In Third-Party Risk Management (TPRM), the objectives remain constant, yet the technologies and processes used have drastically changed. Legacy TPRM programs are stuck—holding on to outdated methods, failing to adapt, and struggling to articulate their program's value to stakeholders. At best, these programs resemble compliance functions; at worst, they're mere security theater.

It's time to get real and unmask legacy TPRM for what it is. Transitioning to a modern TPRM approach, leveraging AI and dynamic methodologies, is imperative. Early adopters are proving that this shift yields results faster and with fewer resources. Forward-thinking leaders are ignoring old practices and embracing a more modern approach, causing a severe case of FOMO among legacy programs. Join us to explore the path to a TPRM strategy that's ready for the future. 

Attendees are eligible to receive 1 CPE credit.

Generously supported by:

supported by logo
Speakers
speaker photo
John Finizio
VP, Security, Risk & Compliance, Whistic

John, a seasoned professional with 20 years of experience in Security, Audit, Third Party Risk, and Product, serves as VP, Security, Risk and Compliance at Whistic.In this role, he safeguards Whistic's assets, data, and systems from cybersecurity threats and works to improve the risk and compliance posture at Whistic. As a dedicated thought leader, John contributes to shaping the future of Third Party Risk Management (TPRM) and is currently serving a second term on the Shared Assessments US Steering Committee, bringing a wealth of expertise.Previously, as Sr. Director of Technical Programs, John collaborated with partners and customers, integrating standards into the product and managing Whistic's Professional Services. His background played a pivotal role in the strategic design of the Whistic platform and helping to build and mature TPRM Programs for Whistic's customers.With a diverse career, including roles such as Head of Product at TruSight and Executive Director of Supplier Assurance at JPMorgan Chase, John has been instrumental in advancing TPRM practices.Based in Columbus, Ohio, with his wife and three children, John's enjoys playing or watching golf and if not playing or watching, he enjoys talking about golf. Connect with John to explore his insights on TPRM and cybersecurity.

speaker photo
Tom Garrubba
TPRM Consultant and Thought Leader, Board Member, Whistic

Tom Garrubba is an internationally recognized thought leader, lecturer, commentator, and blogger on business, cyber, and privacy risk.

As an advisor, practitioner, and trainer with more than 25 years’ experience in consulting on cyber, privacy, audit, and compliance, his thought leadership has been featured in such publications as Forbes, Bloomberg, The Washington Examiner, SC Magazine, Corporate Compliance Insights, Risk.net, CIO Magazine, Government Health IT, Future of Outsourcing Magazine, and ISACA. He authored the chapter on third-party risk for the Risk.net book "Cyber Risk," has been a guest on many business and security podcasts, and hosts "TPRM Tidbits" weekly on LinkedIn.

Tom’s career history includes Director of TPRM Services for the cyber risk advisory firm, Echelon Risk + Cyber where he developed and guided clients with their TPRM implementations and assisted in assessments of their vendor network and supply chains; he was Vice President at Shared Assessments where he was an educator, subject matter expert, and CISO; and he was a Senior Privacy Manager for CVS Health, where he implemented and managed their world-class third party risk management program.

Tom currently serves as an advisor to an international tech company; serves on the board of directors for a Pennsylvania-based non-profit; and serves his country as a 1st Lieutenant in the US Civil Air Patrol, the US Airforce auxiliary. He is also a former member of the Forbes Technology Council and the InfraGard – Pittsburgh chapter.

Moderator
speaker photo
Tom Becthold
Digital Events Director, SecureWorld
Tom has been part of the SecureWorld team for over 14 years. He has launched several of the regional conferences we hold today. Tom is currently responsible for SecureWorld Digital, which provides educational content to the SecureWorld audience. He produces, executes, and moderates the majority of the Remote Sessions webcasts while also working closely with the SecureWorld event directors to build relevant agendas at the regional conferences.