Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.
The PCI Dream Team: Ben Rothke | David Mundhenk | Arthur Cooper | Jeff Hall
The PCI Dream is back for another Q&A round on all things PCI.
Join this interactive session with some of the top PCI QSA’s in the country with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.
Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall will discuss how to achieve PCI compliance in the cloud. Get answers to your most vexing PCI questions. No PCI question is out of bounds.
- Ben Rothke, Senior Security Consultant at Nettitude
- David Mundhenk, Senior Security Consultant at Herjavec Group
- Jeff Hall, Principal Security Consultant at Optiv Security
- Arthur Cooper "Coop", Senior Security Consultant at NuArx
This is Part 5 of The PCI Dream Team Q&A on BrightTALK.
The audience is highly encouraged to ask the team your toughest PCI questions.
This webinar is part of BrightTALK's Privacy Insights Series and National Cyber Security Awareness Month (NCSAM).
With the proliferation of the Internet of Things into every sphere of our lives, it's now more important than ever to understand the security and privacy risks associated with connected devices. With smart home devices, office tools, children's toys, even medical devices being vulnerable to cyber attacks, becoming cyber aware should be a key priority for everyone.
Join privacy and cyber security experts for an interactive panel roundtable discussion on:
- The privacy and security vulnerabilities and risks stemming from IoT devices
- The basic safety measures you can deploy to protect your home and workplace against cyber threats
- Best practices for privacy and security safeguards
- What to do in the event of a breach
- What the future of privacy looks like
- Elena Elkina, Partner at Aleada Consulting
- Parnian Najafi Borazjani, Senior Analyst, FireEye
- Ondrej Krehel, Digital Forensics Lead, CEO & Founder, LIFARS
- John Bambenek, VP Security Research & Intelligence, ThreatSTOP
Audience members are encouraged to send questions to the speakers to be answered during the live session.
Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.
In a dynamic threat environment, forward-thinking organizations have concluded that the goal of total protection is elusive and that a risk-based approach to governance and management of cybersecurity is necessary. That is easier said than done, as the way most information security professionals measure risk today fails to quantify threats in terms the business can understand and use. In this CPE accredited webinar, our panel of experts will discuss:
- Aligning risk and compliance metrics and controls across functional domains.
- Benchmarking existing process for managing the risks identified by stakeholders.
- Creating a transparent 'system of record' and collaborative process life-cycle management system.
- Prioritizing control efforts accordingly.
- Aligning compliance investments with compliance risk ratings and business priorities.
The subscription model is booming --subscription commerce grew more than 100 percent each year between 2011 and 2016, and the growth continues. Savvy companies are reaping the rewards: high recurring revenue that’s predictable paired with a competitive and sustainable business model. The potential ROI for global expansion is wide open, but many who try to take their subscription model global overlook important issues that can make or break success in new markets.
Learn about the best practices to expand your subscription business into new countries including how to manage local payments, get the right partners on board, optimize authorization rates, tackle key challenges in potential markets, mitigate fraud, and more when you join this VB Live event!
Register for free now.
Webinar attendees will learn about:
* The opportunities provided by the explosive subscription model growth around the globe
* How to overcome regional challenges, including local payment methods, regulations, data security, and taxation
* How to identify knowledgeable partners to accelerate your global expansion
* How localized communications throughout the subscription lifecycle boost subscriber retention
* Common fraud issues to anticipate and how to mitigate them
The scope of the 435 pages of the EU’s General Data Protection Regulation (GDPR) is vast and has raised the specter of excessive, unforeseen and unintended compliance consequences for companies around the world. In order to ensure individual privacy in the digital realm, there are numerous enterprise security requirements imposed by these regulations with significant compliance concerns, notification requirements and the potential for excessive penalties for non-compliance. Join Interfocus Technologies and security expert Richard Stiennon from IT-Harvest for an overview of GDPR’s implications on your security practices from a people, process and technology point of view. We will review the requirements for and processes to secure your endpoints, monitor and report on malicious user activity, and identify and trace where personal data resides in your network.
Dark Cubed conducted extensive testing and determined that many IoT “smart home” device manufacturers have failed to implement basic security protections in the design, development, and production of their products such as electrical plugs, light bulbs and security cameras.
Join CEO Vince Crisler for a live webcast as he discusses:
· The creation and operation of the closed testing environment to simulate smart devices in a real-world home
· The integration of Dark Cubed’s platform to capture and examine traffic patterns and message contents between each device, its back-end infrastructure and its Android app
Achieving and maintaining GDPR compliance is a complex and expensive initiative for companies of all sizes, across all geographies and industries, and tech giants have already been sued for violating the terms, while major newspapers have been forced to restrict EU access to their websites for fear of noncompliance.
In June 2018, Dimensional Research on behalf of TrustArc surveyed 600 legal, information technology and privacy professionals, and found that 20% of companies surveyed believe they now are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. Now three months after deadline, it's clear that there is a lot work yet to be done in order for all companies to achieve full GDPR compliance.
In this CPE accredited webinar, our panel of experts will discuss the main issues and attendees will learn:
- The latest techniques to protect data and remediate breaches.
- How GDPR can support your corporate values and drive business value for customers and partners.
- What your organization needs to uncover data risks and avoid fines.
- How technology can enable continuous monitoring, maintenance, and demonstration of GDPR compliance, in an ongoing and efficient manner.
Security professionals accept the paradigm of “more protection equals more false positives (FPs)” as a fact of life. The tighter they make the “screws” of the security policies in their DLP, Web or Email Gateways, UEBA, application control/whitelisting and AV tools, the higher the likelihood something benign is misclassified as malicious. That’s why it is not uncommon to see false positive rates exceed 5% using the most aggressive settings.
What if we were thinking about this wrong? Can we break this correlation between more security and more FPs?
During this webinar we will briefly review the definition of false positives, false negatives, true positives and true negatives, as well as the history of “more protection = more FPs” paradigm. Then we will turn the paradigm on its head and discuss how more protection can actually mean fewer FPs.
About the Speaker
Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
Data protection laws such as the General Data Protection Regulation (GDPR) are complex, and can impact a broad range of business roles, including legal, audit, HR and finance, not just IT. In achieving GDPR compliance, organizations should focus on getting these roles to work together in ongoing efforts to ensure governance, risk and compliance (GRC) across an organization, and not be distracted by the noise in the marketplace. Through the process of integrating GRC practices real value can be achieved, as long as all stakeholders work with one another and take practical, measured steps toward integration. Join our panel of experts on this CPE accredited webinar to learn how your organization can achieve this.
- Find out how to align risk management with enterprise performance management under the GDPR.
- Learn how to work with stakeholders to effectively integrate compliance activities, and gain transparency, efficiency and agility for process operations.
- Discover how to identify and manage the digital risks that matter, and which risk functions need to transform.
As organizations rely on third parties to grow and thrive, they’re exposed to major cybersecurity risks. Mitigating this risk means confronting the potential security vulnerabilities that are present in your third party network, but traditional vendor risk management (VRM) methods are no match for modern threats. According to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.
Join our panel of experts on this CPE accredited webinar to learn how your organization can create a VRM program that’s ready and able to stand up to today's third party threat landscape.
• Find out how to gain executive leadership buy-in for your VRM program.
• Learn how to perform quantifiable vendor security analyses.
• Discover how to leverage Automation to Scale your VRM program.
Small businesses face great threats from cyber attackers every day, and do so with a fraction of the resources that mid-sized companies and large corporations have at their disposal. A small business’s network, its customer data, and its intellectual property is just as critical to its operation as a firm 100 times its size, but it lacks the skills, the processes and the technology to keep pace with ever-present cyber threats and defend itself. Join us for this session where Dark3 experts will outline how small businesses can protect themselves effectively by taking advantage of the confluence of cloud-based technologies, scalable automation and enterprise-grade cybersecurity expertise.