Third-party risk management (TPRM); environmental, social, and governance (ESG); risk quantification: These are all critical topics for information security teams to keep an eye on in 2023 as risk velocity continues to increase.
As digital transformation accelerates, organizations are turning to more third parties to carry out operations — and this results in more external risk that can be difficult to measure. On the ESG front, calls for more transparency have shone a spotlight on companies’ role in securing customer data. In today’s uncertain environment, new risks are always around the corner.
Not everyone views risk management practices as a business enabler, but Richard Marcus, AuditBoard’s VP of Information Security, does — and sees an opportunity for risk teams to help their organizations achieve their goals. Get your free copy of this Information Security Media Group (ISMG) and AuditBoard ebook, TPRM, ESG, Risk Quantification: What CISOs Need to Know, in which he shares how he’s thinking differently about risk in 2023.
Richard also offers advice on how security leaders can take a strategic approach to key risks, including:
- Why ESG and third-party risks are critical for InfoSec teams.
- How to identify top threats and priorities for 2023.
- Tips for determining who should be involved in the risk assessment process.
- Best practices for building rapport with senior leaders and the board.
- Ways to fill the talent and skills gap.
- Successfully managing third-party relationships.