When: November 7th | 2024 Attend
In today's hyper connected digital landscape, organizations are heavily reliant on third-party partnerships to drive business growth and innovation. However, this dependency comes with significant risks. According to Gartner, breaches involving third parties cost 40% more than internal breaches, highlighting the critical need for robust Third-Party Risk Management (TPRM).
On this webinar we will explore the essentials of developing a cyber resilience strategy that balances trust and risk mitigation with business objectives. By leveraging TPRM, organizations can effectively reduce, share, or transfer risks associated with third-party engagements, securing their operations and maintaining stakeholder confidence. Attendees will gain insights into:
- The impact of third-party breaches on organizational cyber resilience.
- How to conduct comprehensive risk assessments and due diligence for third-party vendors.
- Best practices for onboarding and monitoring third-party relationships, including regulatory compliance.
- The role of technology and automation in strengthening Third-Party Risk Management strategies.
Moderator
Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.
Panel
Shane Hasert, Director of Threat Research and Cyber Security Standards at ProcessUnity. Shane has 35 years of experience as a cybersecurity professional, and 18 of those years are dedicated specifically to third-party risk management and auditing. He is an Air Force veteran and has held positions leading security programs with several global consulting and security services firms supporting numerous industries including financial services, retail, healthcare, higher education, mortgage insurance, and gaming. Shane is a Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC), Certified Data Privacy Solutions Engineer (CDPSE), Certified Third-Party Risk Assessor (CTPRA), and a Certified Third-Party Risk Professional (CTPRP); and holds an AS in Intelligence Analysis, BS in Business Management and MBA in Project Management.
Jared Siddle, Director of Risk, North America at Protecht Group. Jared has extensive experience in enterprise risk management, compliance and assurance, including recent roles as Head of Risk Management for three banks and financial institutions. Over his career, he has managed global risk and compliance teams in more than 26 countries. His past work includes leadership roles as the Head of Risk Management for Vanguard and the Head of Risk Management for Fidelity International, with both roles based in London. Jared earned his Executive MBA from École des Ponts Business School in Paris and his BSc with Honours from City Of London Polytechnic. He is a Qualified Risk Director® of the Directors & Chief Risk Officer Institute, a Certified Enterprise Risk Professional with the American Bankers Association, and a Certified Institute of Risk Management Fellow. On LinkedIn: https://www.linkedin.com/in/jared-siddle
Charlie Jones, CISA,(ChCSP, CISSP, CISA), Director, Product Management at ReversingLabs. Charlie is currently a Director of Product Management and subject matter expert (SME) in supply chain security, digital trust, and product strategy. Formerly a consultant at PwC, Charlie has 10 years experience delivering strategic transformation initiatives, specializing in cyber security, third-party risk management, and IT audit programs for Fortune and FTSE 100 financial service institutions. An active member of the global cyber security community, Charlie regularly publishes thought leadership, speaks at high-profile conferences, participates in industry working groups, and helps shape international standards through his position on the Technical Advisory Panel for the UK Cyber Security Council. Recently honored with the prestigious CSO 30 Award, Charlie is recognized as a top security leader in the UK, demonstrating outstanding business value, innovation, and contributions to the wider community. LinkedIn: https://www.linkedin.com/in/charlie-jones3/
Steve Tobias, Lead Client Success Advisor. As a Lead Client Success Advisor at RiskRecon by Mastercard, Steve partners with clients from various industry sectors to ensure they get the most out of the RiskRecon platform. He leverages his risk management experience to provide recommendations for incorporating vendor security ratings into and maturing third-party cyber risk management programs. His 20+ years of cybersecurity experience include information security, frameworks, governance, risk & compliance, third-party risk management and cyber risk program development. Prior to RiskRecon\Mastercard, he led a cyber risk management team and helped develop a cyber risk/TPRM program in the Healthcare sector. Steve holds a Bachelor’s in Information Systems Management, as well as CISSP, CISM and CTPRP certifications.