Recorded: December 14 | 2023 Watch
In today's complex business landscape, effective Third-Party Governance, Risk Management, and Compliance (GRC) strategies are paramount for organizations seeking to thrive and maintain trust in the global marketplace.
However, without the support of executive leadership, implementing and maintaining a robust third-party risk management program (TPRM) can be an uphill battle. On this webinar we will address strategies to secure executive buy-in and ensure the success of your third-party risk management program.
Attendees will learn how to showcase the substantial ROI that investing in third-party risk management can yield, reducing annual loss expectancy from third-party-related adverse events, including how to:
- Craft a persuasive business case that emphasizes the financial benefits of a TPRM program,
- Enlist an executive sponsor from the C-suite and equip them with the knowledge and enthusiasm needed to champion your TPRM program effectively,
- Build alliances across various organizational functions and align your third-party GRC program with the broader strategic objectives of your organization,
- Integrate your TPRM processes into official company policies.
Moderator
Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.
Panelists
Shane Hasert, Director of Threat Research and Cyber Security Standards at processUnity. Shane has 35 years of experience as a cybersecurity professional, and 18 of those years are dedicated specifically to third-party risk management and auditing. He is an Air Force veteran and has held positions leading security programs with several global consulting and security services firms supporting numerous industries including financial services, retail, healthcare, higher education, mortgage insurance, and gaming. Shane is a Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC), Certified Data Privacy Solutions Engineer (CDPSE), Certified Third-Party Risk Assessor (CTPRA), and a Certified Third-Party Risk Professional (CTPRP); and holds an AS in Intelligence Analysis, BS in Business Management and MBA in Project Management.
Jared Siddle, Director of Risk, North America at Protecht Group. Jared has extensive experience in enterprise risk management, compliance and assurance, including recent roles as Head of Risk Management for three banks and financial institutions. Over his career, he has managed global risk and compliance teams in more than 26 countries. His past work includes leadership roles as the Head of Risk Management for Vanguard and the Head of Risk Management for Fidelity International, with both roles based in London. Jared earned his Executive MBA from École des Ponts Business School in Paris and his BSc with Honours from City Of London Polytechnic. He is a Qualified Risk Director® of the Directors & Chief Risk Officer Institute, a Certified Enterprise Risk Professional with the American Bankers Association, and a Certified Institute of Risk Management Fellow. On LinkedIn: https://www.linkedin.com/in/jared-siddle
Theo Zafirakos, CISO, Terranova Security by Fortra. Theo is an experienced CISO, trusted cyber security advisor, and expert in security awareness strategy, governance, privacy, and more. He works with security leaders worldwide to help identify, evaluate, and manage security awareness strategies that align with their organizational objectives. He’s also responsible for internal cyber security policies and awareness initiatives at Terranova Security. Theo leads the Professional Services team in the implementation and execution of personalized security awareness training campaigns. He also helps organizations assess their security awareness training program's success with actionable metrics that facilitate long-term optimization and growth. Before joining Terranova Security, Theo spent 20 years at Canadian National Railway (CN), a leading North American transportation and logistics. In his role as CISO, he was responsible for the information security and governance strategy. Theo regularly speaks about security awareness and phishing simulation training at in-person and virtual industry events. He lives in Montreal, QC, and enjoys traveling, cooking, board games, and spending time with his family.