Follow us on

Bracing for the Tsunami of Third-Party Security Risk

Subscribe on your favorite platform:

Listen on Apple Podcasts Listen on Spotify Listen on iHeartRadio
Listen on iHeartRadio Listen on Google Podcasts Listen on Stitcher Listen on Tunein

About the Podcast: The CyberPHIx is a regular audio podcast series that reports and presents expert viewpoints on data security strategy for organizations handling patient health or personal information in the delivery of health-related services. These timely programs cover trends and data security management issues such as cybersecurity risk management, HIPAA and OCR compliance strategy and vendor risk management. Meditology Services, the healthcare industry's leading security and compliance firm, moderates the discussions with leaders in healthcare data security.

As the digital health movement continues to shift data to third-party platforms, security and risk teams have been overwhelmed by the tsunami of requests for vendor security risk assessments.

Constraints on human capital and time have never been tighter. Leading organizations are looking for ways to focus their teams on true risk management activities rather than perpetually collecting and formatting risk data.

Information security and risk leaders have turned to services, technology and automation to help keep pace with this unprecedented demand for third-party security assessments. However, the volume and variety of solutions hitting the market has some heads spinning trying to make sense of it all.

In this episode of The CyberPHIx, we speak with Siobhan Hunter, Vice President of Strategic Solutions for CORL Technologies. CORL provides tech-enabled managed services for third-party vendor security risk management for healthcare entities. Highlights of the discussion include:

  • Pros and cons of solutions available on the market including GRC platforms, cyber risk scoring, survey automation, third-party risk exchanges, and tech-enabled managed services
  • Characteristics of third-party risk program maturity ranging from low-maturity to industry-leading programs
  • How to strike the right balance of people, process, and technology to extract value and reduce cost for vendor security programs
  • Lessons learned from leading third-party security risk programs inside and outside of healthcare


Siobhan Hunter is the Vice President of Strategic Solutions for CORL Technologies. CORL provides tech-enabled managed services for third-party vendor security risk management for healthcare entities.

Prior to CORL, Siobhan served as the Director of IT Governance, Risk, and Compliance for Blue Cross and Blue Shield of North Carolina where she spearheaded groundbreaking GRC and vendor security risk management programs. Siobhan has also held a range of supply chain executive leadership roles with leading organizations including Blackberry and Celestica Corporation.

At CORL, she is responsible for directing strategic relationships with clients, vendors, and business partners, including cyber risk scoring, GRC and TPRM platforms. She is an acclaimed innovator and is the recipient of the 2019 CSO Award for Third-Party Risk Management, which recognizes initiatives that demonstrate outstanding business value, innovation and thought leadership.

 

Related Resources

Keep Up
With Meditology
Be the first to receive exclusive IT risk management updates.