Lessons learned from Cyber Incident Response

We are finding many companies that have experienced a Cyber Incident are not performing even the most basic Third Party Vendor Risk Assessment.

It is absolutely imperative that if you engage with a vendor you understand the associated risks.

5 simple questions can lead you to be a better understanding of your Vendor risks and a quicker recovery from an Incident:

 

1. Is there an identifiable Leadership team?
   • Who is accountable?
   • Would you be able to escalate or contact them?
   • Where are they located?
2. Do they have an Incident Response plan and Reporting Structure?
   • Do they have a response plan?
   • Are there dedicated phone numbers or emails for reporting incidents?
   • Are ticket numbers assigned and tracked?
3. Who is responsible for security within their Organization?
   • Is there someone who is responsible for security?
   • Is there a defined role or is it an off the side of the desk of another role?
   • Does the company reside in a country that has Breach Reporting responsibilities?
4. Do you have a Service Level Agreement for responding to incidents?
   • Do you have a defined Incident/Severity matrix with set response times?
   • How do you escalate an Incident?
   • What is your communication cadence?
5. Can they demonstrate their current level of Cyber Security Compliance?
   • Can they demonstrate the framework they adhere to? (NIST/CIS)
   • Do they disclose if and when they do vulnerability/penetration testing?
   • Do they have any risk reports (SOC 1, SOC 2, PCI or DSS) they can share?
   • Do they have patch management?

It is important to develop a Third Party Cyber Security Screening Assessment before engaging in a new contract. We can walk you through the process and helping you to understand your Cyber Risks.

 

Let’s talk Cyber!

http://www.mi613.ca