3rd Party Risk Management , Application Security , Governance & Risk Management

Reevaluating Your Third-Party Risk Strategy

Jonathan Swanson of CyberGRX on Elements of a Holistic Program
Jonathan Swanson, head of client services function, CyberGRX

The SolarWinds attack has cybersecurity leaders everywhere taking a hard look at third-party risk. But it’s one thing to have a fresh strategy and quite another to actually start holding vendors accountable for their own security. Jonathan Swanson of CyberGRX offers advice.

In this video interview with ISMG, Swanson discusses:

  • The areas that risk managers commonly overlook;
  • Key elements of a holistic third-party risk program;
  • The most effective types of vendor assessments.

Swanson, head of the client services function at CyberGRX, is a seasoned cybersecurity leader specializing in third-party risk. He has spent more than a decade building security and risk management programs for some of the largest and most innovative companies in the U.S.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.