Cyber Security Third Party Risk
Cyber Security Third Party Risk
Published 5/2025
Duration: 2h 18m | .MP4 1280x720, 30 fps(r) | AAC, 44100 Hz, 2ch | 1.71 GB
Genre: eLearning | Language: English
Published 5/2025
Duration: 2h 18m | .MP4 1280x720, 30 fps(r) | AAC, 44100 Hz, 2ch | 1.71 GB
Genre: eLearning | Language: English
A comprehensive guide to cyber security third party risk
What you'll learn
- Gain a comprehensive understanding of Cyber Security Third Party Risk
- Understand the regulatory and business drivers for managing cyber security third party risk
- Understand inherent risk and how to use it to prioritise or tier third parties for review
- Gain insights into conducting effective due diligence of a third party's cyber security practices
- Learn tips on how to effectively deal with third party risks identified following the review
Requirements
- No prior knowledge of cyber security third party risk is required, however an understanding of cyber security or cyber risk would be helpful.
Description
Understand why Cyber Security Third Party Risk Management is so important for organisations and what steps your organisation needs to take.
You will get a firm grasp of the cyber security third party risk today’s organisations face and what steps organisations and industries like yours can take to help manage this risk and protect themselves.
· Gain a solid understanding of thebackgroundandcontextto Cyber Security Third Party Risk, by looking at the Cyber Security and Third Party Risk backgrounds, and how they “meld” together.
· Learn about theimportance of cyber security third party riskfor organisations, and see how some of the latest high profile securitybreacheson organisations have been a result of their third party relationships
· Learn how to assess cyber security third party risk associated with your suppliers and the services their provide. Understand the concepts ofInherent Riskhow to assess this using "CIA Triad" ofconfidentiality , integrity and availabilityand how we can use these toprioritisedue diligence activities.
· Learn what keystandards and regulationsrequire organisations to do regarding cyber security third party risk, including ISO 27000, PCI DSS, Cyber Essentials, the GDPR, DORA and NIS 2.
· Learn about the different approaches to undertakedue diligenceof your third party’s cyber security posture, including design tips forcustom questionnaires, and how to gain the most fromSOC 2 reportsandthird partyISO 27001 certifications.
· Learn about the importance oflegal contractsin addressing cyber security third party risk,and the importance ofcontract negotiation
· Understand and see samples of thedocumentationyour cyber security third party risk management programme will require including samples of policy, procedures and templates.
· Learn about the importance ofcommunicationswith suppliers and key stakeholders during the cyber risk third party risk management lifecycle, and how to manage the remediation of gaps within your third party’s security controls measures.
Who this course is for:
- Professionals in Information or Cyber Security
- Procurement or sourcing teams, business stakeholders and others who own or manage the services and relationships with third parties
- Students or graduates in a Cyber Security discipline, or IT professionals who wish to increase their knowledge of this highly relevant cyber security topic
More Info