RSAC Fireside Chat: VISO TRUST replaces questionaires with AI analysis to advance ‘TPRM’
RSAC Fireside Chat: VISO TRUST replaces questionaires with AI analysis to advance ‘TPRM’
By Byron V. Acohido
Taking stock of exposures arising from the data-handling practices of third-party suppliers was never simple.
In a hyper-connected, widely-distributed operating environment the challenge has become daunting.
At RSAC 2024, I visited with Paul Valente, co-founder and CEO of VISO TRUST. We had a wide-ranging discussion about the limitations of traditional third-party risk management (TPRM), which uses extensive questionnaires—and the honor system – to judge the security posture of third-party suppliers. For a full drill down, please give the accompanying podcast a listen.
VISO TRUST launched in 2020 to introduce a patented approach, called Artifact Intelligence, to automate the assessment of third-party risks. This method employs natural language processing (NLP) and various machine learning models, including large language model (LLM) to automate the assessment of third-party risks, Valente told me.
The benefits of advanced TPRM technologies extend beyond implementing these audits much more efficiently and effectively at scale. Valente cited how a customer, Illumio, is leveraging Artifact Intelligence to conduct vendor assessments very early in the procurement process, significantly enhancing decision-making and avoiding high-risk relationships.
The evolving regulatory landscape is a significant driver for the adoption of advanced TPRM solutions. From the stringent interagency guidelines and state laws in New York to healthcare regulations and European legal frameworks, companies face mounting pressures to enhance their third-party cyber risk management practices, Valente noted.
With “companies approaching 100 percent third-party integration,” CISOs are making TPRM a top priority, he says. “It’s just an enormous challenge. And to solve it from a CISO standpoint means solving the scalability issue and solving the data quality issue.”
The shoring up of supply chain security continues. I’ll keep watch and keep reporting.
Acohido
Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.
(LW provides consulting services to the vendors we cover.)
June 12th, 2024
*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/rsac-fireside-chat-viso-trust-replaces-questionaires-with-ai-analysis-to-advance-tprm/
