icon-carat-right menu search cmu-wordmark

How I Learned to Stop Worrying and Love SLAs

Webcast
In this webcast, Matt Butkovic and Alan Levine discuss how cybersecurity SLAs are vital to the success of third-party relationships and a core component of sound governance.
Publisher

Software Engineering Institute

Watch

Abstract

Managing third-party relationships, such as pubic cloud service providers, requires a set of skills often unfamiliar to many technologists. These relationships are constructed on a foundation of verifiable trust. This requires managing the cybersecurity performance of third parties via contractual mechanisms rather than the traditional line-of-sight practices used internal to an organization. Chief among these mechanisms are service-level agreements (SLAs). Cybersecurity SLAs are vital to the success of third-party relationships and a core component of sound governance.

What attendees will learn:

• How to design and implement meaningful SLAs

• How best to use SLAs to drive third-party cybersecurity performance

• The limits of SLAs as a third-party risk management tool

About the Speaker

Headshot of Matt Butkovic

Matthew J. Butkovic

Matthew Butkovic is the Technical Director of the Cyber Risk and Resilience Assurance Directorate in the CERT Division of the Carnegie Mellon University Software Engineering Institute (CMU SEI).

Matt performs critical infrastructure protection research and develops methods, tools, and techniques for evaluating capabilities and managing risk. This includes addressing the …

Read more