SIGS Webinar
Vendor Risk Management

Save the DateClick on the .ics file to save the date

CPE Credits Earn 1.25 CPE (Continuing Professional Education) for attending this SIGS Webinar. Please request a confirmation during the registration.
Location ONLINE
Date of Event 10th July 2020, 10:00 am
Special We hope to have interactive discussion and therefore each question/comment during the webinar is very appreciated!
Language English
Participation Costs for free



10:00 – 11:00 pm Guy Kelleter, IT Risk & Security Manager at AXA
Guy Kelleter graduated in Electrical Engineering as a technician in Belgium and worked for the next 7 years as an industrial electrician, building machine control systems and install machines in the industry. Upon his move to Switzerland, he followed education in different programming languages and worked as a programmer on mainframes. He got the mandate to instruct junior programmers and after, was assigned a position as a chief programmer in the international department. After a couple of years, a position of a personnel manager was proposed, and he held this position for more than 5 years. He went back into IT, especially in Web application Security, where he wrote several policies and guidelines. Since then, he has worked in Security up to now, managed a team of 12 people in UK and CH. In January 2009, he obtained the certification as a CISSP.

His has about 30 years of management experience in IT and information security in an international company, including the CISO role in a technical area.

In July 2018, Guy Kelleter took over a new established role as an IT Risk & Security Manager, with the main purpose of managing the vendor risks and selection.

Vendor Risk Management
Either by crafting APTs or by seeking for the weakest partner in a cross-linked network, attackers search for many opportunities to blend in company’s infrastructure and – just by listening to the ongoing traffic – gather due information to finally exfiltrate the data they are looking for. During the last year, one could also observe, that hackers are not always interested in collecting data or in getting money, but just to cause chaos or damage. Even a company like J P Morgan, with a budget of 200 Mio US$ a year, just for security means, where hit by an APT. Swisscom encountered a data leakage, because one of their suppliers was not well secured. Threats are facing an enterprise from everywhere and if incidents occur, they need to react instantly, whilst the attackers have plenty of time to analyze their target, develop their approach and finally wait for their success.

This means that we cannot be absolutely save but we can reduce the possibilities for the attackers as well as make sure, to detect intrusions as soon as possible. Not only do we need to monitor and observe our own infrastructure, but also select suppliers wisely and reassure, their risk footprint does not worsen during the years. One of the measures is a process to evaluate supplier, including contracts, that assure they take responsibility for security, another is a sound Vendor Risk Management.

The speaker will present the approach, taken by AXA to manage its vendor risks. He will talk about the key processes that have been established, the different topics covered, and the lessons learned from their application. He’ll show the framework that was build and the organization that is in place, to deal with the need to manage the outsourcing initiatives and involved parties.


The sponsor of this event Co-sponsor


This is a ‘must attend’ webinar for all security professionals! We are working hard to provide great content and no sales/marketing pitches. So profit from the knowledge from industry experts.

Register here!

With the registration for this webinar you accept, that SIGS may use the data entered for its own purposes and may share to use it with its event partners and event sponsors of this platform. In addition, we will record the session and provide the video for downloads to the community.