Third Party & Insider

E7: Tackling Third-Party Risk in an Outsourced World

Friday, June 9, 2023 1:30 PM - 2:30 PM

Room 503/504


The overall security of an organization is highly dependent on the security of its third-party relationships. Outsourcing is a necessary business process which enables organizations to gain or maintain cost advantages, increased efficiencies, and better access to skilled resources. As organizations mature, outsourcing becomes a more common occurrence. That increased growth and subsequent outsourcing introduces increased levels of financial, operational, reputational, IT/IS and other enterprise risks. As associated third-party risks remain in the top five threats of Verizon’s Data Breach Investigations Report year-over-year, a sound third-party risk management program has become imperative to protecting businesses and consumers alike. With third-parties touching nearly every corner of an organization, it can be challenging to know where to start. After all, you are only as secure as your weakest vendor! This session will touch on the fundamentals of third-party risk management and how to apply them to organizations of all sizes and in all industries.

Learner Objectives

In this session, attendees will gain a better understand of: • Why holistic third-party risk management is no longer optional; • Where to begin when third-party risk seems sprawling and unmanageable; • How to scope a third-party risk management program for various industries and business needs; and • Tips for maintaining and scaling a best-practice program as your organization matures.