How AI Can Help Reduce Third-Party RisksGSIS' Jonathan Pineda on Traditional and Emerging Approaches to Reduce Vendor Risks
While consolidating third-party risks into one document is important, it is equally vital to introduce artificial intelligence into various elements of your third-party risk management program, said Jonathan Pineda, CISO and DPO at the Government Service Insurance System in the Philippines.
"One organization can have hundreds of risk registers, and eyeballing each one is difficult," Pineda said. "Having a system that can highlight the critical risks you have and give an action plan or help lower the risk levels is something we are working on. This is where AI and automation can play a role."
A risk register is a good start to managing risk, he said, but an AI system could identify unseen risks or escalate a zero-day vulnerability and help prevent a major incident.
In this video interview with Information Security Media Group, Pineda discussed:
- The top third-party risks facing organizations;
- How to ensure continual monitoring of your vendors' security programs;
- How AI can help manage vendor risks.
At the Government Service Insurance System, Pineda has played a crucial role in shaping, deploying and managing the group's information security and data privacy initiatives. He previously worked in various roles in the international banking and financial sector.