RSA Conference ESAF Report 2023: How Top CISOs Are Transforming Third-Party Risk Management
0RSA Conference ESAF Report 2023: How Top CISOs Are Transforming Third-Party Risk Management | A Conversation with Laura Robinson | Redefining CyberSecurity Podcast with Sean Martin
Guest: Laura Robinson, ESAF Program Director at RSA Conference [@RSAConference]
On Linkedin | https://www.linkedin.com/in/laurarobinsoninsight/
At RSA | https://www.rsaconference.com/experts/laura-robinson
____________________________
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin
____________________________
This Episode’s Sponsors
Imperva | https://itspm.ag/imperva277117988
Pentera | https://itspm.ag/penteri67a
___________________________
Episode Notes
In this episode of Redefining CyberSecurity Podcast, host Sean Martin engages in a conversation with Laura Robinson, the ESAF Program Director at RSA Conference, about the changing landscape of third-party risk management. They explore the need for organizations to shift their approach in assessing third-party risk and the limitations of relying solely on questionnaires. Laura emphasizes the importance of more detailed assessments and manageable requirements for suppliers.
The conversation touches on the significance of fostering a culture of security and collaboration between organizations and their third-party partners. They discuss the challenges faced by small businesses in meeting complex regulatory requirements and the difficulties in finding the right cybersecurity services and talent. The episode showcases case studies that highlight successful third-party risk management programs and their positive impact, including significant reductions in incidents and quantifiable risk reduction.
The discussion also delves into the potential benefits of standardization in the industry, such as shared assessments, resources, and frameworks such as NIST CSF and HITRUST. Sean and Laura underscore the importance of collaboration, community, and a change in mindset to effectively address third-party risk in the evolving cybersecurity landscape. Throughout the conversation, practical insights and success stories are shared, providing listeners with a deeper understanding of the progress being made in third-party risk management while acknowledging that there is still work to be done.
The episode offers a thoughtful exploration of the topic, focusing on the need for collaboration, cultural shifts, and the development of more effective assessment approaches in order to mitigate third-party risk effectively.
____________________________
Watch this and other videos on ITSPmagazine's YouTube Channel
Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:
📺 https://www.youtube.com/@itspmagazine
Be sure to share and subscribe!
____________________________
Resources
CISO Perspectives on Transforming Third-Party Risk Management: https://www.rsaconference.com/library/webcast/158-ciso-persp-transfer-third-party?utm_source=x&utm_medium=social&utm_content=158-ciso-persp-transfer-third-party-webcast&utm_campaign=september-2023-rsac365&postID=11353906220
____________________________
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network