Recorded:    July 13 | 2023      Watch

Third-party incidents can occur at any time and can lead to significant disruptions in business operations. Traditional methods of managing third-party security risk are lagging behind the reality of today's threat landscape. By building future proofed supplier risk management practices, you can dramatically lessen the time it takes to onboard new suppliers, while simultaneously reducing organizational security risk to an acceptable level.

This CPE webinar will cover the best practices and steps involved in innovating traditional TPRM monitoring and management practices. We will discuss various approaches that organizations can take to streamline these workflows and address existing gaps in visibility. Join us to learn how you can keep pace with the evolving threat targeting the supplier ecosystem, and:

• Understand pitfalls of the traditional method of managing third party risk
• Learn about the different steps involved in simplifying third party incident reporting and management workflows.
• Discover the benefits of innovating TPRM programs, including increased efficiency and reduced costs.
• Explore how automation can be applied to the growing area of software risk including commercial software, third-party development, and software supply chain assurance

 Moderator

Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.

Panel

Meghan Maneval leads RiskOptics’ Technical Product Management team- tasked with developing and evangelizing innovative ways to solve industry problems. Fun fact about Meghan- she was a RiskOptics customer before joining the team! After more than 15 years managing security, compliance, audit, governance, and risk management programs in highly-regulated industries, Meghan joined RiskOptics in 2022 to help drive product innovation and empower our customers to achieve their objectives. Meghan is a passionate security and risk evangelist, DIBs champion, and home-renovation enthusiast specializing in process improvement and program iteration. Meghan enjoys giving back to the security and risk community through blogs, whitepapers, webinars, conference presentations, and podcasts. Want to be a Risk Insider? Follow me on LinkedIn!

Charlie Jones, CISA, Software Assurance Evangelist at ReversingLabs. Charlie is a Software Assurance Evangelist with experience in providing strategic transformation services for cyber security, supply chain risk, and IT audit programmes of both Fortune and FTSE 100 companies across all three lines of defence. Charlie specializes in helping organizations assess and manage the security risks presented by the software supply chain, to help prevent against software tampering. An accomplished speaker, Charlie provides thought leadership within the digital trust domain. Drawing from his global consulting experience, Charlie aims to provide his audience with pragmatic solutions to uplift the cyber security posture of small, medium, and large businesses. Follow me on LinkedIn!

Paul Iagnocco, Customer Enablement Lead and Senior Privacy Consultant, TrustArc. Paul is a leader, visionary and change agent, with over 26 years of experience in privacy, data protection, information systems management, digital marketing and operations. He has worked in various industries including higher education, marketing and advertising, consumer goods and consumer packaged goods.

Sophie Pothecary, Solutions Engineer at Prevalent. Sophie is responsible for assisting organizations in identifying solutions for third-party risk management program efficiencies. Throughout her time at Prevalent, Sophie has worked with organizations of all sizes in developing, validating, and optimizing third-party risk management programs and processes through the use of risk management technology and service offerings. Sophie's role also involves staying up to date with the latest industry trends and best practices in third-party risk management. This allows her to provide clients with valuable insights and strategies to address emerging risks and evolving regulatory requirements. Having worked with a variety of industries, Sophie is well-versed in the unique challenges and requirements that organizations face when it comes to TPRM. This broad industry exposure allows her to bring valuable insights and best practices to her engagements. Follow me on LinkedIn!