We use cookies to ensure you get the best experience on our website.
Visit our Cookie Policy for more information.
Panorays’ Blog

Articles by Dov Goldman

Learn about the latest research and happenings in TPSRM
Dov Goldman - VP of Risk Strategy @ Panorays
Dov Goldman
VP of Risk Strategy @ Panorays
Dov is a serial entrepreneur who’s been involved with third-party programs of all sizes, and is the go-to person for explaining the difference between inherent and residual risk.


Dov is a seasoned entrepreneur, navigating the world of startups with finesse. With a knack for breaking down the nuances of third-party risk management, he’s your ultimate guide in explaining inherent versus residual risk. Armed with years of expertise, Dov will untangle the intricacies of risk assessment and demystify the complexities of third-party risk.


Throughout his extensive career as a technology entrepreneur, Dov has emphasized the human dimension of implementing IT systems and the pragmatic necessity of delivering tangible business outcomes. With decades of experience spanning multiple startups, Dov has collaborated closely with cyber and risk leaders across numerous large enterprises, specializing in third-party risk management.

Cybersecurity Authoritativeness

Dov has earned recognition as a thought leader, adept at simplifying intricate problems and their resolutions into easily understandable terms. Regarded as the ‘third-party therapist’ within the industry, Dov possesses an intuitive understanding of the challenges faced by third-party risk leaders. His engaging speaking engagements and insightful written pieces captivate audiences, blending entertainment with informative content.

Dov has written and been quoted about third party cyber risk and privacy in various papers, cybersecurity news publications, websites and resources, including:

Dov has spoken at and chaired numerous industry events, including recently:

Dov has a number of patents to his name, including one for the design of a third-party cyber risk module:


Dov graduated from Columbia University in New York with a degree in Computer Sciences. His time there was more than just academics—it was a transformative period where he honed his skills and immersed himself in tech competitions and workshops. Columbia equipped him not only with technical expertise but also instilled in him a relentless drive for excellence that defines his career.

Latests Posts by Dov Goldman

DORA: What Financial Institutions Need to Know

Third-Party Risk and DORA: A Guide for Institutions

In response to rising frequency and severity of cyberattacks on financial institutions, the European Union has drafted…

What is the Digital Operational Resilience Act (DORA)?

The Digital Operational Resilience Act (DORA) will go into effect January 17, 2025. Learn how you can start preparing for compliance now.

What is FISMA and How Does it Protect Government Data?

FISMA, or the Federal Information Security Management Act, was first legislated in 2002 and updated in 2014 to establish the CIO of government agencies such as…
Vulnerability Management

Vulnerability Risk Management and Third Party Risk

Earlier this month American Express announced it suffered a third-party data breach….
Third Party Risk Management (TPRM)

TPRM: A Complete Guide to Third Party Risk…

Third Party Risk Management (TPRM) is the process of managing risks with…

10 Facts You Should Know About NYDFS

NYDFS, the New York State Department of Financial Services Cybersecurity Regulation has…
NIST Cybersecurity Framework

News in TPRM: NIST Releases Cybersecurity Framework 2.0

On February 26, the National Institute of Standards and Technology released the…
What is HECVAT - Higher Education Community Vendor Assessment Toolkit

What is HECVAT? Vendor Assessment in Higher Education

HECVAT, also known as the Higher Education Community Vendor Assessment Toolkit, is…
NIST Cybersecurity Framework

The NIST Cybersecurity Framework (CSF) and TPRM

With the increasing use of artificial intelligence (AI), emphasis on cloud-first strategies…
Digital Supply Chain Blind Spots

Uncovering Blind Spots in Your Digital Supply Chain

Although data breach announcements that impact an entire digital supply chain often…
Third Party Data Breaches

Third-Party Data Breaches in 2023: The Main Takeaways

Increasing numbers leading brands this past year such as T-Mobile appearing in…
Digital Supply Chain

Digital Supply Chain Risk Trends in 2023: A…

Forrester data reveals that 55% of security pros reported their organization experienced…
AI In Risk Management

AI in Risk Management: Focusing on Third-Party Risk

According to SkyQuest Global research, only 39% of organizations today are using…
What is a Cyber Risk

Mitigating Third-Party Cyber Risk: A Strategic Approach

Recent surveys report that while 37% of organizations feel they are highly…
Cyber Threat Intelligence

Cyber Threat Intelligence: Defending Third-Party Risk

In 2021, the managed service provider (MSP) Kasaye suffered a massive ransomware…

The Fastest and Easiest Way
to Do Business Together, Securely