Risky Business: Understanding Enterprise Third-Party Risk Management
Tuesday, March 28 | 10am ET
Join us to discuss best practices, lessons learned, risk evaluation, and the regulatory environment associated with third-party risk management.
Discovering, prioritizing, and monitoring cybersecurity risks across an ecosystem of third-party products is a complex undertaking for any business, let alone a large enterprise.
Join us for an in-depth discussion exploring best practices, lessons learned, and the regulatory environment associated with third-party risk management. Speakers will provide insight and tips into overcoming the challenges of defining and implementing a holistic risk management program. Whether your program is non-existent, just getting started, fully mature, or somewhere in between – this discussion will provide valuable perspective into how to increase security, ease the burden of compliance, and achieve your program goals efficiently and effectively.
In this webinar, our experts will be addressing questions such as...
- Is there anything that the USG (perhaps the Commerce Dept) or non-gov organizations (such as NDIA) can do to make it easier for businesses to manage 3rd party risk?
- How is CMMC 2.0 likely to impact your Enterprise Third-Party Risk Management?
- How do you handle client vulnerabilities that are driven by systems/black boxes you cannot access? Are there more specific strategies than just giving the client all the info you can?
- I would like to conduct a CTT for my organization. How do I get started?
- How do you know what to include in a CTT?
- With new regulations and directives coming out focused on securing the supply chain, what is the best way to stay ahead and be proactive, rather than being reactive?
Trideum Corporation, Solutions Architect
Dr. Jacob Cox is a Solutions Architect for Trideum Corporation, focusing on Cybersecurity and Electronic Warfare (EW), and an Adjunct Professor for Augusta University’s School of Computer and Cyber Sciences. Jacob also served in the U.S. Army for 22 years. During that time, he served as an Armament and Electrical Systems Repairer for the Apache Helicopter, a Signal Officer, a Company Commander, a Telecommunications Engineer, a United States Military Academy Assistant Professor, and a Cyberspace Operations Officer. His most recent assignment was as the Chief of Enterprise Operations at the Southwest Asia Cyber Center, Kuwait. Jacob’s roles following the Army include research scientist for an artificial intelligence research company and lead data scientist for Army Capability Manager – Cyber.
Jacob holds a B.S. in electrical engineering from Clemson University and an M.S. and Ph.D. in electrical and computer engineering from Duke University and the Georgia Institute of Technology. His certifications include CISSP, PMP, C|EH, C|HFI.
Fortress Information Security, Director of Federal Programs & Partnerships
Andrea is skilled in strategy development, cross-functional team leadership, evaluating operative accomplishments, and training. She has a background in working with federal programs as well as cybersecurity inspections and compliance. As an experienced business intelligence analyst, she has a demonstrated history of process improvement and performance to drive revenue and achieve program and operational goals. Andrea is a CMMC-AB Registered Practitioner (RP) and holds a Master of Business Administration (M.B.A.) focused in Management and Leadership.
Fortress Information Security, Vice President of Supply Chain Risk Management
As Vice President of Supply Chain Risk Management, Hughes is responsible for the execution of the vendor supply chain assessments for clients.
Prior to his current position, Hughes served as the Senior Manager – Risk & Compliance and leader of the 3rd Party Security program at General Electric, one of the largest global manufacturing suppliers in the energy, aviation, and healthcare industries. The program at General Electric focused on the identification and management of supply chain risk these critical industries. Prior to his work at General Electric, Hughes spent 10 years at Deloitte, evaluating cyber security and supply chain risks for the Department of Defense, Department of Education, Department of Transportation, and the Social Security Administration.