Hi [[ session.user.profile.firstName ]]

Governance, Risk, and Compliance

  • Date
  • Rating
  • Views
  • Are You Ready for PCI D-Day? January 31, 2018 Is But 2 Weeks Away
    Are You Ready for PCI D-Day? January 31, 2018 Is But 2 Weeks Away Ben Rothke (Nettitude) | David Mundhenk (Herjavec Group) | Jeff Hall (Optiv) Recorded: Jan 16 2018 64 mins
    One of the big priorities for companies in 2018 is to achieve compliance. GDPR is going into effect in May, but even before that new new PCI DSS 3.2 requirements are set to become operational in February. According to the PCI SSC, these requirements were previously considered to be 'best practices' until January 31, 2018, after which compliance with them becomes mandatory. Although this is not connected to GDPR, companies that implement this standard will be some way to becoming GDPR compliant, at least as far as payments are concerned. E.g. In PCI DSS 3.2., multi-factor authentication (MFA) becomes mandatory, offering retailers and other companies a way of protecting customer personal details.

    Join the PCI Dream Team as they discuss:
    - What are the new PCI DSS 3.2 requirements?
    - Who needs to be PCI DSS 3.2 compliant?
    - What is the impact on data protection and cyber security?

    Speakers:
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Principal Security Consultant at Optiv Security
    - Ben Rothke, Principal Security Consultant at Nettitude Group
  • 5 Digital Asset Security Risks Someone Should Have Warned Me About
    5 Digital Asset Security Risks Someone Should Have Warned Me About Todd DeCapua Recorded: Dec 26 2017 40 mins
    Todd will walk you through the 5 digital asset security risks someone should have warned him about. You will enjoy the stories, see the key learnings, and know what you need to do as you are likely headed down this path.

    With examples in the media, at least on a weekly basis, where realities of risks to Revenue, Brand, Customer and Competitive are all too real. Join the leading expert in Digital Asset Security and Performance Engineering, ensuring you will know where to focus first; enabling you to mitigate some of the higher profile risks, which you and your team may not be aware of yet.

    You will hear about:

    •Domain Management and Strategy
    •Online Brand Protection
    •DNS Services and Analytics
    •SSL Certificates
    •Social Media Username Registration and Management
  • Managing compliance and risk with Data Center Automation
    Managing compliance and risk with Data Center Automation Megan Glick, Darren Blumenthal, Joe deBalquiere Recorded: Dec 13 2017 37 mins
    It’s no secret that IT compliance management requirements are on an upward spiral. From growing and ever-changing external regulatory policies to tightening internal requirements, getting a complete view across the infrastructure is a major challenge, let alone proving it’s in a compliant state. Micro Focus Data Center Automation addresses these obstacles, providing a single solution for internal and regulatory compliance across heterogeneous servers, database, and middleware.

    Join us to see:

    Product in action including the new simplified portal for compliance use cases
    New risk and security dashboards that give you ultimate visibility into the state of compliance across the entire data center
  • Creating an Information Governance Roadmap
    Creating an Information Governance Roadmap Mark Diamond, CEO, Contoural Recorded: Dec 1 2017 54 mins
    A well-designed Information Governance roadmap with appropriate milestones and metrics can drive a successful program forward. Join this webcast to learn more about:
    • Key elements for launching an Information Governance Program
    • How to incorporate these elements to meet your organization’s specific needs
    • Creating a team to help you launch your program
  • Digital GRC: Innovations for Early Identification and Management of Risk
    Digital GRC: Innovations for Early Identification and Management of Risk Moderated by Colin Whittaker; Yo Delmar, MetricStream; Jason Ford, Contegix; and Cameron Jackson, Riskonnect Recorded: Nov 16 2017 62 mins
    Attendees can earn 1 CPE credit on this session.

    Digitization has become deeply embedded in enterprise strategy, as nearly all businesses and activities have been slated for digital transformations. The significant advantages of digitization, with respect to customer experience, revenue, and cost, have become increasingly compelling, and we are starting to see digital transformations in risk create real business value by improving efficiency and the quality of risk decisions.

    The state of risk management at most global, multiregional, and regional banks is abundant with opportunity. Current processes are resource intensive and insufficiently effective, as indicated by average annual fines above $400 million for compliance risk activities alone. By improving the efficiency and effectiveness of current risk-management approaches, digital risk initiatives can reduce operating costs for risk activities by up to 30 percent, and a digitized risk function can provide better monitoring and control and more effective regulatory compliance. On this webinar our panel of experts will discuss digital innovations for risk management success.
  • CPE Webinar: A Data Security Survival Guide in an Interconnected World
    CPE Webinar: A Data Security Survival Guide in an Interconnected World Rebecca Herold, The Privacy Professor; M P. Suby, Frost & Sullivan; Deral Heiland, Rapid7; Bharath Vasudevan, ForcePoint Recorded: Oct 25 2017 66 mins
    Attendees can earn 1 CPE credit on this session.

    As the number of internet-connected devices skyrockets into the billions, a data security strategy is an increasingly important part of any organization’s ability to manage and protect critical information. Enterprises are migrating to the cloud in droves, however, protecting data in the cloud remains a challenge as employees push to access cloud apps from any device, anywhere. In the last year alone, 1 in 3 organizations were hacked more than 5 times, and with the increased number of attacks the financial cost of security incidents is also rising.

    In many cases, breaches are caused by a combination of benevolent insiders, targeted attacks, and malicious insiders. For example, targeted attacks are often enabled inadvertently by well-meaning insiders who fail to comply with data or security policies, which can lead to a data breach. In this webinar, our panel will discuss major trends impacting cyber security – from the rising frequency of attacks and types of threats that organizations should be concerned about the most, and they will adress the risks, priorities, and capabilities that are top of mind for enterprises as they migrate to the cloud.
  • A Tactical Guide to Reducing Your Data Breach Risk
    A Tactical Guide to Reducing Your Data Breach Risk Dr. Branden Williams; Farshad Ghazi, HPE; Yo Delmar, MetricStream; Jordan Rogers, Rapid7; and Billy Sokol, MarkLogic Recorded: Aug 29 2017 71 mins
    Over 90% of the world’s data has been generated in the last few years. Accompanying this rapid growth in data comes exponential risks, as witnessed by the spike in cyber attacks of which no organization seems immune. The financial rewards gained by the perpetuators of cyber attacks is blatant, and this is driving continued attacks on companies containing massive amounts of consumer data. For these companies securing data is only half the battle. The risks can be greater when data is transmitted externally, hence it is critical that organizations know where sensitive data is going, how it is being transmitted, and how it is being handled and stored.

    On this webinar our panel of experts will discuss some of the best practices organizations can consider to reduce the risk of suffering from a data breach, and to proactively prepare for any subsequent breach that could happen.
  • Hunting Criminals with Hybrid Analytics, Semi-supervised Learning, & Feedback
    Hunting Criminals with Hybrid Analytics, Semi-supervised Learning, & Feedback David Talby, CTO, Pacific AI Recorded: Aug 23 2017 62 mins
    Fraud detection is a classic adversarial analytics challenge: As soon as an automated system successfully learns to stop one scheme, fraudsters move on to attack another way. Each scheme requires looking for different signals (i.e. features) to catch; is relatively rare (one in millions for finance or e-commerce); and may take months to investigate a single case (in healthcare or tax, for example) – making quality training data scarce.

    This talk will cover a code walk-through, the key lessons learned while building such real-world software systems over the past few years. We'll look for fraud signals in public email datasets, using IPython and popular open-source libraries (scikit-learn, statsmodel, nltk, etc.) for data science and Apache Spark as the compute engine for scalable parallel processing.

    David will iteratively build a machine-learned hybrid model – combining features from different data sources and algorithmic approaches, to catch diverse aspects of suspect behavior:

    - Natural language processing: finding keywords in relevant context within unstructured text
    - Statistical NLP: sentiment analysis via supervised machine learning
    - Time series analysis: understanding daily/weekly cycles and changes in habitual behavior
    - Graph analysis: finding actions outside the usual or expected network of people
    - Heuristic rules: finding suspect actions based on past schemes or external datasets
    - Topic modeling: highlighting use of keywords outside an expected context
    - Anomaly detection: Fully unsupervised ranking of unusual behavior

    Apache Spark is used to run these models at scale – in batch mode for model training and with Spark Streaming for production use. We’ll discuss the data model, computation, and feedback workflows, as well as some tools and libraries built on top of the open-source components to enable faster experimentation, optimization, and productization of the models.
  • How GDPR Affects US Companies
    How GDPR Affects US Companies Bob Siegel, President and Founder of Privacy Ref Recorded: Aug 17 2017 37 mins
    Learn how the EU General Data Protection Regulations affect US based companies.

    Join CyberDefenses and Privacy Ref's Bob Siegel to review how the GDPR directly impacts US based corporations. These far-reaching regulations impact any company that stores or transmits identifying information of any individual within the EU.

    In this webinar, you will be introduced to the basic elements of the GDPR and you will discuss the requirements that require action for US focused companies.

    About Bob Siegel:
    President and founder of Privacy Ref, Inc., Bob Siegel, started the company in 2012. After his time as Senior Manager of Worldwide Privacy and Compliance at Staples, Inc., Bob applied his experience and expertise to assisting companies implement and maintain strong privacy programs. Bob has worked with many different organizations, dealing with programs of all sizes and regulatory needs.

    Always seeking to improve his own understanding of all things privacy, Bob has earned certifications from the International Association of Privacy Professionals. These include certifications in US private and public sector, European, and Canadian privacy laws. Bob has also earned certifications in Information Technology Privacy and Privacy Program Management. Bob Siegel has also been recognized as a Fellow of Information Privacy by the IAPP for his outstanding dedication to the privacy community. He has also served on the IAPP's Certification Advisory Board for the CIPM program and the IAPP's Publication Advisory Board. Bob also serves on the IAPP’s teaching faculty leading classes in the areas in which he is certified.

    About CyberDefenses:
    CyberDefenses is a premiere cyber security services organization, providing advanced security services to the commercial and federal sectors. CyberDefenses Academy provides advanced training the IT, security and privacy professionals that wish to be at the top of their field.
  • Orchestrating Effective IT Risk Management Across the Lines of Defense
    Orchestrating Effective IT Risk Management Across the Lines of Defense Kelley Vick, IT GRC Forum; Cameron Jackson, Riskonnect; Weston Nelson, Moss Adams Advisory Services Recorded: Aug 8 2017 65 mins
    Today’s IT risk environment is more threatened than ever thanks to the growth in sophisticated cyber attacks and security vulnerabilities. Now, complex, hard-to-detect attacks could bring down not just a single institution but also large parts of the internet and the financial markets. Organizations need an intelligent approach when it comes to assessing IT risk and managing compliance.

    Staying safe is no longer just about deflecting attackers. It’s about staying ahead of attackers who are already inside the organization, and banks are doing this through structured lines of defense that enhance security capabilities, involve IT risk managers in operations, and expand internal audits mandate so they can cover business disruption. On this webinar presentation we will address some ways how organizations can as a part of an Integrated Risk Management initiative orchestrate effective IT risk management across the lines of defense.

Embed in website or blog