Risk Assessment For External Vendors

Presented at DeepSec 2013 „Secrets, Failures, and Visions“, Unknown date/time (Unknown duration)

When you have to handle confidential and regulated data for a third party it's a big challenge to define the risk if you are not going to be on site for a real assessment. Considering the amount of data companies are transferring to the cloud and external vendors the regulations, especially in a globalized world, require proper management to be effective, compliant and efficient in order to protect the data and the companies reputation.  Luciano Ferrari has developed a process that deals with global Risk Assessment and increases the trust in and the security of your data. However: Data security can only be achived if all units of an organization cooperate - and with a change in culture. This presentation provides a summary of steps to get your organization on track.

Presenters:

• Luciano Ferrari
  Luciano holds an MBA in Business Management, post graduation in Network Computers and has a degree in Microelectronic Engineering. He is also a Certified Information Systems Security Professional, and a Cisco Certified Network Associate. With 15+ years of experience in Information Technology Luciano Ferrari leads External Vendors Risk Assessment, PKI, RACF and Web Portal Gateway, assuring awareness and compliance to global regulations and standards for security and maintaining the privacy of client and employee data records. Luciano Ferrari worked at many different segments at carriers, internet service providers, education and financial institutions.

Links:

• https://deepsec.net/archive/2013.deepsec.net/speaker.html#PSLOT90

Similar Presentations:

• RVAsec 2019 / Risk Assessment - The Heart of Risk-based Security
• DEF CON 23 (2015) / A Hacker's Guide to Risk
• Texas Cyber Summit 2019 / CS-2024 The Risk Management Hydra and why you need multiple assessments