book

Cybersecurity and Third-Party Risk

by Gregory C. Rasner

July 2021

Intermediate to advanced

480 pages

9h 38m

English

Wiley

Read now

Unlock full access

Who Will Benefit Most from This BookSpecial Features
The SolarWinds Supply‐Chain AttackThe VGCA Supply‐Chain AttackThe Zyxel Backdoor AttackOther Supply‐Chain AttacksProblem ScopeCompliance Does Not Equal SecurityThird‐Party Breach ExamplesConclusion
Cybersecurity Basics for Third‐Party RiskCybersecurity FrameworksDue Care and Due DiligenceCybercrime and CybersecurityConclusion
The Pandemic ShutdownSolarWinds Attack UpdateConclusion
Third‐Party Risk Management FrameworksThe Cybersecurity and Third‐Party Risk Program ManagementKristina Conglomerate (KC) EnterprisesConclusion
IntakeCybersecurity Third‐Party IntakeConclusion
Low‐Risk Vendor Ongoing Due DiligenceModerate‐Risk Vendor Ongoing Due DiligenceHigh‐Risk Vendor Ongoing Due Diligence“Too Big to Care”A Note on PhishingIntake and Ongoing Cybersecurity PersonnelRansomware: A History and FutureConclusion
On‐site Security AssessmentOn‐site Due Diligence and the Intake ProcessConclusion

What Is Continuous Monitoring?Enhanced Continuous MonitoringThird‐Party Breaches and the Incident ProcessConclusion
Access to Systems, Data, and FacilitiesConclusion
Why Is the Cloud So Risky?Conclusion
Legal Terms and ProtectionsCybersecurity Terms and ConditionsConclusion
The Secure Software Development LifecycleOn‐Premises SoftwareCloud SoftwareOpen Web Application Security Project ExplainedOpen Source SoftwareMobile SoftwareConclusion
Third‐Party ConnectionsZero Trust for Third PartiesConclusion
Onboarding Offshore VendorsCountry RiskKC's Country RiskConclusion
The DataLevel SetA Mature to Predictive ApproachThe Predictive Approach at KC EnterprisesConclusion

Content preview from Cybersecurity and Third-Party Risk

(ISC)^2®

(ISC)² books published by Wiley provide aspiring and experienced cybersecurity professionals with unique insights and advice for delivering on (ISC)²’s vision of inspiring a safe and secure world.

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. (ISC)²’s membership is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9781119809555Purchase Link

Cybersecurity and Third-Party Risk

by Gregory C. Rasner

(ISC)^2®

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Cyber Security and Network Security

Cybersecurity - Attack and Defense Strategies

Privacy, Regulations, and Cybersecurity

Cybersecurity Threats, Malware Trends, and Strategies

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Cyber Security and Network Security

Cybersecurity - Attack and Defense Strategies

Privacy, Regulations, and Cybersecurity

Cybersecurity Threats, Malware Trends, and Strategies

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.