FAIRCON19 Video: Managing Third-party Cyber Risk with RiskRecon, Horizon Blue Cross, and Cyentia Institute

FAIRCON19 - Chris Golden - Horizon Blue Cross of New Jersey copyMoving risk quantification out to “hundreds of vendors - it magnifies the challenges for sure.”

That was FAIR Institute Advisory Board Member Wade Baker framing up the issue of risk in the cloud, covered in the FAIRCON panel discussion “Managing Organizational and Third-party Risk in the Age of Digital Transformation.”  

Watch the video now (a free membership in the FAIR Institute and the LINK discussion board required). Join the Institute now)

On the panel:

  • Tom Bain, SVP at RiskRecon, moderating
  • Chris Golden, Director of Information Security at Horizon Blue Cross of New Jersey 
  • Wade Baker, Partner at Cyentia Institute and FAIR Institute Advisory Board Member

Among the words of advice (or commiseration) you’ll hear from the panel:  

FAIRCON19 - Wade Baker - Cyentia copy“Using a framework like FAIR™ allows you to have a much better conversation with (vendors) on what you think the risks are and what they think the risks are and then we can have a better conversation on controls,” said Chris Golden. Using the numbers generated by FAIR analysis tends to force agreement. 

Pay as much attention to offboarding a cloud vendor as onboarding, Jill warned. There’s typically “no checklist to make sure whatever switch you turned on (to send data), you turned off. It’s a gap in the vendor risk assessment process.” 

Chris said he’s had good luck working with smaller vendors by offering a cooperative relationship from the start, including applying FAIR analysis. “Say ‘we are giving you a free IT audit. Take advantage of it’.”

Watch the complete video of Managing Organizational and Third-party Risk in the Age of Digital Transformation. FAIR Institute membership and LINK community site membership required. 

See all the coverage of the 2019 FAIR Conference

Learn How FAIR Can Help You Make Better Business Decisions

Order today
image 37