SANS Network Security offers 40+ cyber security courses in Las Vegas or Live Online. Save $300 thru tomorrow.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Outside-In Scanning Is Not Cyber Risk Management

  • Wednesday, April 15, 2020 at 1:00 PM EDT (2020-04-15 17:00:00 UTC)
  • Gary Phipps, Dave Shackleford


  • CyberGRX

You can now attend the webcast using your mobile device!



Digital transformation is driving utilization of third parties, which can introduce significant risk to your organization. In fact, over 60% of breaches today are linked to a third-party. With this stat in mind, it's no wonder that a multitude of potential third-party cyber risk management (TPCRM) solutions have been developed! Sorting through these tools and arriving at the right fit can be a challenge for cybersecurity teams. Join us to discover:

1. What is third-party cyber risk management and why you are not secure without it.

2. Why security ratings and scanning tools alone will not cut it.

3. How a holistic approach will help you better identify and reduce third-party cyber risk

4. Actionable steps to transform your TPCRM program today.

Speaker Bios

Gary Phipps

Gary Phipps is a Senior Director managing CyberGRX’s Solution Engineering team. Gary has over a decade of experience providing solutions to business challenges involving risk management, regulatory compliance and internal control enforcement for in various industries including finance, government, defense, healthcare and higher education.Prior to joining CyberGRX, Gary acted as General Manager of Risk Management in the Utilities vertical. Gary managed a team of risk professionals responsible for IT, Financial, Operational and Regulatory oversight.  Additionally, during his tenure as a risk professional, Gary has acted as an advisor to many fortune 50 financial institutions as well as the DOD including the Joint Staff on how to efficiently comply with regulatory statues.

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.