Do you know your vendor dependencies?
Elizabeth Zalman is the Co-founder & CEO of strongDM, the definitive data security product. Previously she was Co-Founder and CEO of the cross-device profile company Media Armor. After its acquisition, she served as VP of Analytics at the acquirer, Nomi. Prior to Media Armor, she led the client analytics and media optimization team at Dotomi (now Conversant), generating an annual $500M in incremental revenue for 50 of the IR Top 100. With over 15 years' experience leading data-driven organizations, she is an expert in analytics, data privacy, and security.
No video of the event yet, sorry!
You're only as secure as your weakest link. That includes not only your employees, but your vendors and their employees too. Most companies have no idea how many systems and people have access to their data. You can't protect your data if you can't tell who has access to it, nor what they're doing with it. In this talk, I'll share practical examples of breaches I've personally experienced along with advice on how to hold your vendors accountable:
•Ongoing vulnerability scanning (with tools like Threatstack)
•Require annual penetration test and ability to review those tests. Insist that they demonstrate how they remediated any identified security holes
•Insist on compliance certifications (SOC2 or ISO20071)
•Establish notification thresholds less than 24 hours for data breaches
- 20 min
- PostgresConf US 2018
- Regulated Industry Summit