This webcast aired on May 20, 2021.
CPE Credit(s): 1
While SolarWinds may have captured the media’s attention, supply chain risk and third-party breaches are nothing new. The challenge is organizations are adopting digital transformation, and as a result increasing their reliance on third parties, faster than they can scale their third-party cyber risk management programs. This transition is creating a gap that is being actively exploited by attackers which is evident by the fact that over 50% of all breaches are linked to a third party. The good news is we’ve gotten a lot smarter about third-party risk management and there are a lot of best practices and tools that can help you optimize your program today.
This session will cover the foundational principles of building a third-party risk management program that will help you identify and prioritize your most vulnerable vendors and reduce your risk.
Join this session to learn:
- The foundational components of effective TPCRM Program
- How to use data to manage third-party risk
- Common TPCRM misconceptions that can lead you astray
3 key learnings for CPE –
- A strategic approach to third-party risk should consider top-level business objectives and consider stakeholders across the enterprise
- At its core third-party risk management is a data collection and analysis activity
- When performing your analysis, avoid common mistakes around third-party spend, assessment types, and risk prioritization
Jonathan Swanson, Client Services Director - CyberGRX