Lessons learned from Cyber Incident Response
We are finding many companies that have experienced a Cyber Incident are not performing even the most basic Third Party Vendor Risk Assessment.
It is absolutely imperative that if you engage with a vendor you understand the associated risks.
5 simple questions can lead you to be a better understanding of your Vendor risks and a quicker recovery from an Incident:
- Is there an identifiable Leadership team?
- Who is accountable?
- Would you be able to escalate or contact them?
- Where are they located?
- Do they have an Incident Response plan and Reporting Structure?
- Do they have a response plan?
- Are there dedicated phone numbers or emails for reporting incidents?
- Are ticket numbers assigned and tracked?
- Who is responsible for security within their Organization?
- Is there someone who is responsible for security?
- Is there a defined role or is it an off the side of the desk of another role?
- Does the company reside in a country that has Breach Reporting responsibilities?
- Do you have a Service Level Agreement for responding to incidents?
- Do you have a defined Incident/Severity matrix with set response times?
- How do you escalate an Incident?
- What is your communication cadence?
- Can they demonstrate their current level of Cyber Security Compliance?
- Can they demonstrate the framework they adhere to? (NIST/CIS)
- Do they disclose if and when they do vulnerability/penetration testing?
- Do they have any risk reports (SOC 1, SOC 2, PCI or DSS) they can share?
- Do they have patch management?
It is important to develop a Third Party Cyber Security Screening Assessment before engaging in a new contract. We can walk you through the process and helping you to understand your Cyber Risks.
Let’s talk Cyber!