Third-party risk has emerged as one of 2019's top security challenges, and the topic was the focus of a recent roundtable dinner in Charlotte. RSA's Patrick Potter attended that dinner and shares insight on how security leaders are approaching this aspect of digital risk management.
Potter, a solutions strategist at RSA, says third-party risk has taken on such importance because organizations and regulators alike have placed greater emphasis on how data is accessed and secured in the digital supply chain.
"You don't always know whose hands your data is in, and when it's in the hands of an nth party you don't know anything about, that can be scary, and you can be legally liable under GDPR and other privacy laws," Potter says. "Third-party risk is a good bucket category of risk that entails several different risks that leave the contracting company wide open if they're not managing those appropriately."
In an interview following the Charlotte roundtable, Potter addresses:
Key takeaways from the dinner discussion; Trends he is seeing broadly re: third-party risk; How RSA is approaching this challenge as part of its renewed focus on digital risk management.Potter has spent over 25 years leading internal audit, business resiliency, strategic planning, process improvement and related activities at Fortune 500 companies in both practitioner and consulting roles. He is currently an IRM Strategist and subject matter expert for RSA.