Say the Taboo: Vendor Risk Management is Bullsh*t

In today's episode we take a candid look at the efficacy of vendor risk management programs in the face of breaches. This time, we're reflecting on a conversation that pushed me out of my comfort zone and made me question the very fundamentals of vendor risk management. The startling realization that the well-trodden path of best practices might not hold all the answers spurred a much-needed debate on whether it's time to disrupt the status quo and embrace a more proactive stance in managing vendor risks.
We're challenging conventional wisdom, by evaluating the October 2023 breach of Okta despite the collective efforts of nearly 20,000 customers' vendor risk management programs. The episode takes you through a journey of introspection and industry critique, examining how traditional defensive strategies might not be enough and why a shift in perspective is crucial. We don't just outline the problems; we also explore what it means to safeguard against the inevitable issues and the importance of leading with the taboo in conversations that could redefine industry standards.

For show notes, please visit The GRC Podcast website.
Sign up for our Bi-Weekly Newsletter