Global zero-day incidents often reveal the vulnerability of organizations to risks originating from third-party resources. These moments are wake-up calls, highlighting the need for effective third-party risk management (TPRM). However, responding to such events is rarely straightforward. Identifying affected third parties, gauging their risk to your ecosystem, and collaborating with them to address vulnerabilities can feel insurmountable, especially at scale. Establishing repeatable, efficient workflows is key to overcoming these challenges. With the right processes, organizations can quickly identify vulnerabilities, centralize communication, and manage resolutions effectively — turning chaos into collaboration. Adopting Continuous Monitoring Many organizations evaluate their third-party risk posture…
Bob Maley
Bob Maley
Bob Maley is the CSO of Black Kite. Bob has been involved in security for most of his career, initially in physical security as a law enforcement officer. In those years, Bob acquired a broad range of expertise and experience in all areas of security, including third-party security, risk assessment, architecture, design, policy development, deployment, incident response and investigation, and enterprise solution deployments in areas including intrusion detection, data protection, compliance, and incident reporting and response. His previous roles include Head of PayPal’s Global Third-Party Security & Inspections team and CISO for the Commonwealth of Pennsylvania. Bob’s certifications include CRISC, CTPRP, and OpenFAIR.