Vendor Due Diligence: The Cybersecurity Perspective

Why Should You Attend:

In 2015, AT&T was ordered to pay a $25million fine to settle three consumer privacy violations due to breach of confidential information. The breaches of consumer private information occurred at out-sourced call centers. Target paid fines not only to regulators for violations of consumer privacy laws, but also to card brands, in response to lawsuits from financial institutions, and to settle consumer class-action lawsuits.

The list of such entities goes on and on. It’s not surprising that over half of organizations that are breached go out of business within 6 months following the event because of the financial devastation.

The benefits of outsourcing are attractive for many reasons, but you need to ask yourself: can you stake your company’s well-being and financial stability on a vendor’s security? This webinar will analyze this question from various perspectives and will offer attendees an understanding of the unique ongoing due diligence needs of outsourced vendors with respect to security.

Areas Covered in the Webinar:

• Which of your vendors present the biggest risk
• Imperative questions you need to ask your vendors
• Documentation of security standing to gather when outsourcing your technology and/or security solutions
• The unique ongoing due diligence needs of outsourced vendors with respect to security
• Critical contract provisions

Who Will Benefit:

• Internal Auditors
• Regulators
• Legal Departments
• Compliance Officers
• Purchasing Managers
• QC Managers
• QA Managers
• Quality and Sales Department Staff
• Compliance Consultants
• Senior Management

Rayleen M Pirnie
CEO, RP Payments Risk Consulting Services LLC

Rayleen M. Pirnie, AAP, is CEO and founder, RP Payments Risk Consulting Services, LLC, based in Missouri. She is a nationally recognized payments risk and fraud expert. Her programs educate financial institutions and businesses on topics ranging from payments fraud to information security. She is the author of several payments risk and fraud blogs geared toward helping organizations recognize threats and protect themselves from loss.

With her avid interest in risk management, she has supported many notable organizations over the years. She is a member of the International Association of Financial Crimes Investigators, supporting their training programs since 1998. She sat on NACHA’s Risk Management Advisory group for two terms, and assisted with FSISAC’s first CAPP exercise.

For 16 years, Ms. Pirnie has spoken at national and regional conferences. Recent events include NACHA’s Payments Conference, the American Bankers Association Risk Management Forum, The Security Matters Annual Conference at Murray State University, the Risk Management Association, and the Federal Reserve Bank of Kansas City Risk Management Conference. She holds a Bachelor’s of Science in Criminal Justice Administration and is an Accredited ACH Professional (AAP).

Topic Background:

When companies outsource technology and security solutions, the question on everyone’s mind is: When does our liability for a cyber-attack end, and my vendor’s begin? The answer is not really simple. In most industries, you can contract away a responsibility or task, but not the liability of an attack or compliance expectations. If your business was breached today, whose name is going to be in the news? Who are your customers going to call? Who is going to get fined and possibly sued? The list of questions goes on. At the end of the day, your organization will suffer the negative publicity, the reputation damage, and financial loss of the attack.

Follow us :