Print this page

A Data-Driven Approach to Third-Party Risk Management

073020tn

Recorded:    October 21 | 2021      Watch

As organizations have increased their scope of vendors and partners, they have also increased their digital risk surface and are facing new challenges regarding vendor risk management. By taking a data-driven approach to identifying, understanding, and acting on risk, you can efficiently eliminate your organization's most critical third-party security gaps.

Register for this CPE webinar to learn how you can leverage data to drive significant improvements in your third-party risk management program, including:

  • Tips to measure your vendor risk exposure
  • Insights into pioneering practices, program bench-marking and operation metrics
  • Principles for fair and accurate security ratings
  • How to utilize inherent risk methodologies to prioritize your vendors

Moderator

colin whittakerColin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.

DovDov Goldman, Director of Risk & Compliance, Panorays. Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of Innovation at Opus, Director of Product Marketing at Navigant, and Founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.

JonEhretJon Ehret is Vice President of Strategy and Risk for RiskRecon. Jon brings 20+ years of experience in technology and risk, including extensive experience building, maturing and running third party risk programs in both the finance and healthcare industries. Before joining RiskRecon, Jon built and lead the third party risk program for BlueCross BlueShield of WNY and also served as President and Co-founder of the Third Party Risk Association, an international professional association of third party risk practitioners and vendors. Jon is a frequent speaker at third party risk conferences and holds a BS in Information Technology from the Rochester Institute of Technology, as well as the CISSP, CISA and CRISC professional.

RogerGrimesRoger Grimes, KnowBe4’s Data-Driven Defense Evangelist, is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He now serves as the Data-Driven Security Analyst for KnowBe4. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He was the weekly security columnist for InfoWorld and CSO magazines from 2005-2019.

MattBianchiMatthew Bianchi is the Lead Product Manager, Solutions and Ecosystem at ProcessUnity. Matt is a part of ProcessUnity’s product solutions team and is responsible for the company’s solutions and partner ecosystem. In his tenure at ProcessUnity, Matt has helped hundreds of organizations streamline their risk and compliance programs as well as bring new industry leading solutions and integrations from world-class content providers through the ProcessUnity platform.