Day 2 of the 2025 Shared Assessments Summit built on the momentum of a powerful opening day, moving from bold ideas to practical strategies that are reshaping third-party risk management (TPRM) in real time. Through thought-provoking keynotes, expert-led breakouts, and honest conversations about what’s working—and what’s not—attendees left with insights they can apply immediately and a clearer direction for where the discipline is heading.

Geopolitical Realities and Global Resilience

The day opened with a compelling keynote from Heidi Grant, former Director of the Defense Security Cooperation Agency and a seasoned leader in global defense strategy. Framing the global landscape as a geopolitical chessboard, she illustrated how today’s conflicts, economic rivalries, cyber warfare, and climate volatility are no longer abstract risks—they’re operational realities. Grant emphasized the need for resilient, values-driven partnerships within third-party ecosystems, urging attendees to evolve their TPRM strategies in response to an increasingly volatile world.

The Promise—and Peril—of AI

In one of the day’s most forward-looking sessions, a panel of experts tackled how artificial intelligence and emerging technologies are fundamentally reshaping risk management. Moderated by Andrew Moyad, CEO at Shared Assessments, the panel featured:

• Katie Boswell, Securing AI Lead, KPMG
• Jonathan Dambrot, CEO, Cranium
• Konstantinos Karagiannis, Director Quantum Computing Services, Protiviti, Inc.
• Mark Wehrle, Director Cyber Risk & Awareness, The Campbell’s Company
  

Together, they moved past the hype to explore practical AI use cases—such as automated risk assessments, identification of material control gaps, and enhanced data flow management. The group emphasized the need for robust governance, transparency, and collaboration across teams, especially as AI moves from tools to autonomous agents. Their message: embrace innovation, but do so with clear oversight and intentional design.

Breakout Insights: Practical Paths to Progress

The afternoon breakout sessions were rich with tactical, actionable guidance tailored to every level of TPRM maturity:

• Certa, represented by Brian Shaw, presented a bold case for TPRM by exception, arguing that risk teams should stop managing everything and instead focus on the most critical issues. Their AI-driven approach surfaces only the risks that matter—freeing up time and maximizing impact.
• Black Kite, with insights from Bob Maley, challenged attendees to ditch the checkboxes in favor of continuous risk visibility. Their modern framework replaces static questionnaires with automation and scoring systems, streamlining workflows and enabling smarter decisions.
• ProcessUnity, led by Ed Thomas, introduced a data-first model that lightens the assessment burden by leveraging shared risk intelligence. By eliminating redundancy and tapping into existing data sources, teams can scale without stretching resources thin.
  
• BlueVoyant, represented by Joey Carter, outlined a lifecycle approach to TPRM. He demonstrated how cyber risk should be addressed throughout the vendor journey—from onboarding to offboarding—using automation and AI to make faster, more accurate decisions.

The Road to Standardization

One of TPRM’s most stubborn challenges—standardization—took center stage during an engaging panel moderated by Mark Orsi, CEO at Global Resilience Federation. He was joined by:

• Linnea Solem, CEO & Founder of Solem Risk Partners
• Dr. Angela Dogan, Associate Director | Security and Resiliency, Kyndryl
• Andrew Moyad, CEO of Shared Assessments

The panel acknowledged the difficulty of harmonizing frameworks across industries, but stressed its importance for scaling TPRM programs effectively. They emphasized that standardization doesn’t mean rigid uniformity—it’s about creating flexible, consistent structures that empower organizations to align on what matters most: transparency, accountability, and resilience.

Celebrating the Legacy and Looking Ahead

In honor of Shared Assessments’ 20th anniversary, CEO Andrew Moyad hosted a reflective panel to celebrate the organization’s impact and discuss what lies ahead. He was joined by:

• Cathy Allen, Founder and Chair of the Board, Board Risk Committee
• Tom Garrubba, Vice President and Sr. Manager for Security Policy & Governance, PNC
• Paul Kooney, Managing Director, Protiviti, Inc.

Together, they revisited the journey of building structure, trust, and credibility within a once-fragmented field. Looking forward, they agreed that the next 20 years of third-party risk management will demand even more agility, collaboration, and leadership—with Shared Assessments continuing to lead the charge as a trusted industry guide.

Final Takeaways:

• Geopolitics is no longer a background risk—it’s front and center.
• AI is both a disruptor and an accelerator—govern it with intention.
• Exception-based, data-driven TPRM is where the field is headed.
• Scalability comes from simplification and collaboration.
• Shared values and resilient partnerships will define the future.

As the Summit came to a close, one message resonated across every keynote, panel, and breakout: third-party risk management is no longer just a compliance function—it’s a strategic imperative. And, thanks to the collective insights shared over the past two days, attendees are better equipped than ever to lead their programs with confidence, clarity, and purpose.

Thank You

We extend our deepest gratitude to the outstanding speakers who shared their expertise, the engaged attendees who enriched our discussions, and the sponsors whose generous support made the Shared Assessments 18th Annual To Boldly Go Third Party Risk Summit a remarkable success. Your collective contributions have propelled the conversation on third-party risk management forward.​

A special acknowledgment to our sponsors:​

• Platinum Sponsors: ​OneTrust
• Gold Sponsors: ​Black Kite, BlueVoyant, Certa, ProcessUnity
• Exhibitors: Coverbase, Cranium, Mirato, Mitratech, Whistic, Vanta

Your support has been invaluable in making this event possible.​ Thank you for being an integral part of this journey. We look forward to continuing our collaboration and advancing the field together.