Workshop 1: The 3Ps of Third Party Risk: Prevention, Policies, Promises

  • Date 04 Jun 2019

    Register Now

Workshop 1: The 3Ps of Third Party Risk: Prevention, Policies, Promises

04 Jun 2019, 10:00 - 12:00

Security Workshop
Language:
English

Independent research revealed that while 60% of firms have formal third party risk policies, nearly half have experienced a significant breach caused by a vendor. Why? Executives don’t make vendor risk a priority or are too trusting. Learn from 600 IT and security leaders about top concerns around supply chain and policies/procedures used to mitigate risks. Explore lessons learned from vendor breaches that avoided headlines, but caused operational havoc and headaches. Learn to engage board members and executives to secure resources, build a due diligence package, create contracts that mandate security requirements, reduce human error, indemnify your firm, and define breach response. Learn how to sell a vendor risk program based on leading security programs in the US and Europe.

Learning Outcomes:

  1. Build a multi-stage due diligence program to measure and mitigate risks associated with third-party vendors and partners.
  2. Identify critical contractual obligations as they relate to third-party vendors: security posture, human error reduction and awareness training, frequent risk assessments and attestations, common security certifications, indemnification, and breach notification triggers and windows.
  3. Apply best practices from leading supply chain risk frameworks including the National Cyber Security Centre (NCSC) Supply Chain Risk Program and GDPR.

 

Please note: Registering your interest does not guarantee you a seat. You will receive final joining instructions one week prior to the event and it will work on a first come, first served basis on the day.

 

Contributors

  • Mark Sangster

    Speaker

    VP and Industry Security Strategist

    eSentire

    Mark Sangster is VP and Industry Security Strategist at eSentire and an industry security strategist. He is a cybersecurity evangelist who has spent...

Business Issues covered

  1. What will this session help you to do?
    • Mitigate the effects of new vulnerabilities and exploits‎
    • Understand internal and external threats and keep a business secure‎

ReedExpo.Nova.Framework.Categorization.CategorySelection

Sponsors

eSentire

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.