The CyberPHIx Podcast, Episode 10 with Kelly White is now LIVE!
You can outsource your systems and services, but you cannot outsource your risk.
In 2008, the FDIC set a benchmark for vendor data risk by stating that a financial institution’s BOD and officers are responsible for third-party actions as it affects data security. In healthcare, these same standards are starting to be applied, leading to increased oversight of vendor relationships.
In this CyberPHIx podcast, Kelly White, Founder and CEO of RiskRecon, outlines some key concepts for effective vendor risk management drawing on experience in healthcare as well as other industries very vulnerable to third-party data security breaches.
Kelly’s position in the security automation market, provides us with insight into emerging trends of innovation and technology to better assess risk and potential impact of vendor data sharing. Our discussion with Kelly touches on some of the following trends:
- Understanding vendor risk management in peer industries, such as financial services, reveals opportunities for innovation and more effective oversight over vendor relationships in the healthcare sector.
- The Value of Risk is a key risk management concept that supersedes the rating of risk by the size of vendors. In risk management activities with small or medium-sized vendors, focusing the lens on the Value of the Risk will help set priorities that are most effective in leading to remediation.
- Healthcare is an industry primed to adopt and lead innovation and automation in risk management. The next wave of rapid security automation/innovation is likely to come out of the healthcare industry.