Third Party Risk Management under the microscope at PrivSec Global

2021-06-23T14:21:00+01:00

No comments

PrivSec Global’s second day got underway this morning with an exploration of third party risk management.

Screenshot (14)

In an exclusive panel debate, “Third Party Risk Management: Cybersecurity Expertise into Board Governance and a Company’s Digital Defense”, subject-matter experts delved into the role this crucial issue plays against the rising cyber security threat.

Among key questions, the panel considered whether cybersecurity at board-level is a fundamental force in strengthening corporate digital defences. Describing the current third party risk management landscape, Anu Kukar, Data & Technology Risk – Thought Leader, said:

“The current risk that we have is that every organization is using a third party in one shape or form. Regulators worldwide have come out and said an organization is responsible for the risk management of third parties.”

Omer Carmi from Cybersixgill, said:

“I’m seeing too much of everything… when you are trying to take the concept of too much data into third party risk, you start to realize that you have a problem and you realize you have to do it in an automated, fast way.”

Offering insight into future sector security challenges, Anu Kukar said:

“Do we know what the cyber posture and the cyber risk is from an amount perspective. Can we quantify it for third parties?” C suites and boards will have to figure out a way to quantify risk.

“The risk that I’m seeing, when you have got so many multi-cloud providers and different types of clouds, what are your security arrangements? Are you creating another problem?” Anu added.

Addressing the issue of managing disparate cloud technologies, Israel Rivera, Senior Manager, MBL Technologies, underlined the importance of looking at the question from a governance perspective, and highlighted how organizations must be given guidance with regards to understanding their own risk appetite.

“Trust is focused on risk, and what your risk appetite will be,” Israel said.

Omer Carmi, VP of Intelligence, Cybersixgill, said:

“I’m a fan of looking at what the threat actor is doing and use their tools”

Missed a session? No problem - all sessions will be available on demand on grcworldforums.com

Topics

No comments

Article
US utilities struggling to meet demand of energy-thirsty AI

2024-04-19T11:53:00Z

In the US, demands for power are outstripping availability as energy-thirsty technologies such as generative AI pile pressure on national electrical systems.
Article
Banks poised for increased risk due to AI

2024-04-19T09:06:00Z

A leading banking regulator has issued a stern warning over the risks that financial institutions face as they move to integrate artificial intelligence (AI) and machine learning (ML) into governance operations.
News
Chicago Gears Up for GRC Connect: Sharpen Skills, Network, and Navigate the Future of GRC

2024-04-15T11:39:00Z By Jonathan Sumner, Chief Digital & Marketing Officer, GRC World Forums.

Get ready, Chicago! GRC Connect kicks off tomorrow, bringing together the brightest minds in governance, risk management, and compliance (GRC) for two days of insightful learning, valuable networking opportunities, and expert guidance on navigating the ever-evolving GRC landscape.