Summary The conversation covers the Third Party Risk Association's training and certification programs, upcoming events, and the development of new certificate programs. It also delves into the importance of third-party risk management, compliance, and resilience. The discussion highlights the need for specialized training and tools in the field of…

Summary In this episode, Gregory interviews Jay Bobo, the creator and CEO of Breach Siren, about third-party risk management. They discuss the challenges of using crappy and expensive tools in the space, the need for accountability from regulators and ISACs, and the financial impact of third-party risk. They also explore how cybersecurity breaches …

Guest Adam Shostack helps us understand how Large Language Model is useful (and maybe not so) in threat modeling.By Gregory Rasner

By Gregory Rasner

By Gregory Rasner

On this episode we talk to Threat Modeling guru Adam Shostack (check out his website https://shostack.org/about/adam) and discuss some great topics: 1. Cyber Public Health Initiative - how do we measure progress in cyber? 2. Language Learning Models in Threat Modeling 3. How to use Threat Modeling in Third-Party Risk…

Great time talking with Dr. Chase Cunningham about a variety of topics: Dangers of Deep Fakes His new book "How NOT to Lead...Dumpster Chickens and Mushroom Farmers" Small Business Cybersecurity Data Security and Zero Risk adoption challenges Pre-order his book on Amazon: https://www.amazon.com/How-NOT-Lead-Chase-Cunningham/dp/1394201982/ref=sr_1_1…

George Finney, CISO at SMU, CEO of Well Aware Security, and author of two books, the latest being "Project Zero Trust" is our guest. He and Greg talk zero trust, third-party risk, training, and about the SolarWinds SEC case.By Gregory Rasner

Tune in to this episode with co-author of "Zero Trust Security: An Enterprise Guide" and the Technical Editor for my next book "Zero Trust and Third-Party Risk", Jerry Chapman. The topics range from Zero Trust (duh!), to software vulnerabilities, a good primer on "Control Plane" and its impact on SaaS, Artificial Intelligence and much more! Great e…

Listen in on a lively discussion with the Chairman of the Board for Third Party Risk Association and Director of Verizon's TPRM program. We talk about zero-day software vulnerabilities and how we all struggle to deal with them, off some solutions, some more problems, and discuss upcoming TPRA Conferences and their benefits.…

In this episode, we've got Rob Wood, as the CISO from Medicare/Medicaid, whose passion around third-party risk and cybersecurity is unmatched. Learn how many of us are 'doing it wrong' and get some great soft-skills discussions.By Gregory Rasner

This episode is jam-packed full of great information as we meet and discuss a variety of risk topics with Clar Rosso, CEO of ISC2. From Cyber Insurance, to a Third Party Risk Task Force they are standing up, the challenges faced in the Cyber workforce, and how to improve Cyber GRC, there is a lot to learn and discover in this episode.…

In this episode, we learn so much I have to listen to the podcast myself to let it all sink in! Are SBOMs (Software Bill of Materials) the answer to software security? How is "Provenance" and software security related? Some awesome tips on how to tell if your software providers is producing secure and stable products. How can a Security Champions p…

Watch the hosts and guest, Dustin Sachs (doctoral candidate and GRC leader at World Fuel Systems) discuss how TPRM is not a set of tools or technologies, but processes to identify, track and close risks.By Gregory Rasner

Join the host, co-host and guest, Julie Gaiaschi (CEO for TPRA) in discussing breaches and third-party risk management, along with other insights: how to better manage interactions with vendors what should be your main goal as a cyber and third-party risk management professional training and certification opportunities at TPRA free membership to pr…

Join the host, co-host and guest, Julie Gaiaschi (CEO for TPRA) in discussing breaches and third-party risk management, along with other insights: how to better manage interactions with vendors what should be your main goal as a cyber and third-party risk management professional training and certification opportunities at TPRA free membership to pr…