Recently many well protected companies such as Target and Home Depot were subject to cyber-security breaches and those intrusions were noted as being attributed to their trusted third party vendors.  Such data breaches clearly demonstrate the significance about how adequate company security is often undermined by the “weakest link” in a company's security network.

The Increasing frequency and magnitude of cyber security breaches brought about by laxity upon the part of an organizations third party vendors is often attributed to:

  • Organizations misunderstanding the full scope of their system boundaries with respect to their service providers and the protections required.
  • Organizations overlooking the threat vector imposed by their vendors’ inattentiveness to the application of good security methods and protocols.


The Solution


Vendor Risk Management


This is accomplished by establishing robust Vendor Risk Management Program and making it a significant part of the organization’s security governance.


Logyx Services

Logyx’s Certified Third Party Risk Professionals (CTPRP) are members of the Shared Assessments  organization, a trusted source in third party risk assurance, which has been setting the standards for vendor risk assessments for the past decade for national and international organizations of all sizes.

You can take advantage of Logyx’s extensive experience in Vendor Risk Assessment and Management in any of the following ways:


      1.  Outsource your Vendor Security Risk Assessment and retain Logyx as your approved partner to conduct vendor risk assessment on your behalf.


           This partnership will benefit your management and Vendor Security Management Team in following ways:


  • To assure that security of your client confidential information is not placed at risk by any limitations within your internal resources and personnel.
  • To assure that your vendor security assessment will not be limited to its’ vendors relying solely upon a simple one-size fits all security questionnaire.
  • To provide your company management and its stake holders, with a high degree of confidence, that your vendors’ information security has been properly reviewed, that deficiencies have been identified and that remediation and corrective efforts have been followed up by an approved and trusted high quality cyber-security service provider consulting firm.


    2.   Retain Logyx to develop and implement a comprehensive Vendor Risk Management Program within your organization which will include the following  oversight components:


  • Program Governance
  • The setting of Policies, Standards and procedures
  • Contract security review
  • Vendor Risk Identification and Analysis
  • The   Skill and Expertise of a team of highly experienced Logyx information security experts
  • The creation of company security tools and metrics for the  measurement and analysis of ongoing company vendor management
  • Continuous and ongoing monitoring and review of company vendor management efficiencies


 
 

Managing Your Outsourced Risk

Vendor Security

An Overlooked Threat Vector