolitical and human risk factors when choosing an overseas partner.

Read More »


January 17, 2018 | Recruiting, Hiring and Retention
By Josh More, IANS Faculty

 Perform Effective Background Checks at Scale

Screening potential U.S.-based employees is difficult enough, but scaling background checks across vendors and international employees is even more daunting. In this Ask-an-Expert written response, IANS Faculty Josh More details the various types of background checks available and common pitfalls to avoid when leveraging them. He also provides tips for expanding the program to encompass vendor employees and international workers, and a roadmap for automating the process over time.   

Read More »


December 18, 2017 | Vendor and Partner Management

 Vendor Selection Templates

Assessing, qualifying, classifying and managing vendors can be a daunting challenge, but it's critical to an organization's information security strategy. The Vendor Selection Templates offer tips and tricks for assessing a vendor's security posture and ensuring they will be a secure, trustworthy partner. 

Read More »


December 6, 2017 | Security Policies and Strategy

 M&A Security Checklist

The M&A Security Checklist is designed to be a guide to help information security professionals understand the M&A process end-to-end, identify the best places to inject security into the process and determine to-do list items that must be addressed within the deal lifecycle. 

Read More »


October 30, 2017 | Architecture, Configuration and Segmentation

 Internal Network Monitoring Solution Request-for-Proposal (RFP) Template

When creating a request for proposal (RFP) of any kind, the purpose is to ensure prospective vendors can check all of the necessary boxes. This document provides a comprehensive RFP template specifically designed for organizations seeking an internal network monitoring solution.

Read More »


October 6, 2017 | Vendor and Partner Management

 Russian Hackers’ Breach of NSA via Kaspersky Software

In 2015, Russian-government backed hackers stole classified National Security Agency (NSA) data on U.S. cyber-offensive capabilities, according to a Wall Street Journal report on Tuesday, October 5th. The stolen information included details on how the U.S. defends against cyberattacks and the techniques it uses to penetrate foreign networks.

Read More »


October 2, 2017 | Vendor and Partner Management
By Rich Guida, IANS Faculty

 Weigh the Risk/Benefit of Partnering with Startups

Vetting third-parties that are new, small and innovative is very different from assessing established vendors. In this Ask-an-Expert written response, IANS Faculty Rich Guida explains how to weigh a startup's overall benefits against its security risks, and offers tips for getting the business to mitigate or accept them.

Read More »


September 13, 2017 | Vendor and Partner Management
By Josh More, IANS Faculty

 Create Optimal Contract Language to Enable App Security Assessments via the Cloud

Getting application vendors to agree to have their wares tested in the cloud can  pose challenges, especially because many vendor contracts prohibit the sharing of code, binaries or other data with outside parties. In this Ask-an-Expert written response, IANS Faculty Josh More offers some sample contract language to make it work. 

Read More »