Control or Be Controlled: Managing Third-Party Cyber Risk and Concentration Exposure

Third-party breaches aren’t just cyber events - they’re business disruptors. Join Stuart Barnett, Director of Cyber Threat Intelligence at Orpheus Cyber, as he unpacks the growing risks of third-party and concentration exposure in modern supply chains. Discover why diversification is a resilience imperative, not a nice-to-have. With real-world insight, regulatory context, and intelligence-led solutions, this session will leave you with clear, actionable steps to strengthen your security posture. Learn how to lead with control - before you’re left reacting to someone else’s failure.

Key Takeaways:
-Concentration risk is a strategic business threat—not just a technical one.

• Over-reliance on a single supplier, region, or tech stack creates systemic vulnerabilities.
• New regulations (DORA, NIS2, NIST 2.0) demand evidence of proactive third-party risk control.
• Continuous third-party risk monitoring is essential for resilience.
• Intelligence-led platforms like Orpheus provide clear visibility, predictive scores, and actionable mitigation.