Third Party Therapy - Aki Eldar - Artifical Intelligence in TPRM

Nov 27, 2024

Aki Eldar, entrepreneur and founder of Mirato with deep cybersecurity and data-protection roots, explains applying AI to tame TPRM data overload. He describes AI reading and validating vendor evidence, automating tedious analysis, managing shadow AI risks, and why start with a small MVP. Short, practical takes on making risk teams faster without losing human judgment.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ANECDOTE

Secure Islands Sale Shaped Murato's Approach

Aki built Secure Islands to protect unstructured data and sold it to Microsoft, which used the tech in Azure Information Protection.
That background shaped his focus on data-centric security and later Murato's TPRM AI approach.

INSIGHT

AI Multiplies Assessor Capacity

AI can read thousands of pages of supplier evidence and automatically find supporting control evidence to scale assessment capacity.
Mirato trains one model once and effectively multiplies assessors, integrating external data sources without hiring SMEs.

ADVICE

Make Vendors Upload Evidence Not Fill Forms

Ask vendors to upload evidence instead of answering questionnaires and auto‑populate answers from those documents.
Mirato's MQK auto-answers most questions and provides attestations plus an audit trail and links to supporting pages.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Aki Eldar | Using AI to Solve the TPRM Data Overload

Episode Summary: The volume of data in Third-Party Risk Management has become unmanageable for manual teams. In this episode of Third Party Therapy, Mike Day sits down with Aki Eldar, founder of Mirato, to discuss how Artificial Intelligence is moving from a "future concept" to a practical tool. Aki explains how AI can automate the heavy lifting of evidence analysis—reading SOC2s and ISO certs for you—so that risk professionals can focus on making actual decisions rather than just processing paperwork.

🕒 Timestamps

00:00 – Introduction: AI as a risk vs. an opportunity

03:15 – Aki’s 30-year journey: From Cybersecurity & DLP to TPRM

11:40 – The "Mountain of Evidence" problem in modern risk management

19:25 – How AI actually "reads" and validates third-party documentation

27:50 – "Shadow AI": Managing the risks of unauthorized AI use in your business

36:10 – Why AI won't replace the human-in-the-loop

44:30 – The "MVP" Strategy: Why you should start standalone and scale later

52:15 – Closing thoughts and how to avoid the "Everest" trap

💡 Key Takeaways

Automated Analysis: Move beyond simple data collection. Learn how AI can cross-check supplier questionnaires against their actual evidence (like SOC2 reports) to find gaps instantly.
The Productivity Shift: By automating the "boring" work, AI allows risk managers to focus on the 20% of high-risk cases that actually require human expertise.
Managing Shadow AI: Aki shares critical insights on how to handle employees using tools like ChatGPT and the data privacy risks that come with "dirty" AI models.
Don't Climb Everest at Once: Why a "Minimum Viable Product" (MVP) approach is the most successful way to implement AI without disrupting your entire organization.

🔗 Connect & Resources

Official Website: thirdpartytherapy.com
Join the Community: Sign up for our mailing list for the latest in AI and TPRM.

Search & SEO

Keywords: #AI #ArtificialIntelligence #TPRM #ThirdPartyRisk #RiskAutomation #Mirato #CyberSecurity #RiskManagement #DigitalTransformation #ThirdPartyTherapy #SupplyChainRisk