The Three Ps of Contracting: Policies, Prevention and Promises
The 2020 Solar Winds and 2021 HAFNIUM attacks on Microsoft Exchange compromised hundreds of companies, yet most didn’t learn the lesson of vendor risk. What’s worse, these attacks weren’t the first, and certainly won’t be the last. This new generation of infrastructure attacks only signals more friction and mistrust between vendors and clients. Join Mark Sangster, cybersecurity author and expert as he uses these events to unpack a framework by which vendors and clients can work together to secure their supply chain.
• Baking risk management into contracts before their signed
• Understanding how to navigate co-managed risk mitigation through contract stipulations
• Defining minimum security standards to proactively mitigate exploits