Attackers in numerous high profile (and not so high profile) data breaches and other security incidents often compromise and use third-party vendors to attack their real intended targets: organizations just like yours. Realistically, modern business requires working with third-party vendors. As attackers increasingly leverage those vendors to strike at the organizations they work with, it’s essential to take reasonable steps to recognize and mitigate the potential risks involved.
Attorney & security consultant Scott Aurnou will discuss the nature of third-party risk, typical threats that your firm may encounter, fundamental steps to develop an effective third-party risk management program, and the essential part that attorneys play in mitigating third-party risk.
Scott Aurnou, Esq., CISSP is an attorney and founder of The Security Advocate, which helps organizations with information security and data privacy issues. This includes privacy and security awareness training, security consulting, compliance with cyber security and privacy laws and related legal concerns.
Scott spent over a decade as a litigation attorney in the NYC area, and served as lead counsel for a private client services group at Smith Barney. He uses his legal, security, and business background to make complex information security concepts easy to understand (and even entertaining on occasion) for non-technical audiences. He has published security related articles in national publications ranging from the New York Law Journal to SC Magazine. In addition, he has created and delivered numerous presentations on information security and data privacy issues for executives, managers, and professionals.
Scott is a Certified Information Systems Security Professional (CISSP), Certified Information Privacy Technologist (CIPT), Certified Information Privacy Professional (CIPP/US) and a Fellow of Information Privacy (FIP). He is admitted to practice law in New York, Colorado, the U.S. District Courts for the Eastern and Southern Districts of New York; as well as the U.S. Court of Appeals for the Second Circuit. He is also the author of the Introduction to Information Security LiveLessons video training series for Pearson Publishing.
Scott is absolutely amazing. I am also a JD+CISSP and I have taken all of his Lawline courses for many years now. This particular course is uncanny. What he is describing in this course almost exactly describes what do at my job, with incredibly specific (sometimes eerily so) detail. If society is ever able to once again allow individuals ever to meet people in person and shake hands, then I would like to shake his hand and say, "Thanks you!"
This course was right in line with what I needed. I liked that the presenter covered a lot of information and provided useful links.
Excellent resource for relevant 3d party library
closed captioning was very helpful, it should be available on all courses
Professional and informative.
practical useful information.