About the Talk
April 29, 2015 11:45 AM
Las Vegas, NVLas Vegas, NV
The modern enterprise is often both the client and customer to many organizations. The use of third party vendors, service providers, and partners are a normal and growing part of many businesses' operations today and are a growing concern for information risk and security professionals. An organization's security posture is only as strong as its weakest link. While many information risk and security organizations are effectively managing information risk they have direct control over, third parties often challenge them due to their limited governance and oversight capabilities.
These same organizations are also challenged with how to effectively and efficiently prove they are meeting the ever-increasing risk and security expectations of their clients. These high expectations are often demonstrated by the number questions asked and reviews requested. They also often have different views and expectations for risk and security functions, capabilities, and controls that they believe should exist in companies they do business with. This creates a difficult minefield for organizations that have to balance their need to prove they are effectively managing risk and providing effective security--while not creating new threats and vulnerabilities by doing so.
This session will focus on how to effectively navigate supply and execute supply chain security from both the customer and provider perspective. The speaker will explore industry-leading methods and practices of risk-based supply chain security approaches supported by case studies and real world examples.