Webinar: A Deep Dive into TPRM and NIST Framework Integration

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is one of the leading frameworks for private and public sector cybersecurity maintenance and used by organizations of all sizes. The Framework helps to secure information systems and guide key decision points about risk management activities through the various levels of an organization from senior executives, to business and process level, and operations.

NIST has issued special publications focused on improving Third-Party Risk Management (TPRM) and Supply Chain Risk Management (SCRM), however this isn’t a light read. With 5 functions, 23 categories, and 108 subcategories, identifying the NIST CSF security controls applicable to cyber supply chain risk management is a daunting task. On this CPE webinar we will address the specific security controls for third-party information security management and explain how to align risk management processes against these requirements, including how to:

Prioritize and assess third-parties using a cyber supply chain risk assessment process,
Develop processes for continuously monitoring third-party security postures, and determining control effectiveness,
Identify security gaps and conduct response action plans with suppliers and third-party providers,
Track the progress of implementing the NIST framework through a 4-tier maturity scale.

You rely on your third- and fourth-party vendors to do business, but those vendors also pose risk to your enterprise’s sensitive data. RiskRecon gives you accurate, non-invasive visibility into your vendors’ security postures and then ranks vulnerabilities in order of priority so you know which issues to tackle first.

With our third-party cyber risk assessments, you’ll also be provided with custom-fitted risk action plans so you can immediately start engaging with your vendor for remediation. And if a vendor’s cyber risk degrades or an element falls out of policy, you’ll be notified instantly.