Skip to page navigation menu Skip entire header
Brown University
Brown Digital Repository
Skip 13 subheader links
  1. Top
  2. ...
  3. Master of Science in Cyb…
  4. bdr:858574

Cybersecurity Strategies and Policies in Managing 3rd Party Vendor Risks: A case for a quantitative Cybersecurity Scoring and Continuous Monitoring in the Financial Services industry

Full Metadata

Overview

Year:
2019
Contributor:
Tanieu, Severin (Creator)
Palazzi, Bernado (Advisor)
Brown University. School of Professional Studies. Department of Computer Science (Sponsor)
Subject:
Computer security
Cyber security frameworks
Security risk vector
SSAE 16
SOC 2
ISO 27001/2
NIST Cybersecurity framework
Vendor assessment
Security rating
Vendor lifecycle
CyberScore
23 NYCYRR500
OCC
FFIEC
General Data Protection Regulation (GDPR)
Extent:
18 p.
DOI
https://doi.org/10.26300/sypv-n617

Files

Description

Abstract:
The questionnaire-based assessments of vendors’ cybersecurity posture have proven to be inefficient and ineffective. This single-point-in-time assessment does not capture fully and continuously the cybersecurity risks of vendors. This paper makes the case for a quantitative Cybersecurity Scoring and Continuous Monitoring of 3rd party vendors’ technology infrastructure in the Financial Services industry. To achieve this goal, financial institutions must leverage not only the newly created alliances within their industry but also thoroughly research the methods and techniques being deployed by the early cybersecurity scoring solutions on the market today. The particularity of the proposed scoring model in this report will be to capture and map the financial regulations into its build, which none of the early adopters in the cybersecurity scoring solutions is currently offering.
Notes:
Capstone (EMCS)--Brown University, 2019

Content

Access Conditions

Rights
In Copyright
Restrictions on Use
All rights reserved. Collection is open for research.

Citation

Tanieu, Severin, "Cybersecurity Strategies and Policies in Managing 3rd Party Vendor Risks: A case for a quantitative Cybersecurity Scoring and Continuous Monitoring in the Financial Services industry" (2019). Master of Science in Cybersecurity. Brown Digital Repository. Brown University Library. https://doi.org/10.26300/sypv-n617

Relations

Collection:

  • Master of Science … Thumbnail

    Master of Science in Cybersecurity

    Brown's Master of Science (ScM) in Cybersecurity is a program for professionals designed to cultivate high-demand, industry executives with the unique and critical ability to devise and execute integrated, comprehensive cybersecurity strategies. Students gain immediately applicable knowledge and, through an …
    ...