cloudsecurity - [cloudsecurity] Update on vendor management/third party risk management work
Subject: NET+ Areas of Interest
List archive
- From: Nick Lewis <>
- To: "" <>
- Subject: [cloudsecurity] Update on vendor management/third party risk management work
- Date: Fri, 17 Nov 2023 18:13:24 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internet2.edu; dmarc=pass action=none header.from=internet2.edu; dkim=pass header.d=internet2.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oCo0lqO8befbmQDrt/cxJ37tUNuqpwEl78TL2GOT/6A=; b=QCGoYsOKD6KsAC33PsVwouE6vFgrY6iibuU9YtLcq9RV4oh5j/drzYqvDLY/iLMfltrjP3ifia0PY9xe40UPz5uj17dnoOdqwFvSIk00Xwr3DwltYOGMXmShjtBWFdvC3XDmwyDVjLY3tIyZ9b+lpdo8Gb8bmLPKgZr1oZX8mdru/hjC0zx/uvasn+Xew++1TVbuznmmpaJnT4b+6owJEc237NdNB+jj7X/aR8HkF4VhFn0IUTNpOZSAv4WO+DdED6LI9zEAwKSqE5OqjDL3EdO4nqqSDx/ygWP2AmODuSsNM8PdZHcpXCqt7K8WP50qPY4o+x3cIpt5VA0tKZJNKw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W5yAtTFqQBlbfsZBa48jjWyjI5z7s8X5wSrFgx9ME+CIypXsCg0RApmqV9MC5J5F6tBJ2k8NvbBX/Ur2H55V3iQst/cB6/PRGu7VKlxuTGLMRs52S+eFUEI1IusNaMtySPhTPexvAXFcawswWniXEA0og/lC60XGO9ssuHfMviwkXZgItIHXBDuyEWSPEhQdJZla7rXtAOtBE2EeMEE9h1Ocr5UWfcYDp0guB1yA7OtKwzoWT8YKn0NEPbjCjjHhpKdJmKosBBsFSn0hvxgoTctPGKUB4KCjH8JmThijkTTeMQtT5F9aRwrDsbOQiMg50UWFeK1bJeM3+O17y2qDNA==
Hi everyone,
I hope everyone's semester is winding down and you're getting ready for a
good holidays! We're ready to start working on next steps in the NET+ program
to coordinate the community on this. Feel free to forward this onto anyone on
your campus or the community you think might be interested.
We plan to convene a working group a few times before the end of the year
starting on November 27 at 2 p.m. ET/11 a.m. PT for you to share how you are
currently managing vendors or third parties, develop common use cases, and
identify community requirements for a RFI/P for third-party risk management
service. I know this is a bad time of year to start something new, but
hopefully this time will work for many of you to give direction on where we
should go with this.
More details can be found at a blog we just posted:
https://internet2.edu/engaging-with-the-re-cloud-community-to-minimize-vendor-risk/
If you're interested in being involved in this, register for the call in Zoom
to get the call-in details and invite:
https://internet2.zoom.us/meeting/register/tZAocOiorD4sGdBXgsNC5B8POKJBQ5E2LLY6
I've also setup an email list to use for discussion after the kickoff call:
https://lists.internet2.edu/sympa/info/netplus-tprm
If the time doesn't work for you, please reach out to me directly so we can
setup a call to get your input.
If you're looking for an overview of some of the tools in this space,
EDUCAUSE just held a Demo Day on Vendor Risk Management Tools that a couple
vendors gave an overview of some tools that might be helpful to stimulating
discussion:
https://events.educause.edu/webinar/demo-day/2023/vendor-risk-management-tools
Please let me know if you have any questions or feedback.
Thanks,
Nick
Nick Lewis, MS, MA, CISSP, CCSK, CCSP, CTPRP – he/him – US Eastern Time zone
Program Manager, NET+ Cloud Services - Security and Identity, Internet2
- [cloudsecurity] Update on vendor management/third party risk management work, Nick Lewis, 11/17/2023
Archive powered by MHonArc 2.6.24.