Third-Party Risk Management EssentialsMark Sangster of eSentire Shares Lessons Learned
Third-party vendors continue to be a major security risk for organizations. Despite new research finding that 60 percent of organizations have formal policies for managing third-party risk, almost half of organizations still report having suffered a data breach that traces to a third-party vendor, says Mark Sangster, vice president and industry security strategist at eSentire.
In a video interview at Information Security Media Group's recent Cybersecurity Summit in New York, Sangster also discusses:
- Examples of real-world adversarial campaigns and tools used to infiltrate third parties;
- Evaluating a vendor's third-party risk to your business;
- How organizations can best implement policies and procedures to mitigate third-party risk.
Sangster is a vice president and industry security strategist at eSentire. He's previously worked at Avvasi, RapidMind (acquired by Intel Canada), DiskStream and BlackBerry.