Show Notes / Recap
Guest: Jadee Hanson — Chief Information Security Officer, Vanta
Host: Nate Lee — CISO and Founder, Cloudsec.ai
Topic: Moving beyond point-in-time checklists to continuous vendor oversight
Episode Overview
In this episode, Nate and Jadee dive deep into how security leaders can rethink third-party risk management. They explore the shift from static compliance checklists to dynamic, ongoing vendor evaluations that better reflect real-world risk.
Jadee shares how companies can use automation and transparency to strengthen partnerships without slowing the business down. She also offers insight into buyer leverage, shared responsibility, and how to manage vendor risk without creating bottlenecks.
Key Takeaways
- Annual vendor reviews don’t cut it anymore; security needs to be continuous.
- The best CISOs create a culture of accountability with their vendors, not friction.
- Compliance frameworks are useful, but they’re not the full picture.
- Continuous monitoring and clear communication lead to better business outcomes.
- Security leaders have more leverage than they think it’s about using it wisely.
Watch on YouTube
Watch as Vanta CISO Jadee Hanson joins host Nate Lee to discuss the evolution of third-party risk management, shared responsibility, and how to reduce risk without blocking business growth.