Practical TPRM strategies for regulators, boards and CISOs
About this webinar
Financial services organisations are under increasing regulatory and operational pressure to demonstrate effective control over their third-party ecosystem. Recent incidents have shown that a single supplier weakness can disrupt operations, trigger regulatory scrutiny, and create material financial impact.
This session focuses on how organisations can move beyond policy compliance and demonstrate measurable resilience across their supply chain.
We will discuss practical approaches to prioritising supplier risk, communicating exposure to senior leadership, and aligning with evolving supervisory expectations.
What you will gain
- How to identify which third parties genuinely threaten business operations
- How to evidence resilience to regulators and boards (not just compliance)
- Practical methods to quantify supplier cyber risk in financial terms
- How leading financial institutions are adapting TPRM programmes in 2026
- Lessons from real incidents and how organisations successfully responded
Who should attend
CISOs, Heads of Security, CROs, Operational Resilience Leads, Supplier Risk & Procurement Directors, Compliance Leaders, and senior professionals responsible for third-party oversight within financial services.
Why to attend now
UK and global regulators are increasingly focusing on supply-chain resilience and operational impact tolerance. Organisations that cannot evidence control over third-party cyber risk face growing supervisory and reputational pressure.
Speakers:
Craig Rice
Cyber Defence Alliance CEO
Craig Rice is a seasoned information security and intelligence professional with extensive leadership experience across UK financial services, critical national infrastructure, and systematically important institutions.
He has advised on cyber policy for the Bank of England, CPMI-IOSCO, DSIT, and UK Finance, and supported academic initiatives at Royal Holloway University London and RISCS. Craig became CEO of the Cyber Defence Alliance in September 2023.
James Frampton
MUFG Former CISO & Managing Director
James Frampton recently left MUFG after 8 years as Managing Director and Regional CISO for EMEA, where he led Cyber Support, Risk & Control, Threat Intelligence, Vulnerability Management, SOC, IAM, and Technical Documentation. He has experience across multiple industry sectors and ran a Gartner special interest group on Quantum preparedness for the financial sector. James has delivered AI tools to streamline operations and is passionate about simplifying technology. He is also an experienced mentor and coach.
Julian Meyrick
Partner Eraneos UK
Julian Meyrick Julian works with boards and executives to translate cyber business impact into financial risk and improve investment decisions. He established the Eraneos presence in the UK in 2024 and previously led IBM Security’s global Security Strategy, Risk & Compliance practice. Since 2019,
Julian has delivered risk quantification for business leaders worldwide and represented the private sector at the World Economic Forum’s Annual Cybersecurity Meeting. He also lectures on cyber risk at the universities of Oxford, Warwick, and Trinity College Dublin.
Adriana Langdon
Senior Cyber Security Consultant