It’s plain and simple: A glut of regulations are forcing IT security professionals, vendor managers, and risk managers to work more directly with third parties to close the loop on security risks. At the same time, the methods for proving compliance are expensive, time consuming, and ineffective at remediating security issues. The irony speaks volumes about the gaps between the law, legal guidelines and standards, and reality of information security risk.
