Explore the complexities of managing third-party risk in modern enterprises through an analogy to ascending Mount Everest in this conference talk from Central Ohio Infosec 2015. Delve into the background of IT security challenges, examining how unmanaged risk can lead to obvious and organization-specific impacts. Learn about common risk areas in third-party relationships and traditional management methods. Discover why resolving these issues can seem overwhelming but is ultimately achievable. Examine tiering criteria for IT security and explore tools like Shared Assessments, NetSkope, and BitSight. Gain insights into the role of third parties in incident response and review a simplified roadmap for addressing these challenges in your organization.