3rd Party Risk Management , Cybercrime , Fraud Management & Cybercrime

The Role of Automation in Third-Party Risk Management

Vodacom Group's Darshan Lakha Shares His Views on Managing Supply Chain Risks
Darshan Lakha, head of cybersecurity, Vodacom Group

The vast range of questionnaires used in the current third-party assessment process make the process ineffective because the questionnaires typically do not give the context required for specific organizations with unique needs, according to Darshan Lakha, head of cybersecurity at Vodacom Group.

See Also: OnDemand | Secure Your Vendor's Access from Attacks on Third-party Vulnerabilities

"The third-party frameworks lack in terms of reporting and detail. The nature of the reports is sometimes not accurate, and they don’t provide the necessary measure of security itself. It sometimes is wasting a resource and time," Lakha said.

Lakha said most questionnaires do not give insight into the business context and nature of resilience.

He said automation works very well around "prioritization of controls and receipt of evidences associated through those particular controls and he advocated "leveraging those data points through data analytics to make sense of high-risk areas of suppliers that you have," he said.

In this video interview with Information Security Media Group, Lakha discussed:

  • Current challenges around third-party risk management;
  • The role of automation;
  • Collaboration opportunities to improve third-party risk management.

Lakha has more than 20 years of experience in the field of cybersecurity and information technology. His experience includes designing and implementing secure network solutions, overseeing internal and external audits, and applying threat intelligence to protect organizations from evolving threats.


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.