Recorded: Oct. 5 | 2023 Watch
In today's interconnected business landscape, organizations heavily rely on third-party vendors, suppliers, and partners. While these collaborations offer numerous benefits, they also introduce potential risks and vulnerabilities that need to be proactively managed.
In this CPE webinar, our panel of experts will delve into the latest strategies, tools, and techniques empowered by artificial intelligence (AI) that can revolutionize your organization's approach to identifying, assessing, and mitigating third-party risks. Attendees will gain valuable insights into leveraging targeted Risk Intelligence, enhanced by AI, to drive effective TPRM. Join us to gain an understanding of:
• The concept of targeted Risk Intelligence and explore how AI can amplify its application in enhancing TPRM.
• Potential risks and vulnerabilities associated with third-party engagements through the integration of AI-driven risk assessment methodologies.
• Practical strategies for mitigating third-party risks by harnessing the power of targeted Risk Intelligence complemented by AI capabilities.
• The transformative potential of automation, analytics, and AI in streamlining risk assessment processes, empowering data-driven decision-making, and ultimately enhancing the overall effectiveness of your TPRM practices.
Moderator
Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.
Panel
Mitushi Pitti, Managing Director, Cyber KPMG LLP. Mitushi leads the Third party security services for KPMG US and has been with KPMG for more than 17 years. Her core strength is to provide the vision, roadmap, and execution excellence to deliver the future of third-party risk management at KPMG. Mitushi specializes in innovation led transformation of third-party security programs helping clients maximize return on investments from their third-party programs, and helps clients build, assess, re-design, manage, run and transform their third-party security programs through intelligent automation augmented with artificial intelligence and machine learning models. She focuses on developing, managing and running forward looking, scalable and sustainable programs for many large organizations across industries. Over the course of last 17+ years, Mitushi has worked with leading organizations in Life Sciences, Financial Services, Technology, Consumer and Retail to transform their cyber security and third-party risk programs. She have several years of experience leading and executing a variety of cyber maturity, third party security, governance, risk management, regulatory and compliance related engagements across industries.
Andrew Scott, Privicy Council, TrustArc. Andrew has a passion for privacy and is a CA attorney and privacy professional with demonstrated knowledge of US Privacy Laws (CIPP-US), European Privacy Laws (CIPP-E), and Privacy Program Management (CIPM). Currently, he evaluates companies’ privacy programs against external global privacy frameworks such as the GDPR, CCPA, APEC CBPR/PRP Systems, the Privacy Shield, the EDAA/IAB Europe OBA Framework, and EU Cloud Code of Conduct. After graduating from UC Hastings, College of the Law, and passing the CA State Bar Exam in 2015, Andrew became aware of paramount importance that privacy protections and safeguards have for the individuals who depend on the principle of anonymity to survive.
Steve Tobias, Lead Client Success Advisor. As a Lead Client Success Advisor at RiskRecon by Mastercard, Steve partners with clients from various industry sectors to ensure they get the most out of the RiskRecon platform. He leverages his risk management experience to provide recommendations for incorporating vendor security ratings into and maturing third-party cyber risk management programs. His 20+ years of cybersecurity experience include information security, frameworks, governance, risk & compliance, third-party risk management and cyber risk program development. Prior to RiskRecon\Mastercard, he led a cyber risk management team and helped develop a cyber risk/TPRM program in the Healthcare sector. Steve holds a Bachelor’s in Information Systems Management, as well as CISSP, CISM and CTPRP certifications.
Joe Toley, Project Director, R&D Development at Prevalent. Joe is responsible for assisting organizations in operationalizing and maturing their Third Party Risk Management Program. He joined Prevalent from 3GRC where he was instrumental in defining the services and deliverables to support the use of the risk management technology and prides himself in taking client requirements and translating them into achievable plans. He comes from an IT security background, with an original focus on data security and data loss prevention, before shifting his efforts to the Third Party Risk Management space 5 years ago.