How well do you know your vendors?
Vendor due diligence and monitoring
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Related Stories: Cybersecurity for Executives | Supply Chain Security
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Next in my series on Cybersecurity for Executives: your vendors. I recommend two primary questions to ask your security team. 1 How are we vetting our vendors? 2. Are we monitoring vendor activity? Those are two broad questions, so let’s break it down a bit more.
First, a caveat: I wrote this post from the perspective of an organization in the United States. If you live in a different country, the same concepts apply, but you may have a different viewpoint regarding the location vendors create and test products and services. Each country has it’s own political and national security concerns. I reference many news articles because it shows where the data comes from for the points I’m making, but people in different countries may have different perspectives.