A blindfolded man throwing a dart at a dart board, representing the blind spot of third party risks A blindfolded man throwing a dart at a dart board, representing the blind spot of third party risks A blindfolded man throwing a dart at a dart board, representing the blind spot of third party risks

16 March 2021

Be Prepared - Third Party Risk & Incident Response

Addressing a Blind Spot – Third Party Risk

All organisations and their business models are reliant upon the contribution and efforts of third parties to keep their businesses running. However, in many cases an organisation’s approach to assessing and managing the risks associated with their reliance on third parties is weak or non-existent, which creates a blind spot.

When it comes to IT Third Party Cyber Risk Management, how do you ensure that the third parties engaged to do work for your organisation preserve the confidentiality, integrity, and availability of your information? Often the “work” could include access to your organisation's data, intellectual property, financials, operations, or other sensitive information.

Some questions to consider are

  • Do you have an accurate inventory of all the third parties that you rely upon?
  • Can you identify which third parties are critical to your business?
  • Can you identify which third parties pose the highest risk to your organisation?
  • Do you know which third parties have access to your data?
  • Do you have a signed contract with third parties that allows you to enforce your organisation’s security requirements, or conduct security assurance checks against them?
  • What onboarding and offboarding process are currently documented and applied?
  • How do you ensure that IT third party risk is an integral part of your risk framework?

We all have a reliance on third parties to make things happen so it’s important to ensure the risks associated with engaging them are analysed, understood and managed appropriately.

Some examples of steps you can take to make improvements in this area include – identifying and categorising your third parties based on agreed criteria; identifying and classifying the information to be used by or shared with third parties; determining the level of due diligence you will apply upfront and ongoing to each of your third party categories, investigating whether any of those third parties have had an information security incident, and so on. Investing some time and effort to get this aspect of your IT and business operations in hand will help to protect you and the business from a range of possible issues - reputation, regulation, profit and litigation.

Give us a call if you would like to discuss how we can assist your IT Third Party Cyber Risk Management program.

Incident Response - “By failing to prepare, you are preparing to fail”

The saying “By failing to prepare, you are preparing to fail” is attributed to Benjamin Franklin.

If he were around today, we’d consider asking him to endorse our Incident Response Execution Pack

The key elements of our Incident Response Execution Pack are

Assessment Phase

  • Assess your current state of Incident Response readiness
  • Review your existing Incident Response information, plan, templates and guidelines
  • Identify any gaps and areas of concern
  • Review current roles and responsibilities

Prepare and Deliver Phase

  • Walk your team through an Incident Response scenario using a sample playbook
  • Assist in formalising the appropriate roles and responsibilities to handle incidents
  • Present and discuss suitable supporting Incident Response documentation
  • Formalise 19 tailor-made playbooks – branded and customised to follow your organisations structure
  • Formalise tailor-made supporting forms – brand and customise

The benefit of having a comprehensive IR plan (including a bespoke set of playbooks) is that you can improve the speed and effectiveness of your team in dealing with a real-life incident.
Our Incident Response experts can assist an organisation to develop an IR plan or refresh the key components of an existing one.

To ensure the IR plan execution steps are clearly understood, we can formalise the “war room” structure, walk through an IR scenario using a sample playbook, and prepare suitable supporting IR documentation, including a library of our 18+ IR playbooks.

Click Here to view information on our Incident Response Optimisation service.

Fast and very cost-effective evidence collection - start your incident response process in seconds

For those organisations that want to quickly start an actual incident response process without having to wait for external expertise, we have developed a First Responder Forensic Toolkit (FRFT). Having the FRFT onsite means that within minutes you can react to a potential incident, and start collecting the data necessary to complete an initial triage exercise, which is paramount in conducting an effective investigation during incident response. The toolkit is kept updated, supported by our team, and compliant with standards including ISO 27035-1, 27035-2, 27037, and 27043 thus ensuring that information collected with the FRFT is admissible in court, should it be required.

View the FRFT Infographic

 

Drive Security Maturity With An “IT Road Code” For Your Organisation >

 

Contact Us Today

Fill in the form below or call us on +64 9 570 2233