Vendor Management

Ratings' Role in Vendor Risk Management

SecurityScorecard's Sam Kassoumeh on How to Improve Vendor Assessments and Results
Sam Kassoumeh, COO and co-founder, SecurityScorecard

From GDPR to the NIST Cybersecurity Framework, vendor risk management is a key component of every new piece of cybersecurity guidance. Yet, security leaders still struggle to inventory and assess their strategic partners. Sam Kassoumeh of SecurityScorecard explores the challenges.

See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach

In an interview at Information Security Media Group's recent Healthcare Security Summit in New York, Kassoumeh discusses:

  • Why organizations struggle with vendor risk management;
  • How cloud computing only increases the complexity of the challenge;
  • The role vendor ratings and ongoing assessment can play in a vendor risk strategy.

Kassoumeh is the COO and co-founder of SecurityScorecard. Previously, he was head of security and compliance at Gilt and led global security at Federal-Mogul.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its diverse cadre of senior-level editors and reporters. He also helped to develop and lead ISMG's award-winning Summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network