Sign up to save your podcasts
Or
Share Bracing for the Tsunami of Third-Party Security Risk
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Bracing for the Tsunami of Third-Party Security Risk
Security and risk teams have been overwhelmed by the tsunami of requests for vendor security risk assessments as the digital health movement continues to shift data to third-party platforms.
Constraints on human capital and time have never been tighter. Leading organizations are looking for ways to focus their teams on true risk management activities rather than perpetually collecting and formatting risk data.
Information security and risk leaders have turned to services, technology and automation to help keep pace with this unprecedented demand for third-party security assessments. However, the volume and variety of solutions hitting the market has some heads spinning trying to make sense of it all.
In this episode of The CyberPHIx, we speak with Siobhan Hunter, Vice President of Strategic Solutions for CORL Technologies. CORL provides tech-enabled managed services for third-party vendor security risk management for healthcare entities.
Highlights of the discussion include:
- Pros and cons of solutions available on the market include GRC platforms, cyber risk scoring, survey automation, third-party risk exchanges, and tech-enabled managed services
- Characteristics of third-party risk program maturity ranging from low-maturity to industry-leading programs
- How to strike the right balance of people, process, and technology to extract value and reduce cost for vendor security programs
- Lessons learned from leading third-party security risk programs inside and outside of healthcare
View all episodes
By Britton Burton | Sr Director of Product Strategy
5
77 ratings
Security and risk teams have been overwhelmed by the tsunami of requests for vendor security risk assessments as the digital health movement continues to shift data to third-party platforms.
Constraints on human capital and time have never been tighter. Leading organizations are looking for ways to focus their teams on true risk management activities rather than perpetually collecting and formatting risk data.
Information security and risk leaders have turned to services, technology and automation to help keep pace with this unprecedented demand for third-party security assessments. However, the volume and variety of solutions hitting the market has some heads spinning trying to make sense of it all.
In this episode of The CyberPHIx, we speak with Siobhan Hunter, Vice President of Strategic Solutions for CORL Technologies. CORL provides tech-enabled managed services for third-party vendor security risk management for healthcare entities.
Highlights of the discussion include:
- Pros and cons of solutions available on the market include GRC platforms, cyber risk scoring, survey automation, third-party risk exchanges, and tech-enabled managed services
- Characteristics of third-party risk program maturity ranging from low-maturity to industry-leading programs
- How to strike the right balance of people, process, and technology to extract value and reduce cost for vendor security programs
- Lessons learned from leading third-party security risk programs inside and outside of healthcare