Third Party Risk: Turning Cyber Risk Ratings Into Cyber Risk Reduction

The global epidemic and recent data breaches such as SolarWinds and NotPetya have highlighted the importance of maintaining smooth supply chain operations and the challenges in anticipating and preventing potential disruptions to critical services and operations from within the cyber supply chain. This is coupled with increasing regulatory pressure being placed on demonstrable risk assurance efforts, including the PRA’s consultation on Operational Resilience and EU’s DORA Act.

With so many organisations still struggling to find effective ways to manage the cyber risks across their entire supply chain the need has arisen for organisations to reassess the reliability and cost-efficiency of TPRM programs and the resources that support them. In this interactive roundtable and networking session, we’ll be exploring:

• Risk ID v Risk Reduction – Are organisation spending too much time and effort on cyber risk identification, and not enough on risk remediation and reduction?
• What does “compliance” look and feel like? What are regulators looking for, who owns what, and how can we demonstrate compliance?
• Creating Real Results – Are third-parties engaging and responding to remediation plans?
• Generating scale – Are the skills and resources available to achieve this efficiently?

Join industry peers and leading service providers DVV Solutions and BlueVoyant to share experiences and discover best-practices to address growing regulatory pressure and create more scalable models for Third-Party cyber risk management and reduction.

Your Attendee Package Includes:

• Interactive roundtable discussion
• Drinks reception upon arrival
• Gourmet 3-course dinner and drinks

Ticket Price: VIP Complimentary

Location: 1 Lombard Street, London EC3V 9AA

Speakers:

Stefan Ward, MD, Veritas Risk Management (BA Risk, MIRM)
Stefan is a seasoned senior risk professional with over 30 years’ experience in Management of Risk. Now running his own consultancy, he has been involved at a senior level in some of the most complex and challenging environments from a risk perspective.
Most recently, Stefan supported the merger of London Stock Exchange and Refinitiv and its associated IT risk functions, has acted as Interim CRO for ClearBank, managed remediation activity for TSB in relation to the major IT Migration Incident, and ran third-party risk operations at Nationwide Building Society, subsequently holding the position of Head of Risk for Relationships and Distribution.
He is currently supporting a European Financial Services Organisation to apply for their full Banking Licence to operate in the UK and also volunteers as Chair of the Supervisory Board for the Wiltshire and Swindon Credit Union (WASCU).

Mark Tilston, Customer Success Manager, BlueVoyant

Mark is responsible for working proactively in partnership with customers to ensure they gain maximum value from BlueVoyants Third Party Cyber Risk Management Services.
Prior to BlueVoyant, Mark served as the Head of Third Party Security Risk at the UK’s largest provider of fixed-line, broadband and mobile services. He is a source of expertise on the application of cyber security risk management practices and third party due diligence at scale.
Previously serving as a commissioned officer in the RAF, Mark has a wealth of knowledge from a variety of different industries; from supporting the UK’s Air Surveillance and Control System providing an early warning of air attack against the UK, to protecting the UKs Critical National Infrastructure upon which our daily life depends.

Sean O’Brien, MD, DVV Solutions

Sean has over 25 years’ hands-on experience of delivering IT security and GRC managed services. Sean leads the consultancy team in defining the operational and regulatory requirements required to deliver a robust program of risk assurance and third-party due diligence and remains a practicing Certified Third Party Risk Professional and Assessor.
In addition, Sean is chairman of the EMEA Best Practices Steering Committee for the Shared Assessments Program, providing a regional perspective into the development of Shared Assessments’ global standards and practices for Third Party risk frameworks and compliance.