Episode 234 Deep Dive: Tulin Sevgin | Tackling Third-Party Risk Management: Crucial Insights for Effective Due Diligence

In this episode, we are joined by Tulin Sevgin (Director – National Cyber Security Practice, MinterEllison) as we unravel the complexities and potential oversights in working with vendors. Tulin sheds light on the critical need for due diligence in the procurement process to mitigate future risks, emphasising the impact of vendor changes on data access and infrastructure. Tulin navigates the labyrinth of vendor risk governance and emphasizes the significance of ongoing monitoring. Join us as we delve into the intricacies of vendor assessments, the challenges involved, and the supply chain landscape.

Tulin Sevgin is a strategic thinker and cyber risk management specialist with experience in public and private sectors. Tulin has held senior positions with Commonwealth Bank, Westpac, Optiver and Deloitte.

Amongst Tulin’s career she has successfully started up and led a cybersecurity practice at a boutique consultancy and is now leading the TPRM team at UpGuard growing the CyberRisk product and services.

Tulin specializes in cyber risk management including TPRM, cyber risk threat analysis, prevention,
control and assurance. Tulin’s past working experience spans enterprise risk management, business
continuity, risk culture analysis, project management, issues management, IT audit, data analytics,
internal audit and external audit.
Tulin has worked across multiple projects from:

• Developing and implementing successful Third-Party Risk Management Frameworks
• APRA Prudential Standard CPS234, GDPR, CCPA, NDB scheme readiness
• Information Security Officer positions
• Cyber Security Incident response exercises
• Creating and exercising data breach response plans
• Developing, managing and testing IT disaster recovery plans
• Enhancing cyber risk frameworks for various clients
• Facilitating cyber security awareness training
• Post cyber incident reviews
• Social engineering projects