Print this page

How to Utilize Security Ratings in Third-Party Risk Management

032422TN

Recorded:    December 14 | 2022      Attend

In an interconnected, ever changing digital world, how well your data is secured across your supply chain is a matter of great importance. Failing to adequately screen vendor security risks can lead to data breaches, which can shut down operations, damage customer trust and incur hefty regulatory penalties.

Security ratings can help you grade your security performance, as well as that of your third party vendors, by analyzing how well information is protected from external threats and breaches. Attend this webinar to learn how to use security ratings in TPRM, including how to:

  • Grade your security performance and understand risk across your supply chain, including your vendors and business partners,
  • Add context to your inherent risk tiers and gain visibility into the health of your vendor ecosystem,
  • Increase accuracy across vendor risk assessments and continuous monitoring processes,
  • Speed up response and remediation efforts with real time alerts on cybersecurity findings.

 

Moderator

colin whittakerColin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.

Panel

JonEhretShiven Patel serves as Product Manager at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In his role, Shiven supports the OneTrust Third-Party Risk Management solution where he advises companies on how to reduce third party risks and build mutual trust between the business and its vendors.

MMEric Hensley, Chief Technology Officer & Chief Security Officer, Aravo Solutions. Eric is responsible for technical delivery of Aravo’s product offerings, including Engineering, QA and Hosting Operations. He has over 15 years’ experience in the development and delivery of enterprise SaaS offerings with a special focus on supply chain management and intelligence solutions. Before joining Aravo, Eric served as Sr. Director of Technical Operations at Instill Corporation, where he developed infrastructure and integration solutions for supply chain intelligence systems in the foodservice industry. Eric joined Instill in 2002 and was instrumental in the development and deployment of highly scalable SaaS solutions responsible for processing the majority of daily foodservice transactions in North America. Prior to that, Eric served as Director of Technical Operations at ShipServ Ltd., where he was responsible for the development and deployment of one of the earliest SaaS transactional business exchanges, focused on the maritime shipping industry. While at ShipServ, Eric led the development and adoption of MTML, an XML-based transactional document standard now widely deployed in the shipping industry. Eric holds a BA in Astrophysics with a specialization in Computer Science from the University of California, Berkeley.

Kelly WhiteKelly White, CEO and Founder (CISSP) at RiskRecon. Kelly has nearly 20 years of experience in assessing and defending complex enterprises. Prior to dedicating his full attention to RiskRecon in 2015, White held various enterprise security roles, including CISO and Director of Information Security for financial services companies. White was also practice manager and senior security consultant for CyberTrust and Ernst & Young. White is an active supporter of the security community, a frequent speaker at industry conferences such as the Cybercrime Prevention Summit, United Security Conference, RSA Conference and eFraud Global Forum, and is a member of the eFraud Global Conference Board.

MattBianchiMatthew Bianchi is the Lead Product Manager, Solutions and Ecosystem at ProcessUnity. Matt is a part of ProcessUnity’s product solutions team and is responsible for the company’s solutions and partner ecosystem. In his tenure at ProcessUnity, Matt has helped hundreds of organizations streamline their risk and compliance programs as well as bring new industry leading solutions and integrations from world-class content providers through the ProcessUnity platform.