Seminars @


Enterprise Security & Risk Management

24 November 2021

Brought to you by Whitehall Media

Seminars @ ESRM uk


Away from the conference hall you have the opportunity to deep dive into a subject which is of most relevance to you. With a wide selection of seminars to choose from, you are certain to find one which feels as though it has been tailor made with you in mind.

Delegates will be able to attend one seminar live at the event. No pre-selection is required – delegates will be able to select which session they attend live and watch the remainder on demand.

Seminar A – RiskRecon – The Neighborhood Watch: Using Continuous Monitoring To Increase Visibility and Effectiveness Of TPRM Programs


Jonathan Ehret, CISSP, CISA, CRISC, VP Vice President, Strategy & Risk, RiskRecon

While organizations have devoted countless resources to securing their borders and the precious data that resides within it, many often ship that same data to third parties without much thought as to how that vendor is protecting it for them. For those that are checking the security posture of their vendors, it is often accomplished via the use of a point in time security questionnaire.

But do those questionnaires provide the right visibility? Visibility into our vendors’ security controls and the effectiveness with which they are operating have been and continue to be some of the major challenges in the world of third party risk.

This discussion is a deeper dive into this subject following on from the presentation in session one and will cover those struggles, the inherent limitations of the security questionnaire as well as how continuous monitoring tools can be utilized to shed light on the effectiveness of a vendor’s security controls.

Jonathan Ehret
CISSP, CISA, CRISC, VP Vice President, Strategy & Risk, RiskRecon
view profile
Room / Location:
Session 4 @ 13:45

Seminar B – ProcessUnity – After the Contract: Best Practices for Ongoing Vendor Monitoring


Ed Thomas, Vice President, ProcessUnity

Third-party risk management doesn’t end when you sign the contract to onboard a new vendor or service. As regulations evolve, market conditions change and unforeseen circumstances take effect, it’s important to keep tabs on your vendor population to make sure risk hasn’t crept back into your organization. Ongoing vendor monitoring is just as critical as pre-contract due diligence, but many organizations struggle to keep pace with a vendor population that only gets larger and larger each year. 

Join ProcessUnity for expert advice and best practices to build a world-class, post-contract vendor monitoring engine. We’ll offer practical tips to assess more vendors, more thoroughly on a schedule that makes sense for your company. 

Attendees will learn how to: 

  • Design review cadences using inherent risk calculations 
  • Properly scope due diligence based on vendor criticality 
  • Incorporate expert ratings into review processes
  • Improve vendor response rates, times and quality 
  • Integrate vendor service reviews with assessment processes 
  • Prepare contingency plans for unforeseen situations 
  • And more… 
Ed Thomas
Vice President, ProcessUnity
view profile
Room / Location:
Session 4 @ 13:45

Seminar C – OneTrust – Ransomware Resilience: Fortifying Your Supply Chain 


Joseph Byrne, CIPP/E, CIPM, CIPT, Principal Solutions Engineer, OneTrust Vendorpedia

The recent ransomware hack on a major US pipeline exposed supply chain vulnerabilities for thousands of oil-reliant companies and shut down fuel supply along the entirety of the 5,500 mile-long pipeline for 6 days. But, what does this mean for the security industry as a whole, and more specifically, your vendor risk management strategy?

Join our session as we breakdown the hack, explore its impact on modern cybersecurity, and outline how businesses can protect themselves and their vendors from falling victim to large-scale attacks in the future.

Our speaker will discuss:

  • Impact of the hack and the ripple effect for vendors and general public
  • How to reduce the likelihood of becoming the victim of ransomware
  • Creating a contingency plan in the event that a point of your supply chain is compromised
  • What weaknesses to look for in the vendors you choose to work with
Joseph Byrne
Principal Solutions Engineer, OneTrust Vendorpedia
view profile
Room / Location:
Session 5 @ 14:45

Seminar D – Veeam – Cyber Security in the UK Today and What’s Coming Down the Road


Gil Vega, Chief Information Security Officer, Veeam Software

Jeff Reichard, Senior Director, Enterprise Strategy, Veeam Software

Attend this session to listen Gil Vega, Veeam’s Chief Information Security Officer, being interviewed by Jeff Reichard, Veeam’s Senior Director of Enterprise Strategy. They will discuss ransomware issues in UK&I today, other malware and security threats and what cyber security trends we can expect going into 2022.

Room / Location:
Session 5 @ 14:45

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Will Enterprises Truly Gain Speed and Security?
An integral part of digital transformation strategies for enterprises is utilising APIs (application programming interfaces) to fuel business growth. Users, applications, bots and cloud services leverage external and internal APIs to access data faster, with many automated deep down in the design of the system, to put it to work. APIs connect one system to...
Identifying and Mitigating Risks in Data Center Generations
As a result of new applications and emerging needs in end-user computing and mobility solutions, data centres are evolving to be increasingly complex. These lead to more internal and external risks. Downtime is still a persistent risk, with a single event costing causing losses into the tens of thousands per minute for businesses. Some steps...
Traditional Methods vs. Modern Threats
A recently compiled study of 200 IT security decision-makers of corporations with over 1000 employees in the UK has revealed that 89 per cent class traditional approaches as inadequate against the modern threats. Inadequate Needs Vectra, a threat detection and response outfit, also disclosed that 76 per cent of IT decision-makers have invested in tools...