Third-party risk is not simply a threat faced by cyber teams. In fact, the danger comes in various shapes and forms, from contracts, to operations, to financial risks, and more. Hilton has set out to build a cross-functional team that tackles these risks across the board. By integrating procurement, legal, internal audit, and other key stakeholders, they’re building a broader view of who their third parties are, what they’re doing, and where they have access within their ecosystems. Senior Director of GRC and Reporting Brad Morick, details his team’s fresh look at how Hilton manages third party risk, and the steps taken on their journey to integrated third-party risk management.

Key Takeaways:

  • Explore how vendor risk management is an integral and continual process in today’s cybersecurity environment.
  • Understand how an integrated approach to vendor risk management can enhance efficiencies and improve the quality of the risk profile of an organization’s vendor community.


  • Brad Morick, Senior Director of GRC & Reporting, Hilton

ELIGIBILITY: This webinar is open to RH-ISAC Core Members and retail and hospitality cybersecurity practitioners eligible for Core Membership. Ineligible registrants will have their registration canceled. To learn about eligibility, visit www.rhisac.org/membership. Email [email protected] with any questions.