Great third-party risk management (TPRM) thrives on alignment: with Procurement, InfoSec, Sales, Legal, and (of course) vendors. You'd think this would make your risk team the most popular people in the room. So why does it always feel like you're in the eye of the storm, instead?

TPRM can enable better outcomes across the organization—but not as an afterthought. This interactive webcast is designed to put TPRM front and center as a connector for your organization. Join us to learn how to make your vendor risk program:

•  Clear, consistent, and scalable
•  Strategic, data-driven, and collaborative
•  Streamlined, intuitive, and painless
•  Additive, innovative, and value-creating

It's time for the spotlight to shine on Third Party Risk Management. Grab your spot today and find out how!

Attendees are eligible to receive 1 CPE credit.

Generously supported by:

supported by logo
speaker photo
John Finizio
VP, Security, Risk & Compliance, Whistic

John, a seasoned professional with 20 years of experience in Security, Audit, Third Party Risk, and Product, serves as VP, Security, Risk and Compliance at Whistic.In this role, he safeguards Whistic's assets, data, and systems from cybersecurity threats and works to improve the risk and compliance posture at Whistic. As a dedicated thought leader, John contributes to shaping the future of Third Party Risk Management (TPRM) and is currently serving a second term on the Shared Assessments US Steering Committee, bringing a wealth of expertise.Previously, as Sr. Director of Technical Programs, John collaborated with partners and customers, integrating standards into the product and managing Whistic's Professional Services. His background played a pivotal role in the strategic design of the Whistic platform and helping to build and mature TPRM Programs for Whistic's customers.With a diverse career, including roles such as Head of Product at TruSight and Executive Director of Supplier Assurance at JPMorgan Chase, John has been instrumental in advancing TPRM practices.Based in Columbus, Ohio, with his wife and three children, John's enjoys playing or watching golf and if not playing or watching, he enjoys talking about golf. Connect with John to explore his insights on TPRM and cybersecurity.

speaker photo
Tom Garrubba
Director of Third-Party Risk Management Services, Echelon Risk + Cyber

Tom Garrubba, is an internationally recognized thought leader, lecturer, commentator and blogger on business, cyber and privacy risk.

As an advisor, practitioner and trainer with more than 25 years’ experience in consulting on cyber, privacy, audit and compliance, his thought leadership has been featured in such publications as Forbes, Bloomberg, The Washington Examiner, SC Magazine, Corporate Compliance Insights,, CIO Magazine, Government Health IT, Future of Outsourcing Magazine, and ISACA. Tom’s authored the chapter on third party risk for the book “Cyber Risk”, has been a guest on many business and security podcasts, and hosts “TPRM Tidbits” weekly on LinkedIn.

Tom’s career history includes Director of TPRM Services for the cyber risk advisory firm, Echelon Risk + Cyber where he developed and guided clients with their TPRM implementations and assisted in assessments of their vendor network and supply chains; he was Vice President at Shared Assessments where he was an educator, subject matter expert, and CISO; and he was a Senior Privacy Manager for CVS Health, where he implemented and managed their world-class third party risk management program.

Tom currently serves as an advisor to an international tech company; serves on the board of directors for a Pennsylvania-based non-profit; and serves his country as a 1st Lieutenant in the US Civil Air Patrol, the US Airforce auxiliary. He is also a former member of the Forbes Technology Council and the InfraGard – Pittsburgh chapter.

speaker photo
Tom Becthold
Digital Events Director, SecureWorld
Tom has been part of the SecureWorld team for over 14 years. He has launched several of the regional conferences we hold today. Tom is currently responsible for SecureWorld Digital, which provides educational content to the SecureWorld audience. He produces, executes, and moderates the majority of the Remote Sessions webcasts while also working closely with the SecureWorld event directors to build relevant agendas at the regional conferences.