In today’s interconnected world, businesses rely on third-party vendors for various products and services. While these partnerships bring great benefits, they also expose companies to a range of risks, such as cyber threats, compliance issues, and reputational damage.

In this episode, I interview Paul Valente, the co-founder, and CEO of VISO Trust. Paul shares valuable insights into how businesses can mitigate risks posed by third-party vendors, the importance of continuous monitoring, and how VISO See more +

In today’s interconnected world, businesses rely on third-party vendors for various products and services. While these partnerships bring great benefits, they also expose companies to a range of risks, such as cyber threats, compliance issues, and reputational damage.

In this episode, I interview Paul Valente, the co-founder, and CEO of VISO Trust. Paul shares valuable insights into how businesses can mitigate risks posed by third-party vendors, the importance of continuous monitoring, and how VISO Trust’s platform helps companies manage risks effectively.

Paul Valente is the CEO and co-founder of VISO Trust, a company that provides automated third-party cyber risk management solutions. Prior to founding VISO Trust, Paul was the Chief Information Security Officer (CISO) at several companies, including Restoration Hardware, Lending Club, and ASAPP. He is a longtime technologist and security professional with experience in highly regulated industries.

You’ll hear us talk about the following:

Companies have more sensitive data on other companies’ infrastructure than they do internally, increasing risk and increasing the need for a robust risk management strategy.

Boards have a duty of oversight to monitor their third-party risk management programs proactively. They should also keep abreast of emerging threats.

Automation is a key component in a third-party risk management solution for cybersecurity. The standard approach of using questionnaires to assess third-party security could be faster, labor-intensive, and more effective.

VISO Trust’s patented first-to-market Document Intelligence removes friction for vendors and provides a comprehensive risk assessment that tells customers everything they need to know to make qualified risk decisions about their third-party relationships.

Compliance requires audibility.

How VISO Trust helps companies manage risk after the contract is signed.

Risk management and cybersecurity data are often siloed within an organization. VISO Trust helps centralize the information by providing a dashboard where customers can completely understand their overall third-party risk allowing them to make that data available across the organization.

KEY QUOTES:

“Some companies today have nothing internally – that is 100% cloud-native. That means typically that there are many copies of their data essentially with various other companies, perhaps all over the world… That increases what we call a tax service … which just means more risk.” – Paul Valente

“I think [boards] need to be asking essentially what the risks are for their organization from a cybersecurity standpoint. They need to ask for those to be regularly reported on, regularly updated, and regularly tracked. …They also need to be aware themselves, both externally as well as relying on the executives within the company to keep them aware of emerging threats.” – Paul Valente

“…our dashboards essentially allow you to list all of your third-party relationships in one single place and easily report on the status of assessments as well as report on inherent risk.” – Paul Valente See less -