Date & Time
Tuesday, October 16, 2018, 2:15 PM - 3:45 PM
Category
Core Competencies
Description

In the age of growing globalization, businesses of every size and industry are increasingly relying on the services and solutions of external vendors. While this practice can prove beneficial, it can also leave the door open for security concerns. As technology such as the cloud, sensors and the IoT evolves, it’s more important than ever for organizations to be vigilant in how they work with external vendors to ensure the security of their confidential, sensitive data.

In this presentation, we will take participants through best practices for building a successful, efficient vendor risk management program. We’ll start by talking through case studies, highlighting examples of poor and successful programs and focusing on what made them fail or succeed. Typically, a flourishing program begins with client surveys, questionnaires and resource constraint solutions. Poor vendor risk management programs usually have several things in common: insufficient resources, stakeholders lack knowledge about critical vendors, management issues across borders, and sensitive data is not properly handled. Additionally, we will address the opposing key challenge: effectively responding to vendor questionnaires from your clients.

In conclusion, we will talk through the evolving areas in risk management that vendor management or compliance teams should focus on: the IoT, cloud and electronic access control.

Speaker(s)
David Grazer; Ashli Pfeiffer
Speaker Bio(s)
David is a consultant within the privacy and vendor risk practices at Tevora, a cybersecurity consulting firm based in Orange County, CA. He comes from a diverse background with experience at both enterprise and consumer technology companies. David brings a holistic approach to his engagements, assessing how privacy, risk and security affect not only technological infrastructure, but also strategic objectives. He marries those views to support clients as they develop more proactive privacy and security postures. David possesses a Bachelor’s Degree from Chapman University, a graduate certificate in Global Finance from Thunderbird School of Global Management along with various Computer Science courses along the way. David is in the process of obtaining his CIPM and CRISC credentials.
CEUs
1.8