- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-02-24T20:10:00
Securing your organization’s private data when vendors have access to it means managing relationships from beginning to end, panelists at Compliance Week’s virtual Cyber Risk and Data Privacy Summit agreed.
It’s essential to monitor “the entire life cycle of the relationship with the third parties, from onboarding to offboarding, birth to death,” said David Kessler, vice president and associate general counsel, IT and cybersecurity at BAE Systems, during a panel discussion.
McKenzee McCammack, regional compliance manager at American Express Global Business Travel, said vendor management at her company, which holds large amounts of personal customer data from passports to dietary restrictions, means scrutinizing potential vendors about what security measures they have in place.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The “biggest, most capable, and best-positioned” businesses must assume a greater share of mitigating cyber risks, the White House said in announcing the National Cybersecurity Strategy Implementation Plan.
The Cybersecurity and Infrastructure Security Agency announced a pilot program designed to help critical infrastructure entities vulnerable to cyberattacks mitigate a ransomware incident before it occurs.
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
Two chief compliance officers and an attorney discussed preparation for the “when, not if” threat of a data breach during a panel at CW’s Cyber Risk & Data Privacy Summit.
