Supply Chain Security: Managing Risk Beyond Your Vendors

September 10, 2025

Facebook
X (Twitter)
Pinterest
fb-share-icon

When it comes to third-party supply chain security, there’s a big difference between doing it and doing it right. Every vendor you work with brings their own vendors into the mix—so who truly owns the risk? In this session, we’ll explore how to identify, assess, and mitigate supply chain risks at every level without overburdening your resources. Join us to gain a clear strategy for protecting your organization from hidden vulnerabilities in your vendor ecosystem.

 

You May Like These Posts

Why Maturity Matters: Overcoming GRC Cognitive Overload with the Maturity Model

Please join Kayne McGladrey, author of the GRC Maturity Model and Cheri Hotman as they explore the GRC (Governance, Risk, and Compliance) Maturity Model, a powerful tool for organizations to assess and enhance their cybersecurity practices. Achieving maturity in GRC is crucial for navigating complex regulatory landscapes and boosting overall effectiveness. Through self-assessments, organizations can […]
Read more

Security Awareness Training – Social Engineering

Join us for an essential Security Awareness Training session focused on Social Engineering. In this session, we delve into the critical importance of cybersecurity awareness and how you, as an individual, serve as the first line of defense against cyber threats.   Key Topics Covered:   Why This Matters: Remember: Technology alone cannot protect you. […]
Read more

What Operationalized GRC Actually Looks Like: From Silos to Systems

Many organizations believe their GRC program is operational because audits are passing and tools are in place. In reality, operationalized GRC behaves very differently. Risk has clear ownership. Information flows across teams. Gaps surface early instead of being hidden. In this session, Cheri Hotman and Peter Spier walk through what an operationalized GRC program actually […]
Read more

CMMC 101: What you need to know from framework to final rule

With a staggering loss of $3.5 billion in intellectual property through its contractors a year, the Department of Defense (DoD) needed a way to shore up cybersecurity in the Defense Industrial Base (DIB). From this need, the Cybersecurity Maturity Model Certification (CMMC) program was created with an initial release in 2020.   The entire purpose […]
Read more

Why Cybersecurity is as much Art as Science

In this kickoff episode of The Art of Cybersecurity, host Cheri Hotman shares why this podcast exists and what listeners can expect. Cyber isn’t just science or technology — it’s art. It’s messy, constrained, people-driven, and ultimately about mitigating risk to protect people and data. Cheri cuts through the noise of “easy button” tools, audit-passing […]
Read more

A Practical Approach to Choosing the Right GRC Tool

With countless GRC tools on the market, how do you know which one is the right fit for your organization? The wrong choice can lead to wasted resources and unmet security goals. In this session, we’ll walk through real-world cases, breaking down why specific tools were chosen and how they were successfully implemented. You’ll learn […]
Read more

CMMC Compliance: Cutting Through the Confusion

  Cybersecurity leaders want to know, in plain terms, what they need to do when it comes to CMMC to ensure compliance and customer contractual obligations. Join us for a conversation with cybersecurity experts about what’s actually needed to stay on track with CMMC compliance. We’ll dive into the real gaps you may be facing […]
Read more

Securing AI: Balancing Innovation, Risk, and Reality

AI adoption is exploding—but so are the risks. From data exposure and prompt injection to unregulated model training, most organizations are using AI without fully grasping where their data lives or how it’s being secured. In this session, we’ll unpack the real meaning of “securing AI,” exploring how risk, governance, and innovation must coexist. You’ll […]
Read more

Choosing the Right Cybersecurity Framework: A Practical Guide for Leaders

Speakers: Cheri Hotman and Tanya WadeHosted by: Hotman Group   Why Choosing the Right Framework Matters   Passing an audit is no longer enough. Many organizations still treat cybersecurity as a one-time project, something to "check off" rather than an integrated, living part of their business operations.   During this session, Cheri Hotman and Tanya […]
Read more

Post A Comment

Leave a Reply

Your email address will not be published.

Endless audits and customer demands were never supposed to replace real security.
We build, implement, and run Cyber GRC programs that reduce risk, protect the business, and still pass audits.

Hotman Group is a certified

woman-owned business (WOSB)

Hotman Group, LLC

Fort Worth, TX

Privacy Policy | Terms of Service | All Rights Reserved © Hotman Group, LLC