How to build strong vendor relationships without neglecting supply chain security

Supplier and vendor risk management has become a regular boardroom discussion point over the last 12 months following a string of high-profile supply chain attacks. An important element of the supply chain is software vendors, so IT teams have been looking to refine and improve their approach to mitigating risk in this area. We all want to have fruitful relationships with our software vendors, but how do we maintain these partnerships whilst doing our due diligence to ensure they aren’t exposing your organization to an unreasonable level of vulnerability? 

In this piece, I’ll explain how to achieve a middle ground between harshly vilifying a vendor due to supply chain security, versus the potential problems that could arise from not scrutinizing them enough. I believe there are several ways security teams can build trusted, collaborative relationships with vendors which will benefit both partners in the long term. Here’s how:

Stop ignoring data 

Source link