Risk Management Show Mastering Third-Party Risks: Insights from Michael Centrella
Sep 22, 2025
Michael Centrella, Head of Public Policy at SecurityScorecard and former Assistant Director of the U.S. Secret Service, dives deep into mastering third-party risks. He reveals how cyber threats have evolved, focusing on financial crimes and ransomware. Michael discusses SecurityScorecard's innovative rating model for continuous vendor monitoring, as well as the need for robust public-private collaboration. He highlights misconceptions in third-party risk management and emphasizes the urgency for continuous detection to safeguard critical infrastructure.
AI Snips
Chapters
Transcript
Episode notes
From Secret Service To SecurityScorecard
- Michael Centrella moved from the U.S. Secret Service to SecurityScorecard to apply protective mission experience to client defense.
- He likens protecting stakeholders to protecting dignitaries, with similar missions but different stakeholders.
Weak Vendor, Wide Cascade
- Supply chain compromises can cascade widely from a single weak vendor into industry-wide crises.
- Cybersecurity posture is only as strong as the weakest link in your supply chain.
Adopt Continuous Vendor Monitoring
- Continuously monitor external security posture across your vendor ecosystem using non-intrusive data.
- Use platforms like SecurityScorecard MAX to detect vulnerabilities and collaborate directly with vendors to remediate.