The Maturity of Third-Party Risk Management

3rd Party Risk Management , Governance & Risk Management

RiskRecon CEO Kelly White Shares Insight and Predictions


Kelly White, CEO, RiskRecon

While conventional approaches to third-party risk management remain unchanged, the industry is transitioning to a new “normal,” says RiskRecon CEO Kelly White.

See Also: Careless and Malicious Insiders: The Threat Persists

“The way companies manage internal cybersecurity risk is very data-driven today,” he says. “Compare that with the way third-party risk is managed, and they are very far apart. The techniques used internally inform where third-party risk management will go.”

In a video interview with Information Security Media Group at RSA 2020, White also discusses:

  • The evolving third-party risk surface;
  • Key pain points for organizations and recommendations;
  • The new “normal” for third-part risk management.

White is the co-founder and CEO of RiskRecon. He previously served in various enterprise security roles, including CISO and director of information security for financial services companies. White was also practice manager and senior security consultant for CyberTrust and Ernst & Young.

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips