Gregory C. Rasner Bücher

Strengthen the weakest links in your cybersecurity chain. Organizations worldwide have faced a relentless wave of breaches targeting trusted vendors, with no company immune to third-party incidents, regardless of size. Advanced threats now exploit vulnerabilities at the intersection of cybersecurity and third-party risk management. In this insightful guide, veteran cybersecurity expert Gregory Rasner outlines strategies to secure your organization's network against third-party vulnerabilities. Readers will learn to move beyond basic checklists to establish a dynamic, effective, and ongoing system for mitigating third-party cybersecurity risks. The author emphasizes the importance of conducting thorough due diligence on third parties linked to your networks and maintaining current, reliable information about them. Key insights include identifying critical language in third-party data contracts, whether offshoring or outsourcing data security arrangements. This resource is ideal for professionals and executives tasked with safeguarding their organizations against external threats. It equips business leaders to understand third-party risk management fundamentals, conduct robust intake and ongoing due diligence, perform on-site assessments, secure software supply chains, and continuously monitor vendors to prevent breaches.

Dramatically lower the cyber risk posed by third-party software and vendors in your organization In Zero Trust and Third-Party Risk, veteran cybersecurity leader Gregory Rasner delivers an accessible and authoritative walkthrough of the fundamentals and finer points of the zero trust philosophy and its application to the mitigation of third-party cyber risk. In this book, you’ll explore how to build a zero trust program and nurture it to maturity. You will also learn how and why zero trust is so effective in reducing third-party cybersecurity risk. The author uses the story of a fictional organization—KC Enterprises—to illustrate the real-world application of zero trust principles. He takes you through a full zero trust implementation cycle, from initial breach to cybersecurity program maintenance and upkeep. You’ll also find: Explanations of the processes, controls, and programs that make up the zero trust doctrine Descriptions of the five pillars of implementing zero trust with third-party vendors Numerous examples, use-cases, and stories that highlight the real-world utility of zero trust An essential resource for board members, executives, managers, and other business leaders, Zero Trust and Third-Party Risk will also earn a place on the bookshelves of technical and cybersecurity practitioners, as well as compliance professionals seeking effective strategies to dramatically lower cyber risk.