Author of "Cybersecurity & Third-Party Risk" and SVP, Cybersecurity Truist Financial Corp. Clayton, North Carolina, United States
Based upon the book Cybersecurity & Third-Party Risk: Third-Party Threat Hunting (endorsed by (ISC)2), we will break the old way of thinking that third-party risk is a compliance, check-box activity into one that is innovative and forward-leaning into the risk. Billions of dollars have been spent by CISOs to secure their organizations, and yet we've largely ignored our supply chain and third-party risk. From physical validation, contractual terms and conditions, fourth parties, due diligence optimization and predictive analysis, methods will be explored to drastically lower this risk area with solid cybersecurity due diligence and due care.
Learning Objectives:
Determine steps needed to develop a risk-based, cybersecurity-focused third-party risk program
Develop a risk-based, cybersecurity-focused program with physical validation and other due diligence, due care activities to drastically lower the risk from third-parties and their supply chain
Learn the steps needed to drop the reactive approach and become more predictive of third-party and supply-chain risks.
