How does your organisation manage cyber supply chain risk?
The recent SolarWinds security compromise provides a timely reminder that a cyber security compromise from third parties is a clear and present threat. Virtually all organisations utilise third party vendors to provide services, software solutions and to store data. For these reasons, it is essential that all organisations have a third party risk assessment and compliance program as part of a broader cyber security strategy. Given that organisations utilise a multitude of vendors it is impractical to adopt a one-size-fits-all approach to third party risk management. This article provides a pragmatic approach to mitigating this risk.
About The Advisor
Dr. Philip Nesci is an IBRS advisor specialising in digital transformation, Cloud strategy and analytics, cyber resilience and risk management, and large scale program management. Philip has an extensive track record as a CIO and an Executive in global commercial organisations such as Shell, Orica and China Light and Power, where he has orchestrated and delivered major organisational transformations enabled by technology. More recently as CIO of Monash Health and the Australian Red Cross Blood Service, Philip has focused on the Health sector and in Government leading a number of programs which have significantly reshaped the customer experience and engagement, underpinned by cyber resilience. Philip’s approach to strategy development and implementation is achieved through strong leadership and extensive engagement with Boards and Executives. Philip’s blend of business and technology experience across a wide range of industries and enhanced by working extensively in Australia, Europe, Asia and the USA, provides him with unique understanding in successfully planning and executing digital strategies to reshape business.