Recorded: February 16 | 2023 Watch Now
The cyber threat landscape grows exponentially each year. Third-party cyber data breaches like the Kaseya data breach, a cyberattack that affected over 1,500 organizations, have prompted regulators to raise cybersecurity standards. In the United States, the Biden Administration aims to improve nationwide cybersecurity with an executive order. The 100-day plan aims to modernize federal infrastructure, improve supply chain security, establish a cybersecurity review board and more.
Gaining visibility into the security risks your supply chain or third-party vendors pose to your organization is a necessity among cybersecurity leaders. Next-generation cybersecurity practices will require organizations to align both internal and external cybersecurity risk processes to create a standardized process to facilitate effective third-party cyber risk mitigation. On this webinar as we explore the intersection of third-party risk management and cybersecurity best practices. We’ll review new strategies and outline the steps to mature your program, and you will learn how to:
- Map external third-party risk to internal cybersecurity controls,
- Evaluate control effectiveness internally and externally to track issues over time and stay ahead of future incidents,
- Prioritize third-party risk projects based on control gaps and domain inefficiencies,
- Build a cybersecurity program that protects against internal and external threats.
Moderator
Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.
Panel
Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
Alastair Parr, Senior Vice President, Global Products & Risk at Prevalent. Alastair is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He joined Prevalent from 3GRC, where he served as one of the founders, and was responsible for and instrumental in defining products and services. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years’ experience in product management, consultancy and operations deliverables. Earlier in his career, he served as the Operations Director for a global managed service provider, InteliSecure, where he was responsible for overseeing effective data protection and risk management programs for clients. Alastair holds a university degree in Politics and International Relations, as well as several information security certifications.
Matthew Bianchi is the Lead Product Manager, Solutions and Ecosystem at ProcessUnity. Matt is a part of ProcessUnity’s product solutions team and is responsible for the company’s solutions and partner ecosystem. In his tenure at ProcessUnity, Matt has helped hundreds of organizations streamline their risk and compliance programs as well as bring new industry leading solutions and integrations from world-class content providers through the ProcessUnity platform.
Hananel Livneh is Head of Product Marketing at Adaptive Shield. He joined Adaptive Shield from Vdoo, an embedded cybersecurity company, where he was a Senior Product Analyst. Hananel completed an MBA with honors from the OUI, and has a BA from Hebrew University in Economics, Political science and Philosophy (PPE).