3rd Party Risk Management , Events , Governance & Risk Management

The Power of a 'True' Third-Party Risk Exchange

Dave Stapleton, CISO of CyberGRX, Discusses Vendor Risk Management Challenges
Dave Stapleton, CISO, CyberGRX

Effective cyber risk management of vendors is critical to the success of organizations that are increasingly relying on these third parties, says Dave Stapleton, CISO of CyberGRX, who describes the importance of using a "true" third-party risk exchange.

A true third-party risk exchange is based on a standardized set of data - the same information collected across a wide portfolio of third parties, he says. "It doesn't matter if you're evaluating 50 or 3,000 vendors. It will be a standardized set of data, and that empowers the ability to do a lot of proprietary analytics that can expose actionable insights," he says.

In a video interview with Information Security Media Group at RSA Conference 2022, Stapleton also discusses:

  • Vendor risk management challenges;
  • Developing a portfolio of third-party visibility;
  • The road map to build a true third-party risk exchange.

Stapleton is a cybersecurity risk professional with over a decade of experience in both the public and private sectors. He began his career at the U.S. Department of Health and Human Services, where he developed and managed risk and compliance functions for the Food and Drug Administration and Indian Health Service.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.