uCertify

Cybersecurity Third-Party Risk Management

Learn to identify, assess, and mitigate cybersecurity risks posed by third-party vendors and suppliers.

(CYBERSEC-TP-RISK.AE1) / ISBN : 978-1-64459-367-7

This course includes

Interactive Lessons

Gamified TestPrep

Hands-On Labs

AI Tutor (Add-on)

105 Reviews

Get A Free Trial

This course includes:

Free pre-assessment and first 2 lessons

17+ Interactive Lessons | 184+ Exercises

Accessible on mobile and tablet too

Certificate of completion

$279.99

Buy Now

Are you an instructor?

Access detailed information about the course content, learning objectives, activities, and assessments before adding it to your curriculum.

About This Course

Our third-party cyber risk course focuses on the growing threat of cyberattacks and supply chain vulnerabilities. Learn to identify and mitigate cybersecurity threats, conduct thorough due diligence on third-party vendors, and establish effective risk management strategies. Explore topics such as supply chain attacks, cloud security, data privacy, and compliance regulations.

Skills You’ll Get

Identify and assess potential cybersecurity risks posed by third-party vendors and suppliers
Conduct thorough due diligence on third-party vendors to evaluate their security practices and compliance with industry standards
Use supply chain security best practices to prevent attacks and data breaches
Take actions to ensure compliance with the relevant cybersecurity regulations and standards (e.g. GDPR, HIPAA, PCI DSS)
Implement strategies based on cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001
Maintain a proactive cybersecurity posture and continuously improve risk management processes

Interactive Lessons

17+ Interactive Lessons | 184+ Exercises | 131+ Quizzes | 136+ Flashcards | 136+ Glossary of terms

Gamified TestPrep

60+ Pre Assessment Questions | 60+ Post Assessment Questions |

Hands-On Labs

17+ LiveLab | 17+ Video tutorials | 48+ Minutes

Download Course Outline

1

Introduction

Who Will Benefit Most from This Course?

2

What Is the Risk?

The SolarWinds Supply‐Chain Attack
The VGCA Supply‐Chain Attack
The Zyxel Backdoor Attack
Other Supply‐Chain Attacks
Problem Scope
Compliance Does Not Equal Security
Third‐Party Breach Examples
Conclusion

3

Cybersecurity Basics

Cybersecurity Basics for Third-Party Risk
Cybersecurity Frameworks
Due Care and Due Diligence
Cybercrime and Cybersecurity
Conclusion

4

What the COVID‐19 Pandemic Did to Cybersecurity and Third‐Party Risk

The Pandemic Shutdown
SolarWinds Attack Update
Conclusion

5

Third‐Party Risk Management

Third‐Party Risk Management Frameworks
The Cybersecurity and Third‐Party Risk Program Management
The Kristina Conglomerate (KC) Enterprises
Conclusion

6

Onboarding Due Diligence

Intake
Cybersecurity Third‐Party Intake
Conclusion

7

Ongoing Due Diligence

Low‐Risk Vendor Ongoing Due Diligence
Moderate‐Risk Vendor Ongoing Due Diligence
High‐Risk Vendor Ongoing Due Diligence
“Too Big to Care”
A Note on Phishing
Intake and Ongoing Cybersecurity Personnel
Ransomware: A History and Future
Conclusion

8

On‐site Due Diligence

On‐site Security Assessment
On‐site Due Diligence and the Intake Process
Conclusion

9

Continuous Monitoring

What Is Continuous Monitoring?
Enhanced Continuous Monitoring
Third‐Party Breaches and the Incident Process
Conclusion

10

Offboarding

Access to Systems, Data, and Facilities
Conclusion

11

Securing the Cloud

Why Is the Cloud So Risky?
Conclusion

12

Cybersecurity and Legal Protections

Legal Terms and Protections
Cybersecurity Terms and Conditions
Conclusion

13

Software Due Diligence

The Secure Software Development Lifecycle
On‐Premises Software
Cloud Software
Open Web Application Security Project Explained
Open Source Software
Mobile Software
Conclusion

14

Network Due Diligence

Third‐Party Connections
Zero Trust for Third Parties
Conclusion

15

Offshore Third‐Party Cybersecurity Risk

Onboarding Offshore Vendors
Country Risk
KC's Country Risk
Conclusion

16

Transform to Predictive

The Data
Level Set
A Mature to Predictive Approach
The Predictive Approach at KC Enterprises
Conclusion

17

Conclusion

1

Cybersecurity Basics

Simulating the DoS Attack
Performing a Phishing Attack
Performing Local Privilege Escalation

2

What the COVID‐19 Pandemic Did to Cybersecurity and Third‐Party Risk

Establishing a VPN Connection

3

Ongoing Due Diligence

Getting the TCP Settings and Information about the TCP Port
Detecting a Phishing Site Using Netcraft

4

Continuous Monitoring

Analyzing Malware

5

Offboarding

Supplying Power to a SATA Drive

6

Securing the Cloud

Creating an Elastic Load Balancer
Working with Amazon S3

7

Software Due Diligence

Attacking a Website Using XSS Injection
Fuzzing Using OWASP ZAP
Setting Up a Basic Web Server

8

Network Due Diligence

Studying CVSS Exercises with the CVSS Calculator
Setting up a DMZ
Enabling the TPM

9

Offshore Third‐Party Cybersecurity Risk

Using the Windows Firewall

Any questions?
Check out the FAQs

We’ve compiled a list of FAQs to help you find the answers you need.

Contact Us Now

Risk in cybersecurity refers to the likelihood of a security breach or data loss that will adversely impact an organization’s operations, reputation, or financial stability.

Individuals in various roles can benefit from this course, including:

IT professionals
Security analysts
Risk managers
Compliance officers
Business leaders

The duration of the third-party risk management training course depends on your prior knowledge and experience. However, you can complete it within 3-6 months.

Third-party risk discusses all potential risks associated with external entities, including vendors, suppliers, contractors, and business partners.
Vendor risk management is a specific subset of third-party risk management that focuses on assessing and mitigating risks related to vendors.

Organizations of all sizes and industries can benefit from third-party risk management. But it is especially important for:

Large enterprises with complex supply chains
Organizations in highly regulated industries industries
Companies that rely heavily on third-party vendors

Common types of third-party risk include:

Operational risk
Financial risk
Reputational risk
Legal risk

Yes, you can pursue third-party risk management certifications such as:

Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Risk Manager (CRM)

Learn to Mitigate Supply Chain Cyber Risks

Prepare yourself for the evolving threat landscape by learning to manage cybersecurity and third-party risks.

$ 429.53

Buy Now

Related Courses

All Course

CCNA 200-301 Pearson uCertify Network Simulator

ISBN: 978-1-61691-837-8
Cisco 200-301-SIMULATOR.AB1

Try Buy Now

Accounting All-in-One

ISBN: 978-1-64459-449-0
uCertify ACCOUNTS.AE1

Try Buy Now

ACCUPLACER For Beginners

ISBN: 978-1-64459-573-2
uCertify ACCUPLACER.AE1

Try Buy Now

ACT Prep 2024

ISBN: 978-1-64459-488-9
uCertify ACT-PREP.AE1

Try Buy Now

Artificial Intelligence on Amazon Web Services

ISBN: 978-1-64459-215-1
uCertify AI-AWS.AJ1

Try Buy Now

Artificial Intelligence and Big Data

ISBN: 978-1-64459-144-4
uCertify AI-bigdata

Try Buy Now

Artificial Intelligence for Business

ISBN: 978-1-64459-300-4
uCertify AI-BUS.AP1

Try Buy Now

This course includes:

Free pre-assessment and first 2 lessons

17+ Interactive Lessons | 184+ Exercises

Accessible on mobile and tablet too

Certificate of completion

$ 429.53

Buy Now

Are you an instructor?

Access detailed information about the course content, learning objectives, activities, and assessments before adding it to your curriculum.

Cybersecurity Third-Party Risk Management