3rd Party Risk Management , Governance & Risk Management , Leadership & Executive Communication

Mastering Stakeholder Comms: How to Get Buy-In From the Top

Experts to Host a Deep Dive Into Third-Party Risk Strategies at ISMG Engage Chicago
Caitlin Gruenberg, director and risk solutions engineer, CyberGRX

Security leaders need to bridge the gap between security concerns and business outcomes to ensure everyone plays an active role in third-party risk management. But effectively communicating that risk comes down to knowing your audience - from employees to the board - and speaking their language, said Caitlin Gruenberg, director and risk solutions engineer at CyberGRX.

See Also: OnDemand | Secure Your Vendor's Access from Attacks on Third-party Vulnerabilities

Gruenberg and Matanda Doss, executive director of cybersecurity and technology controls at JPMorgan Chase & Co., will host a Deep Dive session on how to master the message of TPRM success on Tuesday, June 13, at ISMG's Engage Chicago event. For example, the board and C-suite want to know cost and reputation implications. Security teams need to understand the connection between security and business continuity, and employees need something tangible to relate to, she said.

"Having stakeholder buy-in is really the foundation of success for any third-party risk management program," Gruenberg said. "In any enterprise, you have different business units operating under different functionalities, using different tools, but for third-party risk management, this is an enterprise issue. The buy-in has to come from the top."

In this video preview of the upcoming ISMG Engage session in Chicago, Gruenberg discussed:

  • Understanding the metrics needed to communicate TPRM risks and potential costs;
  • How to relate to various stakeholders including the board, C-level, security professionals and frontline employees;
  • The value of data analytics in measuring third-party risks.

Gruenberg is a third-party risk professional with over a decade of privacy and cybersecurity experience in government, retail and financial industries. She is a Certified Information Privacy Professional and a Certified Data Privacy Solutions Engineer.

Register for ISMG Engage

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.