search menu icon-carat-right cmu-wordmark

Posts by Jean Marie Handy

Insider Threat Supply Chain Best Practices

Insider Threat Supply Chain Best Practices

• Blog
Jean Marie Handy

This blog post outlines best practices for establishing an appropriate level of control to mitigate the risks involved in working with outside entities that support your organization's mission. In today's business landscape, organizations often rely on suppliers such as technology vendors, suppliers of raw materials, shared public infrastructure, and other public services. These outside entities are all examples of the supply chain, which is a type of trusted business partner (TBP). However, these outside entities...

Read More
Cloud Service Agreements (Part 16 of 20: CERT Best Practices to Mitigate Insider Threats Series)

Cloud Service Agreements (Part 16 of 20: CERT Best Practices to Mitigate Insider Threats Series)

• Blog
Jean Marie Handy

The 16th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 16: Define explicit security agreements for any cloud services, especially access restrictions and monitoring capabilities. In this post, I discuss the importance of including provisions for data access control and monitoring in agreements with cloud service providers....

Read More

Contact the Author

Jean Marie Handy