Why 2022 Proves We Manage Third-Party Risk Wrong

When:  Feb 21, 2023 from 12:00 to 13:00 (PT)
Associated with  Portland, Oregon Chapter

In the past year, security breaches continued to reach all-time highs while many were direct results of the third parties we trust. Despite numerous big-name and global organizations suffering security breaches due to the failure of third-party controls, we still often see clients with third-party risk management programs that simply meet compliance requirements without effectively managing their risk. Hundreds of identified risks without any compensating controls in place, high-risk vendors engaged without contractual SLAs or security requirements imposed, and thousands of questionnaires completed yet never assessed for risk. We have been able to help turn these compliance programs into effective third-party risk management machines by guiding our clients around the many common pitfalls of third-party risk. We have seen all the mistakes so everyone attending hopefully will not have to repeat them. We will cover the common areas where TPRM goes wrong, relate them to breaches in the past years, and suggest alternatives aligned with best practices and how we have seen our clients succeed in making a TPRM program that does more than check a box.

Speaker: Riley Webber holds a B.S. in Computer Science which includes formal education, spanning hundreds of classroom hours in cloud security, systems engineering, risk management, and malware analysis. 

Location

Online Instructions:
Url: http://cvent.me/40Kedl
Login: Zoom link will be given after registration.

Contact