11th Edition Third Party Vendor Risk Management for Financial Institutions

10-12 February, 2020  | New York City, USA 

 For registration details and multiple attendee discounts, please contact:

Jeremy Wise
jeremywi@marcusevansch.com

Interested? Do you feel you will benefit?

© Copyright 2019 marcus evans conferences

LOCATION

New York City, USA

ABOUT THE INTERVIEW

How do you think the Third Party Risk landscape has changed with the growth of cyber and cloud platforms?

Well, the Third-Party Risk landscape has changed significantly with the growth of cyber and cloud platforms. More organizations are partnering with cloud providers for obvious reasons and therefore introducing another potential risk vector to their environment. The good news is that more cloud providers are strengthening their security practices as a way to differentiate themselves from their competitors.

In light of GDPR, CCPA and the NYDFS, what do you think are the risks Financial Institutions (FI) need to be aware of when it comes to sharing their data?

There are some specific risks for FI’s when it comes to GDPR, CCPA, and NYDFS, and they are as follows: 

- The ability to confirm that all of the data has been deleted from your partners/vendors internal systems.

- The ability to confirm that all of the partners/vendors security controls and processes are in place at all times. Most security assessments are point and time and therefore what is in place today may not be in place tomorrow.

- Enhanced opportunities to be sued due to the inability to return all of the data you have on a requestor in an adequate amount of time.

What additional due diligence do you think needs to be carried out on cloud software providers like AWS?

Beyond your typical security assessments, you need to look at cloud software providers internal processes, in most cases you may only be assessing the services they are providing. However, you really need to perform an assessment on their internal processes and procedures as well as their service offering. They are not the same and can have some impact on how the overall services are delivered to you.

How can FIs gain leverage with their third and fourth parties to hold them accountable?

Today, the most practical way to gain leverage with third and fourth parties and hold them accountable are through contractual vehicles.

What would you like to achieve by attending the 11th Edition Third Party Risk meeting?

What I would like to achieve by attending the meeting is as follows: 

- Knowledge sharing on best practices and whats new in the space or what is coming

- The chance to network with many different individuals



 

Ahead of the 11th Edition Third Party Vendor Risk Management for Financial Institutions Conference, we spoke to Antonio Anderson, Executive Director, Information Security Governance,  Risk and Compliance at  Trustmark. He is responsible for the management of technology risk, IT governance, IT compliance and overall risk management across the enterprise. He most recently served as Senior Security Cloud Specialist at CenturyLink, a global communications, hosting, cloud and IT services company. Prior to that, he was an IT and Security Solutions Engineering Manager at Verizon Terremark. He holds a Master of Science in Computer Science/Telecommu-nications from Roosevelt University in Chicago and a Bachelor of Science in Economics from Illinois State University  in Normal, IL .


Group Innovation Exchange Led by Antonio Anderson

Methods for Holding Third Parties Accountable and Gaining Leverage for Improved Fourth Party Oversight
• How can we improve our strategies for holding third parties accountable beyond service credits?
• 
Contract negotiations and setting key deliverables and vendor KPIs to establish clear expectations
• Solutions to increase our leverage with third parties to obtain the information and reports we need for our regulators



REGISTER NOW!