https://community.isc2.org/t5/Past-Security-Congresses/Session-Intrusive-Monitoring-The-Nuclear-Option-for-Monitoring/m-p/41#M2 <P>This conversation launches at ISC2 Congress on Monday afternoon where I discuss various options for organizations to monitor internal operations of their most critical third party service providers.</P> <P>&nbsp;</P> <P>Third Party Risk Management (TPRM) is a "thing" now. It's a relatively new topic that requires CISOs to allocate resources to do a better job of identifying and managing risks in third party organizations that provide products or services to an organization. TPRM operations can be very time consuming but there are platforms and tools that can help make the job easier and save costs as well.</P> <P>&nbsp;</P> <P>Full disclosure: my employer has one such service, known as Evantix. More info <A href="https://www.optiv.com/solutions/third-party-risk-management/evantix" target="_blank">here</A>. (full link:&nbsp;<A href="https://www.optiv.com/solutions/third-party-risk-management/evantix" target="_blank">https://www.optiv.com/solutions/third-party-risk-management/evantix</A>)</P> <P>&nbsp;</P> <P>However, my talk is not a sales pitch - I will barely mention Evantix, if at all.</P> <P>&nbsp;</P> <P>See you at my session, and let's continue this afterwards.</P> <P>&nbsp;</P> <P>Peter</P> <P>&nbsp;</P> <P><STRONG>Peter H Gregory</STRONG>&nbsp;|&nbsp;Executive&nbsp;Director – CISO Services</P> <P>CISSP, CISA, CISM, CRISC, C-CISO, CCSK, PCI-QSA</P> <P><A href="mailto:peter.gregory@optiv.com" target="_blank">peter.gregory@optiv.com</A></P> <P><A href="http://www.optiv.com/" target="_blank">www.optiv.com</A></P> Mon, 09 Oct 2023 08:16:54 GMT phg 2023-10-09T08:16:54Z https://community.isc2.org/t5/Past-Security-Congresses/Session-Intrusive-Monitoring-The-Nuclear-Option-for-Monitoring/m-p/41#M2 <P>This conversation launches at ISC2 Congress on Monday afternoon where I discuss various options for organizations to monitor internal operations of their most critical third party service providers.</P> <P>&nbsp;</P> <P>Third Party Risk Management (TPRM) is a "thing" now. It's a relatively new topic that requires CISOs to allocate resources to do a better job of identifying and managing risks in third party organizations that provide products or services to an organization. TPRM operations can be very time consuming but there are platforms and tools that can help make the job easier and save costs as well.</P> <P>&nbsp;</P> <P>Full disclosure: my employer has one such service, known as Evantix. More info <A href="https://www.optiv.com/solutions/third-party-risk-management/evantix" target="_blank">here</A>. (full link:&nbsp;<A href="https://www.optiv.com/solutions/third-party-risk-management/evantix" target="_blank">https://www.optiv.com/solutions/third-party-risk-management/evantix</A>)</P> <P>&nbsp;</P> <P>However, my talk is not a sales pitch - I will barely mention Evantix, if at all.</P> <P>&nbsp;</P> <P>See you at my session, and let's continue this afterwards.</P> <P>&nbsp;</P> <P>Peter</P> <P>&nbsp;</P> <P><STRONG>Peter H Gregory</STRONG>&nbsp;|&nbsp;Executive&nbsp;Director – CISO Services</P> <P>CISSP, CISA, CISM, CRISC, C-CISO, CCSK, PCI-QSA</P> <P><A href="mailto:peter.gregory@optiv.com" target="_blank">peter.gregory@optiv.com</A></P> <P><A href="http://www.optiv.com/" target="_blank">www.optiv.com</A></P> Mon, 09 Oct 2023 08:16:54 GMT https://community.isc2.org/t5/Past-Security-Congresses/Session-Intrusive-Monitoring-The-Nuclear-Option-for-Monitoring/m-p/41#M2 phg 2023-10-09T08:16:54Z