TLDR; * Vendor Security Questionnaires are not enough because they are out of date a month after its filled. Continuous assessment is more important than one time vendor security questionnaire. * Prioritization of Vendors and their security is key to not get overwhelmed with massive number of vendors. it can be driven
December 13, 2023
TLDR; * From a culture perspective, create an environment where your Team feels comfortable in taking Risks. Without Risk Taking, there’s no Innovation. * When it comes to Security, show the ROI to the Leadership and do not forget to recognize effort and celebrate small wins. * Assign Tiers to vendors based
November 29, 2023
TLDR; * To Show Value of IAM improvements to Leadership, map them to outcomes like Cost Improvement from Audit/SOX perspective, Developer Productivity Gains via Provisioning improvements and MTTD & MTTR from Incident Response perspective. * To keep Cloud Security complexity to minimum, bring all your data sources (like SIEM, SOAR, IDS/
November 16, 2023