When: April 25 | 2019 Attend
In today’s interconnected technology ecosystem, companies increasingly rely on third party vendors to meet their operational needs. However, the current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.
Understanding and managing cyber risk posed by vendors, suppliers, and third parties has proven to be a difficult task. The right mix of people, processes, and technology result in the most effective and comprehensive program. Join this CPE accredited panel webinar as our expert panel address some key steps to master VRM, including:
- Implementing a scaleable VRM program from the ground up
- Mapping the digital supply chain
- Tips on managing vendor data
- Assessing third, fourth, and fifth-party risk
- Performing quantifiable vendor security analyses
- Establishing pre-procurement standards
Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. At APACS he started the move to confront the reality of the threat to payment systems and the implications this has on any risk and security decisions taken. He was instrumental in helping the industry coordinate the response to the wave of e-banking attacks that started in 2004, and the development of a card based customer authentication strategy to protect e-banking channels. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. This included contributing to the strategic development of the Council through representing Visa Europe at the PCI SSC's Executive Committee, as well as the technical development of the standards. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe. Colin was responsible for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. He has now built on this experience by learning first-hand what PCI DSS means to merchants through his experience at Carlson Wagonlit Travel. Applying PCI DSS to probably one of the most complex industry verticals and one where it is almost impossible to spend money as a customer without using credit cards! He is now working as a freelance consultant helping retailers and service providers solve their cyber security and payment security compliance dilemmas.
Todd Boehler, Vice President of Product Strategy, at Process Unity. Todd collaborates with customers, partners and internal product teams to develop and deliver high-value risk and compliance solutions. In his role, he drives the company’s cloud services roadmap and defines ProcessUnity’s overall strategic direction. For nearly 20 years, Todd has served in product management and strategy roles for leading technology providers. In 2003, his governance, risk and compliance (GRC) startup was purchased by Stellent, which was soon after bought by Oracle Corporation. Todd worked for Oracle for seven years before joining ProcessUnity in 2014. He has extensive GRC experience, working with organizations’ engineering, services and sales teams to develop solutions, enable sales and deliver customer success.
Kelly White, CEO and Founder (CISSP) at RiskRecon. Kelly has nearly 20 years of experience in assessing and defending complex enterprises. Prior to dedicating his full attention to RiskRecon in 2015, White held various enterprise security roles, including CISO and Director of Information Security for financial services companies. White was also practice manager and senior security consultant for CyberTrust and Ernst & Young. White is an active supporter of the security community, a frequent speaker at industry conferences such as the Cybercrime Prevention Summit, United Security Conference, RSA Conference and eFraud Global Forum, and is a member of the eFraud Global Conference Board.
Blake Brannon, Vice President, Product at Onetrust. As Vice President of Product, Blake Brannon oversees all aspects of OneTrust’s product and is responsible for defining the privacy management and marketing compliance software market and OneTrust’s product capabilities. Brannon evaluates industry trends and analyst research, while driving product planning, design, customer advisory testing, and product launch activities. Prior to OneTrust, Brannon was one of the first employees at AirWatch, where he served as Global Director of Sales Engineering and Vice President of Product Marketing.
Jake Olcott, VP of Strategic Partnerships, BitSight. Jake served as cybersecurity attorney to the Senate Commerce Committee and House Homeland Security Committee. He previously consulted with Fortune 1000 executives on cyber risk management. He is an adjunct professor at Georgetown University. He holds degrees from the University of Texas at Austin and the University of Virginia School of Law.