Recorded: January 28 | 2021 Watch Now
Last year, 59% of companies experienced a third-party data breach, and current global uncertainty is a reminder of the increasing complexity of managing third-party risk. Balancing the risks and benefits of using third parties to deliver business services has always been key and during a crisis, the risks can be significantly heightened.
Current TPRM approaches may prove to be insufficient, both during and after the crisis. This begs the question: at a time when IT resources are already stretched, how can IT and security teams support the business in its use of third parties while minimizing the risks they create and improving business resilience?
On this expert panel webinar we’ll discuss some of the current, crisis-related trends and break down how organizations can adapt their TPRM program to improve business resilience, including how to:
- Determine your organization’s third-party resilience
- Start new partnerships on a strong foundation
- Protect your data by sharing only what you need to
- Check your internal processes are up to the task
Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.
Todd Boehler, Vice President of Product Strategy, at Process Unity. Todd collaborates with customers, partners and internal product teams to develop and deliver high-value risk and compliance solutions. In his role, he drives the company’s cloud services roadmap and defines ProcessUnity’s overall strategic direction. For nearly 20 years, Todd has served in product management and strategy roles for leading technology providers. In 2003, his governance, risk and compliance (GRC) startup was purchased by Stellent, which was soon after bought by Oracle Corporation. Todd worked for Oracle for seven years before joining ProcessUnity in 2014. He has extensive GRC experience, working with organizations’ engineering, services and sales teams to develop solutions, enable sales and deliver customer success.
Dan Harms, CIPP/US, Third-Party Risk Consulting Manager, OneTrust. Dan serves as a Third-Party Risk Consulting Manager for OneTrust Vendorpedia – a purpose-built software designed to operationalize third-party risk management. In his role, Harms advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG, GDPR and CCPA). Harms works with clients to centralize their third-party information across business units, assess risks and performance, and monitor threats throughout the entire third-party relationship, from onboarding to offboarding.
Jon Ehret is Vice President of Strategy and Risk for RiskRecon. Jon brings 20+ years of experience in technology and risk, including extensive experience building, maturing and running third party risk programs in both the finance and healthcare industries. Before joining RiskRecon, Jon built and lead the third party risk program for BlueCross BlueShield of WNY and also served as President and Co-founder of the Third Party Risk Association, an international professional association of third party risk practitioners and vendors. Jon is a frequent speaker at third party risk conferences and holds a BS in Information Technology from the Rochester Institute of Technology, as well as the CISSP, CISA and CRISC professional
Sam Mele, Global Vice President, Sourcing and Risk Management Solutions at Coupa. Over his 30 year career, Sam has acquired a unique blend of supply chain, procurement, strategic sourcing, risk, performance, and compliance management expertise across a wide range of industries spanning manufacturing to financial services. As the Global Vice President of Risk Management Solutions for Coupa, Sam supports a team of third-party risk, compliance, performance management and sourcing subject matter experts.Sam holds a BS degree, magna cum laude, in Mechanical Engineering from the University of Illinois. He lives in Batavia Illinois, a suburb of Chicago, with his wife of 28 years and their four children.