Assessing vendors is a tricky process. Large and regulated organizations are forced to demonstrate due diligence in vendor assessment, but often do not know how to do this. This results in a great deal of busywork being required by both the vendors and the organizations. Smaller organizations don’t know what to look for and, as a result, often wind up selecting based on price instead of value. This results in service failures and vendors that just milk their customers for as long as they can.
Josh More, author of “Assessing Vendors: A Hands-On Guide to Assessing Infosec and IT Vendors,” will show you how to walk the line between under- and over-assessing, so decisions can be made on sufficient data without wasting time, digging too deeply, or making decisions too quickly.
About Josh More
Josh has over fifteen years of experience in IT and information security. Josh’s runs Eyra Security, a security consulting firm with a twist. Having previously filled roles as an application developer, system administrator and network engineer, he has built Eyra to tear down silos of knowledge and help organizations improve iteratively. He holds several security and technical certifications and has served in leadership positions on several security-focused groups. He has written several books on security and blogs at www.starmind.org and www.eyrasecurity.com.