Third-Party Risk Management and Digital Supply Chain Security

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/e5/75/3e/e5753e51-84aa-64a2-1e2a-b294bc62df9a/mza_8952963999328257695.jpg/600x600bb.jpg

Siber Kafe: Sohbetle Güvende Kal

Görkem Hınçer

54 episodes

5 days ago

🔐 Dijital Dünyada Güvende Kalmak Senin Elinde! Bu podcast, ağ ve siber güvenlik, dijital hijyen, sosyal mühendislik ve teknolojide farkındalık konularını sade ve anlaşılır bir dille ele alır. 🎧 YouTube’daki içeriklerimin sesli versiyonlarıyla birlikte, dijital yaşamda bilinçli adımlar atmak isteyen herkes için pratik bilgiler, güncel tehditler ve gerçek hayattan örneklerle karşınızdayım. 👨‍💻 Ben Görkem Hınçer. 19 yıllık BT tecrübemle, güvenli ve bilinçli bir dijital yaşam için buradayım. Yeni bölümlerle dijital yolculuğunuza rehberlik etmeye devam edeceğim. Takip etmeyi unutmayın!

Education

RSS

All content for Siber Kafe: Sohbetle Güvende Kal is the property of Görkem Hınçer and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Education

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_episode/44084940/44084940-1762457351711-93e80a51491fa.jpg

Third-Party Risk Management and Digital Supply Chain Security

Siber Kafe: Sohbetle Güvende Kal

30 minutes 28 seconds

3 weeks ago

Third-Party Risk Management and Digital Supply Chain Security

In this episode, we dive deep into one of the most critical, yet often underdeveloped, topics in the cybersecurity world: Third-Party Risk Management (TPRM) and Digital Supply Chain Security.

Together with cybersecurity expert Can Polat , we discuss how risk is no longer confined to an organization's own data center but is spread across every API, SaaS service, and external vendor system utilized.

Has Risk Moved? Why approximately 60% of cyber incidents originate not directly, but from third-party sources, and why attackers focus on the weakest link in the chain.
The Three Simple Steps to a Mature Program: Moving past the simplistic "annual questionnaire" model to embrace the principle of "Know, Assess, Manage".
Behavioral Risk and the Trust Index: Focusing not on a vendor's paper policies, but on their "trust-in-action"—their speed in applying security patches and their stability in system updates.
Translating Risk for the Board: Strategies for convincing the executive level by translating technical risk scores (KRIs) into financial and operational impact (e.g., 48 hours of operational downtime and $2.5 million loss).
The Future: The Era of Predictive Security: The shift toward using Artificial Intelligence (AI) and autonomous systems for predicting and preventing risks, rather than merely detecting events after they occur.

A Message for CISOs and Security Leaders: Think of security not as a wall, but as a living, learning, and adaptive nervous system. Make security an enabler, and most importantly, "make security invisible".

"The Power of Invisible Connections: Risk Is No Longer Within Your Borders!"Featured Discussion Points: