CISOs Dan Bowden and Sanjeev Sah sit down in this session and talk shop, providing insights to help attendees better address two topics that come up regularly in healthcare security circles: 3rd party risk management and communicating risk to leadership.
Dan and Sanjeev will call on their years of experience and provide practical advice for choosing vendor partners. They’ll also address how to discuss security with department and executive leadership and how spread the responsibility for 3rd party risk throughout the organization.
“You explain the risk and make a recommendation, but at the end of the day you help the business be responsible for the business,” Dan says. “Some CISOs accept responsibility for things that are not in their wheelhouse.”
Key discussion points:
- Best practices for evaluating vendor partners
- How to make 3rd party risk management an organizational responsibility Communicating risk to internal and executive leadership
- Understanding what battles to fight and when to make a recommendation and go about your business