CxO webinar series: Managing information risk from critical suppliers

on demandrisksupply chaincxo event
Date and Time 06th October 2020 , 12:00pm

Cyber resiliency in a defining moment in history: Managing information risk from critical supplier

Supply chains, while vital to any business, have always been a major source of information risk. The number of security incidents involving suppliers has been trending up: one study found that between 2017 and 2019, the number of data breaches involving third parties increased by 35%. Such incidents can have a major business impact. In the COVID era, these issues have become even more concerning, as supply chains are both increasingly important and even more vulnerable.

In this recent interactive discusion, Nick Frost, Senior Consultant, ISF was joined Richard Absalom, Senior Research Analyst, ISF and other guest speakers to discuss how COVID has created new challenges in terms of supplier security, and how organisations can adapt to manage information risk presented by their critical suppliers. From re-assessing risk appetite and negotiating specialised contractual requirements, to using various monitoring tools and establishing close working relationships with counterparts at suppliers, they will take a wide-ranging view of how businesses can not only adapt to the new environment, but use the lessons learned to improve their supplier risk management processes for the future.


  • Richard Absalom, Senior Research Analyst, ISF
  • Marc Avery, Chief Information Security Officer and Cyber Security Advisor
  • Steve Williamson, Audit Account Director – Information Security and Data Privacy, GSK
  • David Soohoo, Product Manager, Recorded Future

Moderator: Nick Frost, Principal Consultant, ISF


Recorded Future delivers security intelligence to amplify the effectiveness of security and IT teams by informing decisions in real-time with contextual, actionable intelligence. By analyzing data from open, dark, and proprietary sources, Recorded Future offers a singular, integration-ready view of threat information, risks to digital brand, vulnerabilities, third-party risk, geopolitical risk, and more.