The Cyber Info Exchange Episode 3: Standardization vs. Customization: How to Strike the Right Balance in TPRM

The world of technology and security covers a magnitude of critical topics in all things data privacy, training, policy, and more. With so many topics to cover and so little time between business hours, we’re sitting down to take a deep dive into all things cyber!

This month's podcast talks about the different facets of Standardization and Customization of your Third-Party Cyber Risk Management solution, including touching on ISO frameworks and NIST. 

The Cyber Info Exchange is a podcast hosted by Dave Stapleton, CISO at CyberGRX, and Shane Hasert, Director of Assessment Operations at CyberGRX. Each episode features the dynamic duo covering specific topics, exploring commonly asked questions, and spotlights discussing current events in the industry with guest professionals from all walks of technology and security. 

Resources discussed include:

• Verizon's 2020 Data Breach Investigations Report: enterprise.verizon.com/resources/reports/dbir/

MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Threat Action Varieties talk by Alex Pinto: youtu.be/-NtYYqUGEco


Listen below!