Shared responsibilities
Yes, it is important for our third-parties to have security responsibilities. However, optimum security is collaborative effort where outsourcers also play an essential role with driving and ensuring security measures are place with their third-parties from the onset, continuously monitoring, and revisiting concerns and emerging risks with key third-parties.
Lastly, it is also important to note that certain third-party security controls, for example, MFA, are available to implement and configure - but up to the customers (outsourcers) to implement.
Biting the hand that feeds IT
