|Event Date||Thu Nov 8 EST - Fri Nov 9 EST (about 3 years ago)|
Courtyard by Marriott Chicago Downtown/River North
30 E Hubbard St, Chicago, IL 60611, USA
When organizations outsource critical functions like technology and security solutions, the question on everyone’s mind is: When does our liability for a data breach end, and my vendor’s begin? The answer is not really simple. In most industries, you can contract away a responsibility or task, but not the liability related to compromised data. If your organization was breached today, whose name is going to be in the news? Who are your customers going to call? Who is going to get fined and possibly sued as a result of the breach? The list of questions goes on. At the end of the day, your organization will suffer the negative publicity, the reputation damage, and financial loss of the attack, even if your vendor actually caused your incident. Then there is the other side of the equation – how do you know that your vendor can truly support your organization, perform the tasks you’ve contracted them for, or cover your losses if the breach is their fault?
Vendor risk management and due diligence is something every organization should perform carefully, and there are a number of unique issues when considering the inherent risks associated with outsourced services.
The benefits of outsourcing are attractive for many reasons, but you need to ask yourself: Can you stake your organization’s well-being and financial stability on a vendor? If you answered no, then join us to discover:
• Weighing vendor risk and classifying critical / high risk vendors
• Imperative questions you need to ask your vendors
• Documentation to gather when outsourcing your technology and/or security solutions
• The troubles of relying too heavily on cyber insurance
• The unique ongoing due diligence needs of outsourced technology and/or security solutions
• Critical contract provisions
Rayleen M Pirnie,
CEO, RP Payments Risk Consulting Services LLC
Karen L Garrett,
Partner, Stinson Leonard Street LLP