Local legislatures are being rolled out across the globe. DORA is in force. NIS2 is being transposed across EU member states. Bill C-8 in Canada is in final steps for review. All of these are putting third-party relationships under a microscope, making it the responsibility of the organization when something goes wrong in their supply chain. 

The challenge isn't understanding the regulations. Most security and compliance teams already know what's required. The challenge is demonstrating control: getting continuous visibility into the vendors, suppliers, and partners your organisation depends on, and being able to show regulators you have a working program (not just a questionnaire sent once a year). 

Join us on 21 July at 2 p.m. BST as we take the audience through closing the third-party risk gap across their supplier network, so you can catch the risk before your regulator does. 

You'll leave with: 

• A clear picture of where DORA's third-party ICT risk requirements and NIS2's supply chain security obligations overlap and where they don't
• An intro to Canada’s Bill C-8 and what this means for them
• An honest look at what annual vendor assessments miss, and why continuous monitoring changes the risk calculation 
• A practical framework for handling incident reporting under DORA and NIS2 when the breach originates with a third party