Search Results

Nader Zaveri, Senior Manager - Incident Response & Remediation, Mandiant/Google Weaponized Convenience: Inside the Rise of Remote Tool Abuse Track 2: Fortifying the Shoreline (Operational Risk & Resilience) Wednesday, April 9, 2025 2:10 PM - 3:00 PM Atlantic Ballroom 2 SESSION DESCRIPTION Remote administration tools (RATs) and remote monitoring and management (RMM) tools have become indispensable for efficient IT operations, yet their widespread use has inadvertently opened doors for malicious exploitation. This presentation will dissect real-world incidents where RATs and RMMs have been abused to infiltrate organizations, exfiltrate sensitive data, deploy ransomware,… Show More SPEAKERS Nader Zaveri Senior Manager - Incident Response & Remediation Mandiant/Google Nader Zaveri has over 15 years in the cybersecurity industry, and holds over a dozen industry-related certifications as well as an author and a regular speaker at industry events. Specializing in incident response and remediation, particularly against complex threats like nation-states and ransomware, he has also led post-incident transformational projects in security and infrastructure. Nader's experience spans leadership roles in top cybersecurity firms and multinational organizations. Apart from his professional… Show More Previous Next

Kaih Taylor, Manager, Third Party Risk Management, AgFirst Farm Credit Bank How to Mature Your TPRM Program Track 1: Anchoring TPRM Essentials & Best Practices Tuesday, April 8, 2025 3:10 PM - 4:00 PM Atlantic Ballroom 1 SESSION DESCRIPTION TPRM Maturity is critical to all organizations to stay ahead of the increasingly growing risk we are seeing in the TPRM Industry. This session aims to explore the maturity model, the requirements to mature your program and provide guidance on how to start your maturity journey. SPEAKERS Previous Next

Vincent Scales Sr. Director, Third Party Risk Management Verizon Roundtable: AI/ML, including Mapping Strategies Track 4: Charting the Course (Regulation & Compliance) Wednesday, April 9, 2025 1:00 PM - 1:50 PM Tides 1 & 2 SESSION DESCRIPTION AI & Machine Learning: Mapping New Waters in TPRM Set sail into the world of AI and machine learning in third-party risk management! This roundtable invites TPRM professionals to explore how AI/ML technologies are transforming risk detection, data analysis, and decision-making. Together, we’ll chart strategies for effectively mapping and leveraging… Show More SPEAKERS Previous Next

Industry Roundtable: Retail & Manufacturing Track 2: Fortifying the Shoreline (Operational Risk & Resilience) Tuesday, April 8, 2025 1:00 PM - 1:50 PM Atlantic Ballroom 2 SESSION DESCRIPTION Plundering for Profit: A Retail & Manufacturing Roundtable on TPRM Ahoy, Retail and Manufacturing captains! Hoist the anchor and join us for a dynamic roundtable where we’ll delve into the swashbuckling world of third-party risk management in your industries. Together, we’ll explore strategies for tackling supply chain vulnerabilities, navigating regulatory… Show More SPEAKERS Previous Next

Troy Leach, Chief Strategy Officer & John Yeoh, CSO, EVP, Cloud Security Alliance (CSA) Guiding GenAI Technology Providers Using CSA AI Controls Framework Track 3: Surfing the Waves of Innovation & Automation Tuesday, April 8, 2025 2:10 PM - 3:00 PM Atlantic Ballroom 3 SESSION DESCRIPTION GenAI applications, agents, orchestration tools and LLMs are expected to be used in many facets of an organization going forward. But how do you work with technology providers to create guardrails that will protect the company and the privacy of customer information? This talk will highlight best practices derived from… Show More SPEAKERS John Yeoh CSO, EVP CSA With over 20 years of experience in research and technology, John drives executive leadership and fosters key partnerships for board strategy advancement. His influential work as a technologist, researcher, and published author spans critical domains in cybersecurity, cloud computing, and next-generation technologies (Generative AI, Quantum, IoT, and Blockchain). John's expertise encompasses comprehensive risk management, third-party assessment, threat intelligence, identity and access management, data protection, and incident response for complex modernized… Show More Troy Leach Chief Strategy Officer Cloud Security Alliance Troy Leach advocates for the advancement of responsible technology to improve protection of data as well as the quality of living and parity for all to safely conduct commerce. At CSA, he is responsible for the non-profit’s corporate strategy to provide relevant cloud security education, research and awareness of cloud validation frameworks to industry-specific sectors such as financial services and public sector. Previously, he helped to establish and lead the… Show More Previous Next

Mark Orsi, CEO & Charlie Tupitza, Director of Community Development, Global Resilience Federation (GRF) | Business Resilience Council (BRC) Collective Resilience: Elevating Third-Party Risk Management Track 2: Fortifying the Shoreline (Operational Risk & Resilience) Tuesday, April 8, 2025 11:00 AM - 11:50 AM Atlantic Ballroom 2 SESSION DESCRIPTION As the threat landscape rapidly evolves, traditional security controls are no longer sufficient to safeguard the complex ecosystems in which we operate. This session explores the shift from focusing solely on defensive measures to embracing a broader framework of operational resilience. By extending resilience initiatives to include vendors and suppliers,… Show More SPEAKERS Mark Orsi CEO Global Resilience Federation | Business Resilience Council Mark Orsi is the CEO of GRF and President of the Business Resilience Council (https://www.grfbrc.org/), a non-profit, collective defense community where companies from all sectors work together to face emerging threats and become more resilient. Mr. Orsi led strategic efforts for several prominent Fortune 100 companies, working directly with CIOs and CISOs to develop, deploy, and improve security controls protecting the confidentiality, integrity, and availability of sensitive information. Mark joine… Show More Previous Next

Come for the grub, stay for the camaraderie—let's chart a course to smoother sailing in TPRM! Lunch Meal Tuesday, April 8, 2025 11:50 AM - 1:00 PM Atlantic Ballroom 4-8, Main Level SESSION DESCRIPTION Ahoy, mateys! Set sail for a lunchtime adventure at our conference, where the seas of third-party risk management meet the flavors of the open ocean! As we drop anchor for a hearty midday feast, you'll enjoy a treasure trove of delicious food and drinks to refuel your mind and body.… Show More SPEAKERS Previous Next

Join us for the first network event of the conference! Pirate Parley Network Event Network Event Monday, April 7, 2025 6:00 PM - 8:00 PM Oceanfront Courtyard, Main Level SESSION DESCRIPTION Ahoy, Mates! Join us for an unforgettable evening of networking, strategy, and collaboration at the Pirate Parley Network Event —an exclusive gathering during the TPRA Conference! This one-of-a-kind event takes place on Monday, April 7, 2025 , from 5:30 PM to 7:30 PM ET in the beautiful seaside city of Myrtle Beach . Brought… Show More SPEAKERS Previous Next

Take a break from the stormy seas of TPRM for a well-deserved snack break! Snack Break Break Wednesday, April 9, 2025 1:50 PM - 2:10 PM North & East Pre-Function Lobby SESSION DESCRIPTION Take a break from the stormy seas of TPRM for a well-deserved snack break! As we chart our course through the day's agenda, drop anchor and enjoy a bounty of tasty treats and refreshing drinks. It's the perfect time to stretch yer sea legs, exchange insights with fellow risk navigators,… Show More SPEAKERS Previous Next

Gregory Rasner, CEO, Third Party Threat Hunting LLC Stop the Pirate Raids! Get the Continuous Monitoring Cannons! Track 1: Anchoring TPRM Essentials & Best Practices Wednesday, April 9, 2025 11:00 AM - 11:50 AM Atlantic Ballroom 1 SESSION DESCRIPTION Learn how to stop the continual raids by the bad actors (pirates!) and lower your third-party risk by leveraging continuous monitoring effectively. It is not enough to have tools, the organization must have a plan and run-book on how to target pirates attacks more effectively. SPEAKERS Gregory Rasner CEO Third Party Threat Hunting LLC Gregory is a CEO, author, educator, speaker, and leader in the field of cybersecurity, zero trust, and third-party risk. With over 25 years of experience in IT and cybersecurity, he has helped numerous clients and organizations improve their security posture and reduce their risk exposure. He is the founder and CEO of Third Party Threat Hunting LLC, a cybersecurity consulting firm that specializes in a wide range of areas, including… Show More Previous Next

Session Information Coming Soon! Track 2: Fortifying the Shoreline (Operational Risk & Resilience) Wednesday, April 9, 2025 10:00 AM - 10:50 AM Atlantic Ballroom 2 SESSION DESCRIPTION SPEAKERS Previous Next

Daniel Philemon, Senior Solutions Consultant DEMO: Aravo Solutions Track 4: Charting the Course (Regulation & Compliance) Wednesday, April 9, 2025 10:00 AM - 10:50 AM Tides 1 & 2 SESSION DESCRIPTION This session is to provide a high level walkthrough demonstration of the Aravo TPRM platform with a focus on how Aravo helps organizations centralize, automate, and scale to address their most complex risk & compliance needs. SPEAKERS Daniel Philemon Senior Business Solutions Consultant Aravo Solutions Daniel serves as a Senior Business Solutions Consultant at Aravo Solutions and has a passion for helping organizations see value in technology to understand risk through the context of third parties. Previous Next