Third-party risk management has become critical for organizations as supply chains grow increasingly complex and interconnected. Traditional risk assessment approaches often prove inadequate when dealing with vendor relationships, particularly in operational technology environments where legacy systems and IT-OT convergence create unique vulnerabilities. Organizations struggle with establishing adequate due diligence processes, achieving real-time visibility into partner security postures, and building resilient supply chains while maintaining operational efficiency.

In this discussion, the panel will share insights on:

• What are the most significant challenges organizations face when creating and maintaining effective third-party risk management programs in critical infrastructure environments?
• What proven strategies effectively address the complexities of third-party risk assessment in OT environments, and how to maximize the value of these programs?
• How to ensure adequate due diligence depth when evaluating third-party risks, particularly regarding transparency of embedded vulnerabilities and outdated libraries?