https://simplecast.com Cyber Risk Nation Welcome to a nation of like-minded professionals from both sides of the Exchange who are dedicated to cyber risk intelligence. Cyber Risk Nation is your vehicle to establish yourself as an industry thought-leader, connect with other forward-thinking individuals, and deepen your engagement with CyberGRX, all while celebrating your success and getting rewarded. 2023 Cyber Risk Nation en Mon, 15 May 2023 19:11:27 +0000 Thu, 25 May 2023 18:20:23 +0000 https://cyber-risk-nation.simplecast.com Cyber Risk Nation https://image.simplecastcdn.com/images/1f0f61d2-c7bd-48d8-8971-f88cce32315d/aeedff25-de02-44a1-a0ed-0afe516a96d7/3000x3000/crn-podcast-logo.jpg?aid=rss_feed https://cyber-risk-nation.simplecast.com episodic Welcome to a nation of like-minded professionals from both sides of the Exchange who are dedicated to cyber risk intelligence. Cyber Risk Nation is your vehicle to establish yourself as an industry thought-leader, connect with other forward-thinking individuals, and deepen your engagement with CyberGRX, all while celebrating your success and getting rewarded. CyberGRX, Cyber Risk Nation no https://feeds.simplecast.com/5_6DftIv community, cybersecurity, security CyberGRX jessica.jenks@cybergrx.com b5958959-118c-468d-9296-6c76175da157 How Far Should You Push the Boundaries in Accelerating Risk Decisions? A classic procurement conundrum: thoroughness vs. speed. 

When contracts get hung up in procurement, it slows down business operations. Yet, evaluating vendors for the potential new risks they are introducing is time-consuming, not to mention cumbersome. How far do you push the boundaries– should you move on from vendors who don’t comply with your assessment requests in a timely manner? Would you use predictive risk data to evaluate vendors and accelerate your decision? 

]]> Mon, 15 May 2023 19:11:27 +0000 jessica.jenks@cybergrx.com (Peter Finter, Joanna Soles, Dave Stapleton) https://cyber-risk-nation.simplecast.com/episodes/how-far-should-you-push-the-boundaries-in-accelerating-risk-decisions-ih9fY0G1 A classic procurement conundrum: thoroughness vs. speed. 

When contracts get hung up in procurement, it slows down business operations. Yet, evaluating vendors for the potential new risks they are introducing is time-consuming, not to mention cumbersome. How far do you push the boundaries– should you move on from vendors who don’t comply with your assessment requests in a timely manner? Would you use predictive risk data to evaluate vendors and accelerate your decision? 

]]> How Far Should You Push the Boundaries in Accelerating Risk Decisions? Peter Finter, Joanna Soles, Dave Stapleton 00:30:21 Join us as we discuss and debate how to enable your business while also protecting it, particularly as it relates to vetting and onboarding new vendors with our special guest Joanna Soles, Sr. Director of Information Security at PepsiCo, Inc., along with Dave Stapleton, CISO at CyberGRX and Peter Finter, CMO at CyberGRX. Join us as we discuss and debate how to enable your business while also protecting it, particularly as it relates to vetting and onboarding new vendors with our special guest Joanna Soles, Sr. Director of Information Security at PepsiCo, Inc., along with Dave Stapleton, CISO at CyberGRX and Peter Finter, CMO at CyberGRX. third-party cyber risk management, cybersecurity, risk decisions, third party risk, vendor, tprm no full 1 65d34965-e2c2-4830-9545-4af4a3ae9b96 How Do You Manage Risk Amidst a Rapidly Growing Third-Party Ecosystem? A poll from a previous webcast showed 67% of participants were challenged by staff resources and capacity when implementing a third-party risk management (TPRM) program.

The truth is, there’s no shortage of cyber risks, and managing the volume can be overwhelming for any cybersecurity team. The average enterprise has 6,000 third parties– how do you effectively identify, categorize, and prioritize your most critical risks? Where should you start, and how do compliance requirements factor into the equation? We’ll be debating these questions and more in this episode of Cyber Risk Nation.

]]> Mon, 15 May 2023 18:58:16 +0000 jessica.jenks@cybergrx.com (Peter Finter, Lane Sullivan, Tim Cleary) https://cyber-risk-nation.simplecast.com/episodes/how-do-you-manage-risk-amidst-a-rapidly-growing-third-party-ecosystem-shpKuzA8 A poll from a previous webcast showed 67% of participants were challenged by staff resources and capacity when implementing a third-party risk management (TPRM) program.

The truth is, there’s no shortage of cyber risks, and managing the volume can be overwhelming for any cybersecurity team. The average enterprise has 6,000 third parties– how do you effectively identify, categorize, and prioritize your most critical risks? Where should you start, and how do compliance requirements factor into the equation? We’ll be debating these questions and more in this episode of Cyber Risk Nation.

]]> How Do You Manage Risk Amidst a Rapidly Growing Third-Party Ecosystem? Peter Finter, Lane Sullivan, Tim Cleary 00:30:49 Join the discussion on the challenges of managing third-party risks as organizations adopt more third-party solutions– and what they’ve done to overcome them with our speakers - Lane Sullivan SVP, Chief Information Security Officer at Magellan Health, Tim Cleary, Head of Security Risk and Counsel, Bridgewater Associates, LP, and CyberGRX CMO Peter Finter. Join the discussion on the challenges of managing third-party risks as organizations adopt more third-party solutions– and what they’ve done to overcome them with our speakers - Lane Sullivan SVP, Chief Information Security Officer at Magellan Health, Tim Cleary, Head of Security Risk and Counsel, Bridgewater Associates, LP, and CyberGRX CMO Peter Finter. third-party cyber risk management, cybersecurity, third party risk, vendor, tprm no full 1 19a24f1e-894e-42eb-8438-c52d6c203929 Vendor Social Engineering Gaps & the Risks They Pose Employees are the first line of defense for every company, yet CyberGRX data revealed that while 83% of third parties report they are conducting security awareness training, 42% aren’t testing the effectiveness of it. 

Join Erich Kron, Security Awareness Advocate at KnowBe4 & CyberGRX CISO Dave Stapleton as they discuss the threats posed by third-party testing gaps and the steps you can take to protect your organization.

]]> Fri, 24 Feb 2023 16:04:44 +0000 jessica.jenks@cybergrx.com (Peter Finter, Dave Stapleton, Erich Kron) https://cyber-risk-nation.simplecast.com/episodes/vendor-social-engineering-gaps-and-the-risks-they-pose-mAm6LjAr Employees are the first line of defense for every company, yet CyberGRX data revealed that while 83% of third parties report they are conducting security awareness training, 42% aren’t testing the effectiveness of it. 

Join Erich Kron, Security Awareness Advocate at KnowBe4 & CyberGRX CISO Dave Stapleton as they discuss the threats posed by third-party testing gaps and the steps you can take to protect your organization.

]]> Vendor Social Engineering Gaps & the Risks They Pose Peter Finter, Dave Stapleton, Erich Kron 00:31:05 Join Dave Stapleton, CISO at CyberGRX, & Erich Kron, Security Awareness Advocate at KnowBe4, as they discuss the threats posed by third-party testing gaps and the steps you can take to protect your organization. Join Dave Stapleton, CISO at CyberGRX, & Erich Kron, Security Awareness Advocate at KnowBe4, as they discuss the threats posed by third-party testing gaps and the steps you can take to protect your organization. social engineering, third-party cyber risk management, cybersecurity, third party risk, vendor no full 1 74962f5f-0ff3-484b-ad84-285999321d01 Third-Party Cyber Risk Management for Dummies: Chapter 4 - Evolving TPCRM With a Data-Driven Approach Join CyberGRX CEO Fred Kneip and Richard Seiersen, Chief Risk Officer for Resilience as they conclude this 4-part webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management for Dummies. 

In this adaption of Chapter 4 from this definitive guide, you'll hear from leading experts in the field as they discuss things like:

  • How does an Exchange and one-to-many sharing model benefit both customers and their third parties
  • Is it possible to gain complete vendor ecosystem visibility
  • What role does the MITRE ATT&CK framework play in managing third-party cyber risk?
  • Are predictive analytics capabilities the future of third-party cyber risk management

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Fri, 24 Feb 2023 16:04:29 +0000 jessica.jenks@cybergrx.com (Fred Kneip, Peter Finter, Richard Seiersen) https://cyber-risk-nation.simplecast.com/episodes/tpcrm-for-dummies-ch4-v0NzCcbs Join CyberGRX CEO Fred Kneip and Richard Seiersen, Chief Risk Officer for Resilience as they conclude this 4-part webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management for Dummies. 

In this adaption of Chapter 4 from this definitive guide, you'll hear from leading experts in the field as they discuss things like:

  • How does an Exchange and one-to-many sharing model benefit both customers and their third parties
  • Is it possible to gain complete vendor ecosystem visibility
  • What role does the MITRE ATT&CK framework play in managing third-party cyber risk?
  • Are predictive analytics capabilities the future of third-party cyber risk management

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Third-Party Cyber Risk Management for Dummies: Chapter 4 - Evolving TPCRM With a Data-Driven Approach Fred Kneip, Peter Finter, Richard Seiersen 00:55:40 Join us as we finish the final episode of our 4 part webinar series with a look into Chapter 4: Evolving TPCRM with a data-driven approach Join us as we finish the final episode of our 4 part webinar series with a look into Chapter 4: Evolving TPCRM with a data-driven approach tpcrm, third-party cyber risk management, cybersecurity, third party risk, third-party cyber risk management for dummies no full 1 a73417f2-1c27-44f4-8ed2-33fca96bfac8 Third-Party Cyber Risk Management for Dummies: Chapter 3 - Tackling the Traditional Approach to TPCRM The TPCRM revolution continues with the third in our 4-part webinar series with a focus on Chapter 3: Tackling the Traditional (and Outdated) Approach to TPCRM.

Join CyberGRX CEO Fred Kneip and Andy Kirkland, CISO of Starbucks as they continue this 4-part webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management For Dummies.

In this adaptation of Chapter 3 from this definitive guide, you’ll hear from leading experts in the field as they discuss things like:

  • Is the current approach to third-party cyber risk management broken?
  • Are assessments effective in accomplishing the desired goal of managing risk effectively?
  • How can teams better access and analyze third-party cyber risk data at scale so that they can act quickly and effectively to reduce their risk?

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Fri, 24 Feb 2023 16:04:14 +0000 jessica.jenks@cybergrx.com (Fred Kneip, Peter Finter, Andy Kirkland) https://cyber-risk-nation.simplecast.com/episodes/tpcrm-for-dummies-ch3-EUF0m8ye The TPCRM revolution continues with the third in our 4-part webinar series with a focus on Chapter 3: Tackling the Traditional (and Outdated) Approach to TPCRM.

Join CyberGRX CEO Fred Kneip and Andy Kirkland, CISO of Starbucks as they continue this 4-part webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management For Dummies.

In this adaptation of Chapter 3 from this definitive guide, you’ll hear from leading experts in the field as they discuss things like:

  • Is the current approach to third-party cyber risk management broken?
  • Are assessments effective in accomplishing the desired goal of managing risk effectively?
  • How can teams better access and analyze third-party cyber risk data at scale so that they can act quickly and effectively to reduce their risk?

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Third-Party Cyber Risk Management for Dummies: Chapter 3 - Tackling the Traditional Approach to TPCRM Fred Kneip, Peter Finter, Andy Kirkland 01:00:28 Tune in for the 3rd of our 4 part webinar series with a deep dive into Chapter 3: Tackling the Traditional (and Outdated) Approach to TPCRM Tune in for the 3rd of our 4 part webinar series with a deep dive into Chapter 3: Tackling the Traditional (and Outdated) Approach to TPCRM tpcrm, third-party cyber risk management, cybersecurity, third party risk, third-party cyber risk management for dummies no full 1 ef5798df-c6d0-44e4-84be-df1cf66a6323 Third-Party Cyber Risk Management for Dummies: Chapter 2 - Communicating the Importance of TPCRM When it comes to moving a business forward, the time inevitably comes when you need to implement new tools and processes to get things accomplished, and sometimes it takes a little convincing to get others on board with the direction you want to move in.

From the CEO and CISO to the board of directors and other stakeholder departments, it’s imperative that you know how to communicate the benefits of having a third-party cyber risk management (TPCRM) strategy in the languages each unique stakeholder speaks.

In this adaptation of Chapter 2,  join CyberGRX CEO Fred Kneip and Chris McFarland, VP & CISO at Abercrombie & Fitch Co. as they discuss things like:

  • How to have important conversations about the need for a comprehensive third-party cyber risk management strategy.
  • What are some of the risks associated with maintaining the status quo?
  • Steps to take to ensure you have buy-in from the very first conversations through to the implementation and maintenance of the TPCRM solution.

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Fri, 24 Feb 2023 16:04:02 +0000 jessica.jenks@cybergrx.com (Fred Kneip, Peter Finter, Chris McFarland) https://cyber-risk-nation.simplecast.com/episodes/tpcrm-for-dummies-ch2-juhz3jwH When it comes to moving a business forward, the time inevitably comes when you need to implement new tools and processes to get things accomplished, and sometimes it takes a little convincing to get others on board with the direction you want to move in.

From the CEO and CISO to the board of directors and other stakeholder departments, it’s imperative that you know how to communicate the benefits of having a third-party cyber risk management (TPCRM) strategy in the languages each unique stakeholder speaks.

In this adaptation of Chapter 2,  join CyberGRX CEO Fred Kneip and Chris McFarland, VP & CISO at Abercrombie & Fitch Co. as they discuss things like:

  • How to have important conversations about the need for a comprehensive third-party cyber risk management strategy.
  • What are some of the risks associated with maintaining the status quo?
  • Steps to take to ensure you have buy-in from the very first conversations through to the implementation and maintenance of the TPCRM solution.

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Third-Party Cyber Risk Management for Dummies: Chapter 2 - Communicating the Importance of TPCRM Fred Kneip, Peter Finter, Chris McFarland 00:55:43 Get ready for the second event in this 4 webinar series with a deep dive into Chapter 2: Communicating the Importance of TPCRM Get ready for the second event in this 4 webinar series with a deep dive into Chapter 2: Communicating the Importance of TPCRM tpcrm, third-party cyber risk management, cybersecurity, third party risk, third-party cyber risk management for dummies no full 1 107118da-0323-4758-8f5c-8e83636e4e34 Third-Party Cyber Risk Management for Dummies: Chapter 1 - Understanding Third-Party Cyber Risk Management Join CyberGRX CEO Fred Kneip and Dave Estlick, CISO at Chipotle Mexican Grill as they kick off this 4 webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management For Dummies.

In this adaptation of Chapter 1 from this definitive guide, you’ll hear from leading experts in the field as they discuss things like:

  • Are all third-party cyber risk management solutions and methodologies created equal?
  • Is one more appropriate for a specific industry than another?
  • How do you ensure all stakeholder departments (and the organization as a whole), play an active role in defending against cyber threats?

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Fri, 24 Feb 2023 16:03:49 +0000 jessica.jenks@cybergrx.com (Fred Kneip, Dave Estlick, Peter Finter) https://cyber-risk-nation.simplecast.com/episodes/tpcrm-for-dummies-ch1-8_DprjrZ Join CyberGRX CEO Fred Kneip and Dave Estlick, CISO at Chipotle Mexican Grill as they kick off this 4 webinar series covering all chapters from the recently released guide, Third-Party Cyber Risk Management For Dummies.

In this adaptation of Chapter 1 from this definitive guide, you’ll hear from leading experts in the field as they discuss things like:

  • Are all third-party cyber risk management solutions and methodologies created equal?
  • Is one more appropriate for a specific industry than another?
  • How do you ensure all stakeholder departments (and the organization as a whole), play an active role in defending against cyber threats?

Download a free copy of the guide, Third-Party Cyber Risk Management For Dummies, here.

]]> Third-Party Cyber Risk Management for Dummies: Chapter 1 - Understanding Third-Party Cyber Risk Management Fred Kneip, Dave Estlick, Peter Finter 00:57:58 Sit back and relax as we kick off this 4 webinar series with a deep dive into Chapter 1: Understanding Third-Party Cyber Risk Management (TPCRM) Sit back and relax as we kick off this 4 webinar series with a deep dive into Chapter 1: Understanding Third-Party Cyber Risk Management (TPCRM) tpcrm, third-party cyber risk management, cybersecurity, third party risk, third-party cyber risk management for dummies no full 1