In the connected world most Internet companies rely on a number of partner integrations to offer a complete experience to consumers. This helps in a faster go to market strategy but ensures increased dependency on multiple third parties. From a security perspective the onus still lies on the internal team to ensure that the risks from having multiple third parties do not affect the organisation's security posture. It is therefore essential to have an effective third party risk management program. In this talk we will delve into how to set up a third party risk management program from scratch. We will talk about
• How to build an agile, risk -based program which can start with an initial checklist and scale it up as the program grows
• How to discover and identify critical vendors using both technical and procedural method
• Leverage automated posture assessments to complement vendor checklists