Sign up to save your podcasts
Or
Share Identifying Third-Party Vendor Risks with Michael Magyar, Trava
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Identifying Third-Party Vendor Risks with Michael Magyar, Trava
"Every business today runs on technology. Every business is a technology business. Right? Even a taco cart uses a little payment thing that you swipe your card in to do that." - Michael Magyar
Michael Magyar, a seasoned cybersecurity expert with a decade of experience, joins host Jara Rowe on this episode of The Tea on Cybersecurity to give us the tea on third-party risks. As a penetration tester and a virtual Chief Information Security Officer (vCISO) with Trava, Michael brings unparalleled insight into the challenges and solutions surrounding vendor security.
Michael and Jara discuss the complex subject of third-party risks and why every business, big or small, needs to be cautious about their vendors' security practices. From identifying potential risks to evaluating security measures, Michael offers essential steps businesses should take if a vendor experiences a security incident, stressing the importance of containment, breach notification, and calling in the right experts for help.
Key Takeaways:
- Third-Party risks are everywhere and to understand where these gaps could be, think about a vendor or third-party as “outsourced staff”
- What to look out for when working with any vendor or third - party, namely Public Statements of Security
- How to handle a situation if a vendor or third-party of yours is breached
Timestamps:
[00:00 - 01:24] Introducing Identifying Third-Party Vendor Risks with Michael Magyar, Trava
[01:25 - 02:36] Expanding understanding of vendors and third parties
[03:59 - 05:25] Real-world examples of third-party risks - SolarWinds in 2020 and XZ Utils in 2024
[02:36 - 03:59] How to identify risks associated with vendors and third parties
[05:25 - 07:53] Red flags to look out for, plus Microsoft breach
[07:54 - 09:16] Penetration testing and third-party security
[09:16 - 11:19] Other ways that businesses can help evaluate the security practices of a third-party
[11:19 - 12:54] Key cybersecurity measures to look for when working with a vendor
[12:54 - 13:40] Why it's essential for businesses to regularly check in on their external partners' cybersecurity efforts
[13:41 - 15:42] Cybersecurity steps my company needs to take when signing on with a new vendor
[16:41 - 20:02] Jara's Receipts
Connect with the Guest:
Michael Magyar's LinkedIn
Connect with the host:
Jara Rowe’s LinkedIn
Connect with Trava:
Website www.travasecurity.com
Blog www.travasecurity.com/blog
LinkedIn @travasecurity
YouTube @travasecurity
View all episodes
"Every business today runs on technology. Every business is a technology business. Right? Even a taco cart uses a little payment thing that you swipe your card in to do that." - Michael Magyar
Michael Magyar, a seasoned cybersecurity expert with a decade of experience, joins host Jara Rowe on this episode of The Tea on Cybersecurity to give us the tea on third-party risks. As a penetration tester and a virtual Chief Information Security Officer (vCISO) with Trava, Michael brings unparalleled insight into the challenges and solutions surrounding vendor security.
Michael and Jara discuss the complex subject of third-party risks and why every business, big or small, needs to be cautious about their vendors' security practices. From identifying potential risks to evaluating security measures, Michael offers essential steps businesses should take if a vendor experiences a security incident, stressing the importance of containment, breach notification, and calling in the right experts for help.
Key Takeaways:
- Third-Party risks are everywhere and to understand where these gaps could be, think about a vendor or third-party as “outsourced staff”
- What to look out for when working with any vendor or third - party, namely Public Statements of Security
- How to handle a situation if a vendor or third-party of yours is breached
Timestamps:
[00:00 - 01:24] Introducing Identifying Third-Party Vendor Risks with Michael Magyar, Trava
[01:25 - 02:36] Expanding understanding of vendors and third parties
[03:59 - 05:25] Real-world examples of third-party risks - SolarWinds in 2020 and XZ Utils in 2024
[02:36 - 03:59] How to identify risks associated with vendors and third parties
[05:25 - 07:53] Red flags to look out for, plus Microsoft breach
[07:54 - 09:16] Penetration testing and third-party security
[09:16 - 11:19] Other ways that businesses can help evaluate the security practices of a third-party
[11:19 - 12:54] Key cybersecurity measures to look for when working with a vendor
[12:54 - 13:40] Why it's essential for businesses to regularly check in on their external partners' cybersecurity efforts
[13:41 - 15:42] Cybersecurity steps my company needs to take when signing on with a new vendor
[16:41 - 20:02] Jara's Receipts
Connect with the Guest:
Michael Magyar's LinkedIn
Connect with the host:
Jara Rowe’s LinkedIn
Connect with Trava:
Website www.travasecurity.com
Blog www.travasecurity.com/blog
LinkedIn @travasecurity
YouTube @travasecurity