Sign up to save your podcasts
Or
Share From Regulations to Relationships: Navigating the Maze of Third-Party Risk Management | A Conversation with Branan Cooper | Redefining CyberSecurity with Sean Martin
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
From Regulations to Relationships: Navigating the Maze of Third-Party Risk Management | A Conversation with Branan Cooper | Redefining CyberSecurity with Sean Martin
Guest: Branan Cooper, Financial Services exec
On LinkedIn | https://www.linkedin.com/in/brananc/
____________________________
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
View This Show's Sponsors
___________________________
Episode Notes
In this episode of the Redefining Cybersecurity Podcast, hosted by Sean Martin, we dive into the intricate world of third-party risk management with the insightful Branan Cooper, boasting an impressive three-and-a-half decades of experience in financial services. Throughout this discussion, Cooper and Martin explore the evolution and critical aspects of managing third-party risk within businesses, emphasizing the ever-increasing interconnectivity and dependencies in the digital age.
Branan Cooper draws on his vast experience, touching on the regulatory milestones that have shaped third-party risk management practices, from early quality assurance efforts in the '90s to the recent comprehensive interagency guidance. Highlighting the intertwined nature of third-party risk with operational, cybersecurity, and compliance aspects, the episode sheds light on the need for a holistic approach encompassing due diligence, ongoing monitoring, and a lifecycle approach to vendor relationships.
Significantly, the conversation delves into practical strategies for mitigating third-party risk, the importance of fostering a culture of communication and collaboration across departments, and the pivotal role of documentation in managing and mitigating risks effectively.
Cooper also shares invaluable insights into the nuances of vendor relationships, from assessing and prioritizing risks to the crucial aspect of planning for potential exit strategies. This episode not only serves as a primer on the complexities of third-party risk management but also as a guide for navigating these challenges proactively, offering listeners actionable advice and best practices drawn from decades of experience.
Whether you're a business leader, IT professional, or risk management practitioner, this episode provides a wealth of knowledge on safeguarding your organization in a interconnected business ecosystem.
Key Questions Addressed
- How have regulatory milestones shaped third-party risk management practices over time?
- What are the key strategies for effectively managing and mitigating third-party risks?
- How does coordinating across departments contribute to managing third-party risks more effectively?
___________________________
Watch this and other videos on ITSPmagazine's YouTube Channel
Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:
📺 https://www.youtube.com/@itspmagazine
Be sure to share and subscribe!
___________________________
Resources
Third Party Risk Management 101 : Learning the Fundamentals of Third-Party Risk Management (venminder.com)
The interagency guidance on third party risk management : Federal Register :: Interagency Guidance on Third-Party Relationships: Risk Management
What is a third party?: What Is a Third Party? How Their Role Works and Examples (investopedia.com)
Why is third party risk management important?: Why is Third-Party Risk Management Important? | UpGuard
Although no longer in force, these pieces of guidance were so fundamental in defining industry terms and such watershed moments that they are valuable still as reference material, for terms and procedures commonly followed in TPRM:
FDIC financial institution letter 44 - 2008: FDIC: Inactive FIL-44-2008: Guidance for Managing Third-Party Risk
OCC Bulletin 2019 - 23: OCC+2013-29.pdf (sqspcdn.com)
Understanding UDAAP or UDAP The Differences Between UDAP & UDAAP | McCune Law Group (mccunewright.com)
___________________________
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring this show with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
View all episodes
By Sean Martin, ITSPmagazine
5
33 ratings
Guest: Branan Cooper, Financial Services exec
On LinkedIn | https://www.linkedin.com/in/brananc/
____________________________
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
View This Show's Sponsors
___________________________
Episode Notes
In this episode of the Redefining Cybersecurity Podcast, hosted by Sean Martin, we dive into the intricate world of third-party risk management with the insightful Branan Cooper, boasting an impressive three-and-a-half decades of experience in financial services. Throughout this discussion, Cooper and Martin explore the evolution and critical aspects of managing third-party risk within businesses, emphasizing the ever-increasing interconnectivity and dependencies in the digital age.
Branan Cooper draws on his vast experience, touching on the regulatory milestones that have shaped third-party risk management practices, from early quality assurance efforts in the '90s to the recent comprehensive interagency guidance. Highlighting the intertwined nature of third-party risk with operational, cybersecurity, and compliance aspects, the episode sheds light on the need for a holistic approach encompassing due diligence, ongoing monitoring, and a lifecycle approach to vendor relationships.
Significantly, the conversation delves into practical strategies for mitigating third-party risk, the importance of fostering a culture of communication and collaboration across departments, and the pivotal role of documentation in managing and mitigating risks effectively.
Cooper also shares invaluable insights into the nuances of vendor relationships, from assessing and prioritizing risks to the crucial aspect of planning for potential exit strategies. This episode not only serves as a primer on the complexities of third-party risk management but also as a guide for navigating these challenges proactively, offering listeners actionable advice and best practices drawn from decades of experience.
Whether you're a business leader, IT professional, or risk management practitioner, this episode provides a wealth of knowledge on safeguarding your organization in a interconnected business ecosystem.
Key Questions Addressed
- How have regulatory milestones shaped third-party risk management practices over time?
- What are the key strategies for effectively managing and mitigating third-party risks?
- How does coordinating across departments contribute to managing third-party risks more effectively?
___________________________
Watch this and other videos on ITSPmagazine's YouTube Channel
Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:
📺 https://www.youtube.com/@itspmagazine
Be sure to share and subscribe!
___________________________
Resources
Third Party Risk Management 101 : Learning the Fundamentals of Third-Party Risk Management (venminder.com)
The interagency guidance on third party risk management : Federal Register :: Interagency Guidance on Third-Party Relationships: Risk Management
What is a third party?: What Is a Third Party? How Their Role Works and Examples (investopedia.com)
Why is third party risk management important?: Why is Third-Party Risk Management Important? | UpGuard
Although no longer in force, these pieces of guidance were so fundamental in defining industry terms and such watershed moments that they are valuable still as reference material, for terms and procedures commonly followed in TPRM:
FDIC financial institution letter 44 - 2008: FDIC: Inactive FIL-44-2008: Guidance for Managing Third-Party Risk
OCC Bulletin 2019 - 23: OCC+2013-29.pdf (sqspcdn.com)
Understanding UDAAP or UDAP The Differences Between UDAP & UDAAP | McCune Law Group (mccunewright.com)
___________________________
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring this show with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
More shows like Redefining CyberSecurity
View all
This American Life
90,906 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
373 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
653 Listeners
CyberWire Daily
1,022 Listeners
Click Here
418 Listeners
ITSPmagazine
30 Listeners
Cybersecurity Today
181 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
139 Listeners
Hard Fork
5,509 Listeners
Audio Signals Podcast
2 Listeners
Risky Bulletin
44 Listeners
Microsoft Threat Intelligence Podcast
22 Listeners
Stories From Space
4 Listeners
Redefining Society and Technology Podcast
0 Listeners
CyberSecurity Summary
5 Listeners