Cybersecurity—a word we hear all the time, but do you really know what it means?
The Tea on Cybersecurity breaks it down without the confusing jargon. We spill the truth about security and compliance in a way that is easy to understand and actually useful.
Perfect for SaaS startups and small to medium sized businesses starting their journey in cybersecurity and compliance. We've learned to keep it short -15-30 minutes per episode - so you get the facts and none of the fluff.
Cybersecurity—a word we hear all the time, but do you really know what it means?
The Tea on Cybersecurity breaks it down without the confusing jargon. We spill the truth about security and compliance in a way that is easy to understand and actually useful.
Perfect for SaaS startups and small to medium sized businesses starting their journey in cybersecurity and compliance. We've learned to keep it short -15-30 minutes per episode - so you get the facts and none of the fluff.
"Every business today runs on technology. Every business is a technology business. Right? Even a taco cart uses a little payment thing that you swipe your card in to do that." - Michael Magyar
Michael Magyar, a seasoned cybersecurity expert with a decade of experience, joins host Jara Rowe on this episode of The Tea on Cybersecurity to give us the tea on third-party risks. As a penetration tester and a virtual Chief Information Security Officer (vCISO) with Trava, Michael brings unparalleled insight into the challenges and solutions surrounding vendor security.
Michael and Jara discuss the complex subject of third-party risks and why every business, big or small, needs to be cautious about their vendors' security practices. From identifying potential risks to evaluating security measures, Michael offers essential steps businesses should take if a vendor experiences a security incident, stressing the importance of containment, breach notification, and calling in the right experts for help.
Key Takeaways:
Timestamps:
[00:00 - 01:24] Introducing Identifying Third-Party Vendor Risks with Michael Magyar, Trava
[01:25 - 02:36] Expanding understanding of vendors and third parties
[03:59 - 05:25] Real-world examples of third-party risks - SolarWinds in 2020 and XZ Utils in 2024
[02:36 - 03:59] How to identify risks associated with vendors and third parties
[05:25 - 07:53] Red flags to look out for, plus Microsoft breach
[07:54 - 09:16] Penetration testing and third-party security
[09:16 - 11:19] Other ways that businesses can help evaluate the security practices of a third-party
[11:19 - 12:54] Key cybersecurity measures to look for when working with a vendor
[12:54 - 13:40] Why it's essential for businesses to regularly check in on their external partners' cybersecurity efforts
[13:41 - 15:42] Cybersecurity steps my company needs to take when signing on with a new vendor
[16:41 - 20:02] Jara's Receipts
Connect with the Guest:
Connect with the host:
Connect with Trava:
Website www.travasecurity.com
Blog www.travasecurity.com/blog
LinkedIn @travasecurity
YouTube @travasecurity