‹ All episodes

The CyberCast

CIS Control 15 - Service Provider Management

January 22, 2023 Andrew Morgan
The CyberCast
CIS Control 15 - Service Provider Management
Info
The CyberCast
CIS Control 15 - Service Provider Management
Jan 22, 2023
Andrew Morgan

LastPass and the recent Rackspace Exchange incident are two prime examples of "why" this Control is Critical!!

Develop a process to evaluate service providers who hold sensitive data, or are responsible for critical IT platforms or processes, to ensure these providers are protecting those platforms and data appropriately.

Identify your business needs and create a set of standards that can be used to grade services providers that are being proposed. 

Organize and monitor all services providers that are associated with your business. Keeping an inventory of all services providers will enable you to monitor them in case they update their policies. 

Co-hosts:
Ryan Weeks: https://www.linkedin.com/in/ryanweeks/
Phyllis Lee: https://www.linkedin.com/in/phyllis-lee-21b58a1a4/
Wes Spencer: https://www.linkedin.com/in/wesspencer/

Share
Apple Podcasts Spotify Amazon Music Overcast Stitcher Castro +
Show Notes

LastPass and the recent Rackspace Exchange incident are two prime examples of "why" this Control is Critical!!

Develop a process to evaluate service providers who hold sensitive data, or are responsible for critical IT platforms or processes, to ensure these providers are protecting those platforms and data appropriately.

Identify your business needs and create a set of standards that can be used to grade services providers that are being proposed. 

Organize and monitor all services providers that are associated with your business. Keeping an inventory of all services providers will enable you to monitor them in case they update their policies. 

Co-hosts:
Ryan Weeks: https://www.linkedin.com/in/ryanweeks/
Phyllis Lee: https://www.linkedin.com/in/phyllis-lee-21b58a1a4/
Wes Spencer: https://www.linkedin.com/in/wesspencer/