Kevin Pouche (COO, K logix) sits down with Frederick Webster (ISO, BCBS of RI) and discusses Third Party Risk, the challenges it brings and how to address those challenges, as well as how to communicate the metrics to the board.
(01:05)- Can you give some background on your role at BCBS of RI and your experience with Third Party Risk? What is Third Party Risk to you and why is it such a hot topic?
(03:00)- Why do you think Third Party Risk has catapulted over the past couple of years?
(03:41) - When tackling this topic of Third Party Risk, what do you think are the biggest challenges?
(04:52)- I imagine it's still difficult for a large organization like BCBS to get the attention via Third Parties - speak to how you address that challenge.
(10:27)- How do you assess the success of your Third Party Risk program - what metrics do you use?
(11:58)- How do you provide this information to non-technical people at the board level?
(13:46)- Do you think executives and boards are proactively coming to Information Security asking "What are we doing with Third Party Risk"?
(16:18)- As we look forward, how do you think Third Party Risk is going to evolve over the next couple of years?