As cyber threats targeting third-party vendors continue to rise, organizations must strengthen their Vendor Risk Management (VRM) programs to mitigate security risks, ensure regulatory compliance, and protect critical business operations. This session will explore the evolving threat landscape, key regulatory updates—including the proposed HIPAA Security Rule changes—and best practices for building a proactive, risk-based VRM framework.

Attendees will gain actionable insights on:

Identifying and assessing third-party security risks across the supply chain.
Establishing continuous monitoring and governance strategies for vendor compliance.
Leveraging contractual safeguards and SLAs to enforce security obligations.
Addressing vulnerabilities in healthcare, finance, and critical infrastructure sectors.
Developing a vendor incident response plan to mitigate supply chain breaches.
This session will provide real-world case studies, practical tools, and a roadmap for integrating VRM into enterprise risk strategy, ensuring organizations stay resilient in an increasingly interconnected and vulnerable digital ecosystem.