Should Cybersecurity Have a Voice in Vendor Procurement?

Business leaders now realize that their data is being exposed to risk by their vendors, and that monitoring and remediating these threats is a necessary part of an effective cybersecurity program.

However, even companies with strong vendor risk management programs have an arbitrary barrier between procurement and security.

The job of choosing a vendor belongs to one team, and the job of assessing whether that vendor is exposing the organization to cyber risk belongs to another. In some cases, a vendor’s cybersecurity is not even a consideration during the procurement process.

Article Link: