Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • Everything You Need To Know About OWASP SAMM 2.0
    Everything You Need To Know About OWASP SAMM 2.0
    Cybersecurity Practice Manager, Chris Cooper Recorded: Feb 28 2019 25 mins
    The Open Web Application Security Project (OWASP) is developing version 2.0 of their Software Assurance Maturity Model (aka SAMM), and Chris Cooper, SureCloud’s Cybersecurity Practice Manager is part of the team currently working on the core model, with a focus around the new ‘Implementation’ business practice. In this webinar, Chris will be discussing the history of SAMM, evaluating the version 2.0 core model from a technical perspective, and the process that the SAMM team are undertaking.

    The session will cover:
    •Why SAMM 2.0 is being introduced
    •The innovative ways in which SAMM 2.0 is being created
    •How SAMM is modernizing its recommendations on how organizations build and deploy software
    •How to harness SAMM to conduct penetration testing in a more mature way
    •Some of the feedback that OWASP SAMM team has received from the version 2.0 beta

    Chris Cooper is a Tigerscheme Senior Security Tester (Web Apps) and a CHECK Team Leader.
  • Cybersecurity Attacks that will Actually Lead to a Compromise
    Cybersecurity Attacks that will Actually Lead to a Compromise
    Luke Potter, Cybersecurity Practice Director, SureCloud Recorded: Jan 15 2019 67 mins
    Vulnerabilities exist in every system, and for some, the impact of an attack could be catastrophic, even business-ending. Often, these incidents are the result of a vulnerability that could be identified in a penetration test.

    In this webinar SureCloud’s Cybersecurity Practice Director, expert Penetration Tester, Luke Potter will discuss some of the real-life cyber-attacks his team has conducted including the work they have done with the BBC, Daily Mail, and Which? Magazine.

    The session will cover:
    •Targeted Phishing attacks
    •IoT and ‘Smart’ devices
    •Physical attacks including Social Engineering
    •Use of OSINT Techniques to Compromise Organisations
    •Password Analysis

    Luke Potter is a CHECK team leader, Tiger Scheme senior security tester, ISO 27001 lead auditor and Microsoft Certified enterprise administrator.
  • How to integrate Business Risk and IT Risk
    How to integrate Business Risk and IT Risk
    Alex Hollis, GRC Practice Director SureCloud Recorded: Nov 27 2018 49 mins

    Many governance, risk, and compliance (GRC) projects fail because they’re deployed to support a specific compliance need or to meet the requirements of a specific department. In this webinar, SureCloud’s GRC Practice Director will discuss taking an integrated Risk Management approach, connecting Business Risk and IT Risk.

    The session will cover:

    • The challenges Integrated Risk Management (IRM) causes
    • Outlining how operational and IT Risk must work together
    • An approach for creating a model within your own business with the right GRC technology
    • The benefits of integration for internal communication and the relationships within your business
  • Ask the Expert: Penetration Testing
    Ask the Expert: Penetration Testing
    Luke Potter, Cybersecurity Practice Director Recorded: Jun 7 2018 11 mins
    SureCloud's Cybersecurity Practise Director talks avoiding the pain of managing penetration test outputs in static PDF documents. Effective management of penetration test remediation activities. Demonstration of improvement and benefit following penetration test delivery. Why a better approach is needed to penetration test, specifically running it ‘as a service’ based engagement. Tracking, trending and analyzing data between multiple testing projects.
  • GDPR Compliance -  What should organisations be doing now?
    GDPR Compliance - What should organisations be doing now?
    SureCloud CEO Richard Hibbert and COO Nick Rafferty Recorded: Apr 25 2018 46 mins
    Key takeaways

    • Key concepts and obligations
    • Principles of data processing and transparency
    • What organisations need to do to prepare for the GDPR?
    • What organisations need to do to implement a GDPR Compliance Program

    We will also provide a demonstration of SureCloud GDPR Suite that help organisations to achieve and maintain compliance with the regulation.
  • Got budget? Building the business case for your 2018 GDPR project
    Got budget? Building the business case for your 2018 GDPR project
    Terry Blake, SureCloud, Nick Rafferty, SureCloud, Michael Rasmussen, GRC 20/20 Recorded: Nov 16 2017 45 mins
    The deadline to comply with the European Union General Data Protection Regulation is May 25, 2018. Non-compliance could result in hefty fines to your company and impact your ability to do business in the EU. With calendar year budget planning now underway, this webinar will help you build the case to fund your GDPR project and gain alignment within your organization. You'll also get a demo of the Cloud-based SureCloud GDPR Suite. Deadline-driven demand will surely drive costs up so the time to act is now to secure both your funding and resources.
  • GDPR - How to embrace PCI’s big brother
    GDPR - How to embrace PCI’s big brother
    Chief Operations Officer, Nick Rafferty & Head of GRC, Oliver Vistisen Recorded: Aug 23 2017 44 mins
    If your organization stores, processes and transmits cardholder data, PCI’s big brother - the EU General Data Protection Regulation - could affect your ability to do business in the EU.

    Impacted PCI US companies may have EU residents as employees or customers.

    The GDPR has become a primary item on most organizations' agenda this past year, yet a disproportionate amount of focus has fallen on the fines that are set to come in force May 25, 2018.

    We want to take a more optimistic look at the regulation, why it came to be and how it can be a massive opportunity to strengthen your reputation and (re)gain customer confidence. We will also look at how the implementation and ongoing maintenance of compliance can be addressed through an analytical approach to the Articles themselves; the rules of the regulation.

    What attendees will learn:
    • How US ecommerce and other companies involved in payment card transactions can be impacted by the GDPR.
    • Why the world’s most valuable resource is no longer oil, but data.
    • Why the GDPR is far more than a simple check-box compliance exercise.
    •Why the GDPR is a massive opportunity in disguise for organizations who take it seriously.
    •How the GDPR aims to change company culture by turning risk assessments on their head.
    •An analytical breakdown of the GDPR Articles that uncovers those that are applicable to your organization, and how to tackle these through a risk based approach.
    •Key areas of focus for any GDPR program based on personal and client feedback.
    •How to effectively implement GDPR by expanding upon existing compliance programs and management systems (ISO 27001).
  • Let the countdown begin: What does the GDPR mean for US companies?
    Let the countdown begin: What does the GDPR mean for US companies?
    Stephen Bailey, Head of Privacy at NCC Group, Terry Blake, SureCloud EVP – North America, and Nick Rafferty, SureCloud COO. Recorded: May 25 2017 60 mins
    Exactly one year from the date of this webinar, the General Data Protection Regulation will take effect in the European Union. The GDPR applies to any organization that stores, processes or transfers the personal data of residents within the EU. It includes organizations located in and outside the EU. Non-compliance can result in fines of more than $20 million or 4% of worldwide revenues, whichever is greater. A recent survey found an alarming percentage of US-based companies are planning to reduce their presence in Europe or exit the European Union altogether rather than deal with the GDPR. Instead of tossing up their hands over the GDPR and going home, strategic US companies can follow the defined steps and adopt software solutions that can bring certainty to these uncertain times. In fact, they see another company’s exit from the EU as a potential opportunity to gain share. The good news is that you’re not too late in getting started to meet the GDPR deadline. But as the countdown begins, urgency escalates. The time to act is now.

    In this webinar, you will learn:
    What the GDPR means for you
    How to get started on your journey to compliance
    How the SureCloud GDPR Applications Suite can help you gain and demonstrate compliance and continuously improve your performance

    Agenda includes plenty of time to address your questions.
  • Third Party Risk: Gaining certainty amid a web of global relationships
    Third Party Risk: Gaining certainty amid a web of global relationships
    Michael Rasmussen, GRC Analyst at GRC 20/20 and SureCloud's COO, Nick Rafferty Recorded: Apr 6 2017 56 mins
    In today’s interconnected world, organizations struggle to adequately govern risk in third party business relationships. Over half of the organization’s insiders are no longer traditional employees. Insiders now include suppliers, vendors, outsourcers, service providers, contractors, subcontractors, consultants, temporary workers, agents, brokers, dealers, intermediaries, and more. Third party problems are the organization’s problems that directly impact brand, reputation, compliance, strategy, and risk to the organization.

    Join Michael Rasmussen, The GRC Pundit of GRC 20/20, and Nick Rafferty, SureCloud COO, to get an expert view of the challenges companies face and how to gain certainty amid an uncertain web of complex, global relationships.

    In this webinar you will learn:

    Why fragmented approaches to third party governance are doomed to fail
    How inadequate resources can’t keep up with growing risk and regulations
    How document, spreadsheet and email-centric approaches lack current-state analyses and audit trails
    Amid a challenging environment, what to do today by defining a strategy and adopting a single-version-of-the-truth software solution.
    How SureCloud's unique GRC Platform and its Third Party Risk Manager Application can strengthen your assessment process

    Agenda includes plenty of time to address your questions.
  • Data Transfers under the EU GDPR - do you need to comply?
    Data Transfers under the EU GDPR - do you need to comply?
    GDPR Expert at White & Case LLP, Tim Hickman and CEO Richard Hibbert at SureCloud Recorded: Mar 15 2017 60 mins
    Many organisations transfer personal data across borders to both EU and non-EU recipients. The EU General Data Protection Regulation (“GDPR”) imposes strict rules about how such data should be transferred, and applies to many unsuspecting non-EU organisations.

    Join Tim Hickman, GDPR Expert at White & Case LLP and Richard Hibbert, SureCloud CEO, to get the legal perspective on personal data transfers under the GDPR, and practical guidance on how this issue affects your business.

    In this webinar we will:

    Explain what constitutes a data transfer (you may be surprised).

    Identify the different types of data transfer (e.g., internal transfers within a corporate group; external transfers to service providers; etc.) and examine the implications for businesses.

    Examine the pros and cons of each data transfer mechanism (example consent, adequacy, Model Clauses, Binding Corporate Rules, etc.).

    Provide hints and tips on how organisations can prepare for data transfers under the EU GDPR.

    Discuss how SureCloud GDPR Suite can help you achieve compliance with data transfer regulations

Embed in website or blog