Have you experienced any significant security breaches or data incidents involving your software vendors?

Vendor/Product Assessment Third Party Risk Management (TPRM)Data Protection & Encryption

Yes, multiple times42%

Once39%

No19%

84 PARTICIPANTS

219 views1 Comment

Director in Manufacturing, 1,001 - 5,000 employees

If you ever used EXCHANGE, the answer should be yes or other Microsoft products.

Content you might like

Can we expect a surge of innovation from Splunk post-Cisco acquisition, or do you think we’re in for more of the same?

Innovation Vendor/Product Assessment Enterprise Applications

Expecting more innovation39%

Expecting more of the same61%

Not sure yet – time will tell…0%

59 PARTICIPANTS

651 views

What pricing models did you use if you needed a vendor to provide custom software development services?

Process Management Software Development Vendor/Product Recommendation +3 more

VP of Engineering in Healthcare and Biotech, 11 - 50 employees

I read "vendor" here to mean someone primarily providing a SaaS or PaaS, or even a desktop, web or mobile application, or code library.

If that is correct, then it can be extremely hard to price.

Most ...read more

473 views1 Comment

Which vendors/partners are essential to your ability to deliver applications to support your business?

Applications & Platforms Vendor/Product Assessment

Amazon47%

Google48%

IBM19%

Microsoft69%

Oracle22%

Red Hat13%

SAP13%

Vmware23%

None of these0%

397 PARTICIPANTS

886 views

How can infosec leaders/CISOs get their org to shift from a legacy security strategy that’s more compliance-focused to one that’s focused on risk reduction?

Security Strategy & Roadmap Risk Management Third Party Risk Management (TPRM)

Head of Information Security in Services (non-Government), 1,001 - 5,000 employees

Having the right governance structures in place is important. We have a committee that's called the Protect Subcommittee that comprises the general counsel's office and leaders from our privacy and security practice ...read more

Read More Comments

579 views2 Comments

How are you thinking about vendor risk management when it comes to vendors leveraging generative AI? Do they require a different approach, or is your current vendor risk strategy adequate in these cases?

Third Party Risk Management (TPRM)Security Strategy & Roadmap

Head of Information Security in Services (non-Government), 1,001 - 5,000 employees

The short answer is yes, we do have additional triggers if they're using AI. As with all our third parties, we thoroughly vet the security of any vendors leveraging generative AI. We have tiered security assessments based ...read more

135 views1 Comment