Adam Brand has dedicated over 20 years to providing cybersecurity and technology consulting services across a wide variety of domains, and has extensive experience in third party security and third party risk management (TPRM). From spending time as an onsite assessor to building scalable assessment programs, Adam’s experience spans the full range of activities associated with TPRM. His industry experience in TPRM includes healthcare, financial services, retail, and media. He also has extensive experience with TPRM in regulatory contexts, including significant experience with payment card industry (PCI) third party risk management.
Professional and industry experience
- Performed dozens of remote and onsite assessments across a variety of vendor categories and industries as part of vendor security monitoring programs.
- Helped large multinational company enhance third party assessment program to meet PCI requirements, including advising on both due diligence and ongoing monitoring programs.
- As interim CISO, enhanced third party risk management through review of vendor contracts, developing security addendums in coordination with legal department, and leading PCI-focused vendor due diligence assessments.
- Led transformation of third party risk management program at national healthcare services provider that included policy and procedure development, inherent risk questionnaire and vendor stratification methodology creation, and vendor questionnaire creation and piloting.
- Managed quality over 100 vendor assessments for adherence to security and PCI requirements as part of dozens of formal PCI assessments.