ITSPmagazine

Building a Third Party Security Program | A Conversation With Kyle Tobener | Tech Done Different With Ted Harrington

Episode Summary

From running a third-party security program at the scale of Salesforce to building one from the ground up at a startup, Kyle Tobener has seen many flavors of how to manage third-party security risk.

Episode Notes

Kyle Tobener has seen many flavors of how to manage third-party security risk. He joins Tech Done Different to share many insights on this critical security domain. You'll learn:
- why companies that have a unified system for third party/vendor security risk management are always in the best shape
- why experience in third party security is like an MBA for a future career as a CISO
- how to balance depth with any specific vendor vs breadth across assessing the risk of many vendors
- why (and how) security should build relationships, educate, and set timelines with business units
- why you want to establish as many methods of communication as possible between security processes so you encourage people to want to do the right security
- why transparency matters

________________________________

Guest
Kyle Tobener
On Linkedin | https://www.linkedin.com/in/kyletobener/
On Twitter | https://twitter.com/kylekyle
 

________________________________

Host
Ted Harrington
On ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/ted-harrington

________________________________

This Episode’s Sponsors

CrowdSec 👉 https://itspm.ag/crowdsec-b1vp

________________________________

Resources

 

________________________________

For more podcast stories from Tech Done Different With Ted Harrington: https://www.itspmagazine.com/tech-done-different-podcast

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/podcast-series-sponsorships