3rd Party Risk Management , Events , Governance

CISO Notebook: Third-Party Risk

Cris Ewell of UW Medicine on Managing Vendor Risks
Cris Ewell, CISO, UW Medicine

Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk.

See Also: Webinar | Passwords: Here Today, Gone Tomorrow? Be Careful What You Wish For.

In a video interview at Information Security Media Group's recent Fraud and Breach Summit in Seattle, Ewell discusses:

  • His organization's top third-party risks;
  • Basic elements of an effective third-party risk program;
  • Best practices for controlling third- and fourth-party risks.

Ewell, PhD, is CISO at University of Washington Medicine. Previously, he was CISO of Seattle Children's Hospital. Before that, he served as the director of information security operations at the University of Washington, chief security officer for PEMCO Corp. and chief technology officer for Breakwater Security.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.