Here are six minutes of the best moments of last week’s CISO Series Video Chat “Hacking the Supply Chain: An hour of critical thinking on building resiliency with the digital supply chain” that features Marcia Peters, vp of third-party risk management, TransUnion and Kelly White, founder & CEO, RiskRecon.

Watch the entire event

HUGE thanks to our sponsor, RiskRecon

This is the definitive study of third-party security risk management practices. Based on in-depth interviews of risk executives from 30 domestic and global firms, it reveals the real-world capabilities and practices employed to manage third-party security risk.

Got feedback? Join the conversation on LinkedIn.

Best Bad Ideas

“Find your vendors on craigslist.” – Dustin Sachs, senior cyber security advisor (GRC), CenterPoint Energy

“Allow vendors to answer questions like improv theater – they must say ‘yes and’ to everything.” – Dutch Schwartz, strategic lead, AWS Global Security Services Team, AWS

“Vendors must answer security questions in the form of an interpretative dance.” – Joshua Scott, former CISO,

Best quotes from the chat room

“Vendor security questionnaire responses are an awful lot like zoom meetings…sometimes the virtual background is turned on, sometimes you are really getting a picture of what is going on.” – Jon Ehret, vp. strategy and risk, RiskRecon

“Brand reputation and risk to attack is different then a liability conversation. (ie: Ticketmaster’s attack was a 4th party but they are who ended up in the news and were responsible).” – Josh Jones, vp, sales, Source Defense