Learn the best case studies on the end to end cyber security implementation practices when working with third parties to ensure a truly resilient and secure supply chain network at the Third Party & Supply Chain Cyber Security Virtual Summit.

  • How much of your data security is really under your control?
  • What is your risk management approach towards your suppliers?
  • How to secure your network and protect your sensitive data?


Led by the TOP information security professionals from leading companies the discussion will give you an opportunity to see the issue from the perspective of different industries & angles and identify the complex solution to be implemented.



Day 1

Learn the key trends from short interviews we take about the place of third party security in company’s ISMS and how we can manage the shift to remote the best when doing assessments.

Enough of theoretical talks! Get to know each other’s story and find the practical solution together.

Meet Information Security & TPRM experts in a theme dedicated rooms, introduce yourself and exchange an experience with your peers.

Topics to cover:

  • Technology Bifurcation, Geopolitics, and a New Era of Supply Chain Compliance
  • How to get through the noise, when measuring cyber risk of your vendor ecosystem
  • Nth Party Risk: Lessons Learned During Trying Times and What’s on Tap for the Future of TPRM
  • Considering residual risk in third-party cyber risk ratings
  • Third party security evaluation: standards, tools and resources
  • Continuous cyber risk monitoring implementation
  • Building a third party risk management program from ground zero
  • Effective fourth parties’ oversight to mitigate potential risks
  • Shared assessments in action: potential risks
  • IT vendor risk management tools’ overview
  • Building a functional sourcing model
  • European framework for cyber security risk assessment
  • Blockchain technology deployment in supply chain security
  • 5G networks risk assessment

* More rooms will be created based on the interest of attendees

* We limit the capacity of every room to ensure a quality networking. Register now to reserve your place in advance

Join a one-hour training to learn practical tools on data breach response and what a good cyber-incident playbook looks like

Get cozy and learn from the experts in an interactive format.

3 streams that will cover:

  • IT Security Evaluation & Audit
  • Third Party Risk Management
  • Cloud Security Challenges and Supply Chain Risks

Day 2

From short interviews we take learn the key aspects on different countries regulatory framework when dealing with third parties.

Digitalisation vs. Regulation:
Experts will discuss a comprehensive approach on how to build a mature compliance program in a changing regulatory environment and how to establish a smooth internal collaboration between different departments?

Questions are welcome at any time!

Get cozy and learn from the experts in an interactive format.

3 streams that will cover:

  • Third Party Due Diligence at the global scale
  • Insider Threat in a remote environment
  • Cyber risks of IoT and A.I. automation

Share your recent challenges with us prior the event and our speakers & partners will brainstorm together with you in an informal atmosphere of this virtual Solutions Room that every attendee can join.

The amount of attendees is limited.
Reserve your place today to secure the pass.


Veroniki Stamati


Information Security & Privacy Lead


Norman Kromberg


Vice President Information Security


Keavy Murphy

Keavy Murphy

Manager of Cyber Risk and Compliance

Cambridge Mobile Telematics

Jean-Francois Valette

Jean-Francois Valette

Global Vendor Mngmt Compliance Leader


Shaobin Wang

Shaobin Wang

Head of Security Business Dev Platform, AWS GCR

Amazon Web Services

Greg Rasner

Gregory Rasner

Senior Vice President

Truist Financial

Saket Sinha

Saket Kumar Sinha

Head of Third Party Due Diligence

Northern Trust Corporation

Annick O'Brien копия

Annick O'Brien

Compliance & Data Privacy Counsel

Data Privacy Analytics

Mark Dillon

Mark Dillon

VP of IT

Waterloo North Hydro Inc

Tony Giannino

Tony Giannino

Senior Manager, Information Security



Ramón Serres

Head of Information Security, CISO


Johan Stronkhorst

Johan Stronkhorst

Group ICT Security Manager, CISO


Shafiullah Ismail

Shafiullah Ismail

Head, Information Security Architecture & GRC

Mubadala Capital

Dr. Jacob Mendel

Jacob Mendel

Associate Professor

Tel-Aviv University


Bob Xie

Cyber Security Officer

Huawei Western European Region

Ray Stanton


Executive Partner





Spark Minda Group

Stephane Ch


Head of Operations & CISO


Andrea Szeiler


Global CISO




Head of CyberSecurity in Third Parties

BBVA Spain

Nuno Teodoro


Cyber Security Officer


amolS - Amol Sawarkar


Senior Officer - Enterprise Architecture


Andrew Rigney


Director of Cyber Security Operations


Chuks Ojeme



Gebauer & Griller



Senior Manager - Supplier Security, GRC


mark tilston

Mark Tilston

Former Head of Third Party Security Risk at BT

Javi Puerta

Head of Cybersecurity in Third Parties


antonio ramos

Antonio Ramos

Founding Partner

LEET Security

Mariana Headshot copy

Mariana Pereira

Director of Email Security Products



Jonathan Ehret

Vice President, Strategy & Risk


Matthew Davies

Matthew Davies

Product Senior Director


antonio san martino

Antonio San Martino

Product Security Leader



Erdal Ozkaya


Standard Chartered Bank


Matthew McKenna

President, International Sales


Chris Paterson

Chris Paterson

Privacy Solutions Engineer


Michael F D Anaya

Michael F D Anaya

Sr Manager - Attack Surface Analysis

Palo Alto Networks



Head of Third Party Cybersecurity Compliance

Saudi Aramco

Vanessa Jankowski

Vanessa Jankowski

Director of Product Management, TPRM



Andrea Little Limbago

VP Research and Analysis


Dov Goldman

Dov Goldman

Director of Risk & Compliance








Learn & keep up with industry trends
Network & exchange ideas with your peers
Talk to the existing suppliers & your potential partners


Job title

Chiefs, Heads, Directors, Managers of:

and everyone who is passionate about cyber security!



  • Yes, the participation is free of charge, if you represent an industry which is an Information Security & TPRM products’ user. You can submit your registration here and we will confirm your participation shortly after quick review;

  • If you represent an Information Security or TPRM solution/service providing company, the participation is 99 EUR. If you represent a law firm or consultancy – 29 EUR. You can register online here.

You may register online here

Once you are registered to the Summit, we will send you the login details for the Summit platform including the link to the detailed tutorial where you can informatively see how to use it via web browser & mobile application, where to find the streaming links and many more.

Definitely, every participant will have its virtual profile. You will be able to chat and agree on virtual meeting in our mobile app. Additionally, there will be networking breaks organised virtually to let participants interact live in a small groups.



Alina Nizamtdinova

Project Director

Anna Beklemisheva

Project Manager



Play Video

Charles Pask

A well known International thought leader on Information Security issues, including Risk Management and Information Security Awareness strategies. Previously helped develop one of the earliest globally successful CBT programs for Security Awareness “For Your Eyes Only”. Has held positions on various security influencing bodies including APACS, LINK and Common Criteria.



Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 4,000 organizations to protect against threats to the cloud, email, IoT, networks and industrial systems.

The company has over 1,300 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

Website: www.darktrace.com
Twitter: twitter.com/Darktrace/
LinkedIn: linkedin.com/company/darktrace/


RiskRecon, a Mastercard company, is the only continuous vendor monitoring solution that delivers risk-prioritized action plans custom-tuned to match your risk priorities. RiskRecon provides the world’s easiest path to understanding and acting on third-party cyber risk, enabling security and risk teams to efficiently build scalable, third-party risk management programs for dramatically better risk outcomes. Learn more about RiskRecon, request a demo or visit the website at

Twitter: https://twitter.com/riskrecon
LinkedIn: https://www.linkedin.com/company/riskrecon
Facebook: https://www.facebook.com/riskrecon/

Source Defense

Source Defense is the market leader in Client-side Security for websites, providing real-time threat detection, protection and prevention of vulnerabilities originating in JavaScript. The Source Defense patented Website Client-side Security Platform offers the most comprehensive & complete solution addressing threats and risks coming from the increased usage of JavaScript, libraries and open source in websites today.

The ADMIN management console, VICE sandboxing and WiPP data shield offerings utilize patented technology and are deployed by leading Fortune 500 enterprises in the Financial, Retail, and Healthcare markets. Headquartered in Israel, with branches across the US and a strong community of global valuable partnerships, Source Defense is the most innovative, reliable and trusted partner in the fight against client-side attacks.

Our Mission

Enabling companies to leverage their websites to drive business forward, further and faster, while ensuring security, compliance, and customer data privacy.

Website / LinkedIn / Facebook / Twitter


CyberVadis provides enterprises with a cost-effective and scalable solution for third-party cybersecurity risk assessments. Our methodology maps to all major international compliance standards including NIST, ISO 27001, GDPR, and many other privacy and security laws. CyberVadis’ solution combines the speed of automation with the accuracy and effectiveness of a team of experts. We directly engage vendors from all over the world with assessments, validate results with an in-house team of security analysts, and issue companies a standardized cybersecurity rating that they can share with others, along with a detailed improvement plan for increasing their score and the ability to collaborate with clients on implementing better practices.

LEET Security

Do you need to trust your suppliers?

LEET Security rating provides a unique insight into the provider’s real cybersecurity capabilities. Unlike external-only rating systems, LEET’s is the result of a face-to-face and thorough audit that includes all the factors that influence the level of security of their services, combined with monitoring mechanisms to ensure that the conditions are maintained during the validity of its rating label.

Showing the level in the dimensions of Confidentiality, Integrity and Availability, customers can compare and select with confidence the services that best suit their requirements in each case.

LEET Security rating system is Recognized by the European Agency for Network and Information Security, ENISA, and the Spanish National Institute of Cybersecurity, INCIBE.


SureCloud is a provider of Gartner recognised GRC software and Cyber & Risk Advisory services. Whether buying products or services, your organisation would benefit from automated workflows and insight from the award-winning SureCloud platform. All of SureCloud’s service offerings are fully compatible with the GRC suite of products enabling a seamless integration of information, taking your risk programs to the next level.


BitSight pioneered the security ratings market, founding the company with a solitary mission: to transform how organizations evaluate risk and security performance by employing the outside-in model used by credit rating agencies.

BitSight is honored to be supported by the top scientists of the National Science Foundation, which provides financial backing to scientific and engineering efforts of national importance.

The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk.


Interos protects the world’s largest enterprises, their reputation, and operations from supply chain attacks by nation states and criminal organizations; disruption from pandemics, tech, and trade wars; and compromise from unethical labor, financial distress, and sustainability challenges.   


The Interos business relationship graph contains billions of businesses, trillions of relationships, and countless attributes.   Using machine learning and natural language processing, we detect entities, infer relationships, monitor events, and assess risk – instantly and continuously. 

OneTrust Vendorpedia™

OneTrust VendorpediaTM is the largest and most widely-used technology platform to operationalize third-party risk. The offering enables both enterprises and their vendors with technology solutions that include: the Third-Party Risk Exchange, a community of shared (and pre-completed) vendor risk assessments with 70,000+ participating vendors; Questionnaire Response Automation, a tool that helps organizations answer incoming security questionnaires; and Third-Party Risk Management software, a platform to streamline the entire vendor lifecycle, from onboarding to offboarding. More than 7,500 customers of all sizes use OneTrust, which is powered by 75 awarded patents, to offer the most depth and breadth of any third-party risk, security, and privacy solution in the market. OneTrust Vendorpedia offers purpose-built software designed to help organizations manage vendor relationships with confidence, including and integrates seamlessly with the entire OneTrust platform, including – OneTrust Privacy, OneTrust GRC, OneTrust DataGuidanceTM, and OneTrust PreferenceChoiceTM.


SecurityScorecard is the global leader in cybersecurity ratings and the only service with over a million companies continuously rated.

SecurityScorecard’s patented rating technology is used by over 1,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their externally facing digital footprint. SecurityScorecard is the only provider of instant risk ratings that automatically map to vendor cybersecurity questionnaire responses – providing a true 360 degree view of risk.

Palo Alto Networks

The Cortex XSOAR + Expanse integration makes Palo Alto Networks the ideal partner to help companies bring security from the inside out and now, from the outside in. It provides CISOs with a view of their Enterprise from an attacker’s perspective as they probe for points of weakness.


Panorays is a rapidly growing provider of third-party security risk management software, offered as a SaaS-based platform. We automate, accelerate and scale the third-party security risk management process so customers can quickly and easily manage, mitigate and remediate risk, reduce breaches, ensure vendor compliance, and improve their cybersecurity. The company serves enterprise and mid-market customers primarily in North America, the UK and the EU, and has been adopted by leading banking, insurance, financial services and healthcare organizations, among others.


Reflectiz helps companies to unleash‌ ‌the‌ ‌power‌ ‌of‌ ‌their‌ ‌web‌ ‌3rd-party‌ ‌Applications‌ and keeps online businesses safe by mitigating security and privacy risks resulting from next generation third-party threats on your website, without adding a single line of code.


Levizo is a niche service provider for Risk & Compliance to identify your exposure to risk and drive mitigation in an automated process by strengthening your risk management & regulatory compliance pillars. We offer SaaS solutions to address Information Risk, Third Party Risk & Information Security Risk assessments and mitigation.

The Levizo Suite of products is available as SaaS (Software as a Service) solutions and are configured to your business needs. Products are developed by industry leading experts in risk management, information security, best practises & standards that provide graphical business insights based on real-time analysis of transactional data.

Levizo is headquartered in Reading, UK with operations in the US, development & support center in Chennai, India.


Jscrambler provides enterprise-grade security solutions that secure the client-side of web and hybrid mobile applications.

Jscrambler’s Code Integrity provides the most resilient JavaScript protection solution for Web-based apps today. The client-side technology, which includes polymorphic obfuscation, code locks, and self-defensive capabilities, transforms the source code into a form that is extremely hard to reverse-engineer and prevents any debugging and tampering attempts. By protecting their apps’ JavaScript code with Jscrambler, businesses can incisively prevent intellectual property theft, application abuse, cheating, piracy, and data leakage.

Jscrambler’s Webpage Integrity module provides real-time visibility of client-side attacks, including Magecart web skimmers, web supply chain attacks, and data exfiltration. The Jscrambler dashboard displays precise and actionable detail about each threat to enable an immediate response. Webpage Integrity is a truly agentless solution that can easily be integrated into any SIEM.

All Jscrambler products are fully compliant with all the main tech frameworks and stacks, including HTML5, Node.js, React, Angular, Vue, Meteor, Ember, React Native, Ionic, and NativeScript.

Trusted by the Fortune 500 and thousands of businesses globally.