Profiles in Leadership: Peter Gregory, GCI CommunicationsMitigating Third-Party Risk: 'Their Breach Is My Breach
Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
In an interview with Information Security Media Group as part of the CyberEdBoard's ongoing Profiles in Leadership series, Gregory discusses:
- The breakneck pace of cyberthreats and business change;
- Why third-party risk is his biggest challenge;
- His passions for teaching, writing and growing the profession.
Gregory is a career technologist and cybersecurity leader. He started in software engineering and later pivoted to systems, network and security engineering. In 2000, he moved into security architecture, policy and strategy. Gregory built the security program at Concur Technologies (2005-2013) before becoming an executive adviser at Optiv (2014-2020). He is a frequent event speaker, and the author of about 50 cybersecurity books, including "Solaris Security," "CISSP for Dummies," "CISM All-In-One Exam Guide," and "Chromebooks for Dummies." Gregory serves on advisory boards for professional cybersecurity education for the University of Washington and the University of South Florida and is a member of InfraGard and the FBI Citizens Academy Alumni Association.