| DATE: | May 9th, 2025 |
| TIME: | 2:00pm to 4:00pm (PDT) |
| VENUE: | Hybrid Zoom Online meeting & In-Person at Sophos Inc. (Map) |
| TOPIC: | Death of Security Through Obscurity in the TPRM Process |
| PRESENTERS: | Kevin Qiu |
| RECORDING: | |
ABSTRACT
Kevin is excited to share his knowledge on the role of third party risk management in the information security industry. He will take the audience through a journey on how we all got to the lovely world of 1000 row questionnaires. From the beginnings of security compliance in the late 1990s, to the rise of AI specific security questionnaires, Kevin will discuss how the industry has changed its approach to reviewing external vendors over the years. A veteran of answering hundreds of thousands of security questions of all kinds, he will provide an overview of how the industry has changed from NDA heavy, painful RFP processes to much more transparent and accessible trust centers. His hope is that by the end of the presentation, you will have new ideas and thoughts on how you can streamline your own organization’s TRPM processes, as sellers and/or buyers. You may even be inspired to create a public trust center of your own!
BIOGRAPHY
Kevin Qiu is a seasoned information security professional with a decade of experience securing companies in various verticals. He is currently the first security hire at the Series B company Shiftsmart. Prior to this, he spent 3 years helping organizations of all sizes build out trust centers to streamline the security review process. He is also an advisor to a multitude of security startups and enjoys mentoring individuals looking to break into the security industry.