Vulnerability Management Can Work Across Multiple Enterprises
I just released a report for Dark Reading on how to build a multi-enterprise vulnerability management program. If you are dealing with outsourced vendors, or an outsourced supply chain, you should definitely give the article a read.
To summarize the article:
- Get your legal contracts in order. So many firms don’t put what they need from their partners into a contract. How do you expect to get what you need then?
- Establish Communication channels that work for everyone. If you don’t get the right people on the “phone”, nothing will get done – including your security processes
- Find the person with authority at your partner and ensure they are involved, otherwise your efforts will be useless.
I offer many more details and tips within the article but step #1 is so critical that an entire article should be dedicated to just that!
Tagged Business process, enterprise vulnerability, legal contracts, management program, security, security processes, supply chain, Supply chain management, vulnerability, vulnerability management