Filter By:



Recent Blogs & Podcasts

Insights Portal

\ Vendor Management 

March 21, 2018 | Incident Response Planning
By Kevin Beaver, IANS Faculty

 Lay the Groundwork for IR in the Cloud

Incident response is never easy, but responding quickly and effectively to an incident when key evidence is housed and managed by a cloud vendor can be even more difficult. In this report, IANS Faculty Kevin Beaver steps you through the process of putting the right pieces in place to ensure your cloud incident response is effective and efficient.

Read More »

March 20, 2018 | Managed Security Services
By Dave Shackleford, IANS Faculty

 Consider the Top MSSPs for Your SOC

How can you be sure the MSSP you choose for your SOC will be the right fit for your business and security needs? In this Ask-an-Expert written response, IANS Faculty Dave Shackleford details the main decision factors and lists the top MSSPs to consider, along with their strengths and weaknesses.

Read More »

February 5, 2018 | Vendor and Partner Management
By Aaron Turner, IANS Faculty

 Understand and Manage Offshore Contractor Risk

Using offshore contractors in countries like India presents a host of risks, beyond those faced when working with U.S.-based third parties. In this Ask-an-Expert written response, IANS Faculty Aaron Turner urges companies to focus on both geopolitical and human risk factors when choosing an overseas partner.

Read More »

January 17, 2018 | Recruiting, Hiring and Retention
By Josh More, IANS Faculty

 Perform Effective Background Checks at Scale

Screening potential U.S.-based employees is difficult enough, but scaling background checks across vendors and international employees is even more daunting. In this Ask-an-Expert written response, IANS Faculty Josh More details the various types of background checks available and common pitfalls to avoid when leveraging them. He also provides tips for expanding the program to encompass vendor employees and international workers, and a roadmap for automating the process over time.   

Read More »

December 18, 2017 | Vendor and Partner Management

 Vendor Selection Templates

Assessing, qualifying, classifying and managing vendors can be a daunting challenge, but it's critical to an organization's information security strategy. The Vendor Selection Templates offer tips and tricks for assessing a vendor's security posture and ensuring they will be a secure, trustworthy partner. 

Read More »

December 6, 2017 | Security Policies and Strategy

 M&A Security Checklist

The M&A Security Checklist is designed to be a guide to help information security professionals understand the M&A process end-to-end, identify the best places to inject security into the process and determine to-do list items that must be addressed within the deal lifecycle. 

Read More »

October 30, 2017 | Architecture, Configuration and Segmentation

 Internal Network Monitoring Solution Request-for-Proposal (RFP) Template

When creating a request for proposal (RFP) of any kind, the purpose is to ensure prospective vendors can check all of the necessary boxes. This document provides a comprehensive RFP template specifically designed for organizations seeking an internal network monitoring solution.

Read More »

October 6, 2017 | Vendor and Partner Management

 Russian Hackers’ Breach of NSA via Kaspersky Software

In 2015, Russian-government backed hackers stole classified National Security Agency (NSA) data on U.S. cyber-offensive capabilities, according to a Wall Street Journal report on Tuesday, October 5th. The stolen information included details on how the U.S. defends against cyberattacks and the techniques it uses to penetrate foreign networks.

Read More »

October 2, 2017 | Vendor and Partner Management
By Rich Guida, IANS Faculty

 Weigh the Risk/Benefit of Partnering with Startups

Vetting third-parties that are new, small and innovative is very different from assessing established vendors. In this Ask-an-Expert written response, IANS Faculty Rich Guida explains how to weigh a startup's overall benefits against its security risks, and offers tips for getting the business to mitigate or accept them.

Read More »