Hi [[ session.user.profile.firstName ]]

Governance, Risk, and Compliance

  • Date
  • Rating
  • Views
  • Privacy & Security in the Age of IoT
    Privacy & Security in the Age of IoT Elena Elkina (Aleada Consulting ) | Parnian Najafi Borazjani (FireEye) | Ondrej Krehel (LIFARS) | John Bambenek (ThreatSTOP) Recorded: Oct 2 2018 61 mins
    This webinar is part of BrightTALK's Privacy Insights Series and National Cyber Security Awareness Month (NCSAM).

    With the proliferation of the Internet of Things into every sphere of our lives, it's now more important than ever to understand the security and privacy risks associated with connected devices. With smart home devices, office tools, children's toys, even medical devices being vulnerable to cyber attacks, becoming cyber aware should be a key priority for everyone.

    Join privacy and cyber security experts for an interactive panel roundtable discussion on:
    - The privacy and security vulnerabilities and risks stemming from IoT devices
    - The basic safety measures you can deploy to protect your home and workplace against cyber threats
    - Best practices for privacy and security safeguards
    - What to do in the event of a breach
    - What the future of privacy looks like

    Speakers:
    - Elena Elkina, Partner at Aleada Consulting
    - Parnian Najafi Borazjani, Senior Analyst, FireEye
    - Ondrej Krehel, Digital Forensics Lead, CEO & Founder, LIFARS
    - John Bambenek, VP Security Research & Intelligence, ThreatSTOP

    Audience members are encouraged to send questions to the speakers to be answered during the live session.
  • [Earn 1 CPE] Compliance vs Risk: Aligning Priorities & Prioritizing Threats
    [Earn 1 CPE] Compliance vs Risk: Aligning Priorities & Prioritizing Threats Colin Whittaker, Moderator. Stephen Boyer, CTO at BitSight; Marc French, SVP at Mimecast; Scott Petry, CEO at Authentic8. Recorded: Sep 27 2018 62 mins
    Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.

    In a dynamic threat environment, forward-thinking organizations have concluded that the goal of total protection is elusive and that a risk-based approach to governance and management of cybersecurity is necessary. That is easier said than done, as the way most information security professionals measure risk today fails to quantify threats in terms the business can understand and use. In this CPE accredited webinar, our panel of experts will discuss:

    - Aligning risk and compliance metrics and controls across functional domains.
    - Benchmarking existing process for managing the risks identified by stakeholders.
    - Creating a transparent 'system of record' and collaborative process life-cycle management system.
    - Prioritizing control efforts accordingly.
    - Aligning compliance investments with compliance risk ratings and business priorities.
  • How to cross new frontiers with your subscription business
    How to cross new frontiers with your subscription business Patrick Unnold, VP Customer, Recurly and Luke Salinas, SVP Strategy, Adyen Recorded: Sep 12 2018 60 mins
    The subscription model is booming --subscription commerce grew more than 100 percent each year between 2011 and 2016, and the growth continues. Savvy companies are reaping the rewards: high recurring revenue that’s predictable paired with a competitive and sustainable business model. The potential ROI for global expansion is wide open, but many who try to take their subscription model global overlook important issues that can make or break success in new markets.

    Learn about the best practices to expand your subscription business into new countries including how to manage local payments, get the right partners on board, optimize authorization rates, tackle key challenges in potential markets, mitigate fraud, and more when you join this VB Live event!

    Register for free now.

    Webinar attendees will learn about:
    * The opportunities provided by the explosive subscription model growth around the globe
    * How to overcome regional challenges, including local payment methods, regulations, data security, and taxation
    * How to identify knowledgeable partners to accelerate your global expansion
    * How localized communications throughout the subscription lifecycle boost subscriber retention
    * Common fraud issues to anticipate and how to mitigate them

    Speakers:
    * Patrick Unnold, VP Customer, Recurly
    * Luke Salinas, SVP Strategy, Adyen
    * Lily Varon, Analyst, Forrester
    * Rachael Brownell, Moderator, VentureBeat

    Sponsored by: Recurly and Adyen
  • What Your Security Team Needs to Know about GDPR
    What Your Security Team Needs to Know about GDPR Richard Stiennon from IT-Harvest & Interfocus Technologies Recorded: Sep 12 2018 41 mins
    The scope of the 435 pages of the EU’s General Data Protection Regulation (GDPR) is vast and has raised the specter of excessive, unforeseen and unintended compliance consequences for companies around the world. In order to ensure individual privacy in the digital realm, there are numerous enterprise security requirements imposed by these regulations with significant compliance concerns, notification requirements and the potential for excessive penalties for non-compliance. Join Interfocus Technologies and security expert Richard Stiennon from IT-Harvest for an overview of GDPR’s implications on your security practices from a people, process and technology point of view. We will review the requirements for and processes to secure your endpoints, monitor and report on malicious user activity, and identify and trace where personal data resides in your network.
  • A Deep Dive into the 2018 State of IoT Security Report
    A Deep Dive into the 2018 State of IoT Security Report Vince Crisler, CEO of Dark Cubed Recorded: Sep 12 2018 33 mins
    Dark Cubed conducted extensive testing and determined that many IoT “smart home” device manufacturers have failed to implement basic security protections in the design, development, and production of their products such as electrical plugs, light bulbs and security cameras.

    Join CEO Vince Crisler for a live webcast as he discusses:

    · The creation and operation of the closed testing environment to simulate smart devices in a real-world home

    · The integration of Dark Cubed’s platform to capture and examine traffic patterns and message contents between each device, its back-end infrastructure and its Android app

    · Detailed port communications profiles, Nmap scan findings, infrastructure port reviews, man-in-the-middle assessments, Android app permissions and profiles, and privacy policy reviews for these light bulbs, cameras, and electrical outlets

    Learn more here: www.thestateofiotsecurity.com
  • GDPR 101: Monitoring & Maintaining Compliance After the Deadline
    GDPR 101: Monitoring & Maintaining Compliance After the Deadline Dr. Branden Williams, Union Bank; Janalyn Schreiber, TrustArc; Eugene Tyrrell, Online; Chris DePippo, DXC; Tim White, Qualys Recorded: Aug 28 2018 77 mins
    Achieving and maintaining GDPR compliance is a complex and expensive initiative for companies of all sizes, across all geographies and industries, and tech giants have already been sued for violating the terms, while major newspapers have been forced to restrict EU access to their websites for fear of noncompliance.

    In June 2018, Dimensional Research on behalf of TrustArc surveyed 600 legal, information technology and privacy professionals, and found that 20% of companies surveyed believe they now are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. Now three months after deadline, it's clear that there is a lot work yet to be done in order for all companies to achieve full GDPR compliance.

    In this CPE accredited webinar, our panel of experts will discuss the main issues and attendees will learn:

    - The latest techniques to protect data and remediate breaches.
    - How GDPR can support your corporate values and drive business value for customers and partners.
    - What your organization needs to uncover data risks and avoid fines.
    - How technology can enable continuous monitoring, maintenance, and demonstration of GDPR compliance, in an ongoing and efficient manner.
  • Should More Protection Really Equal More False Positives?
    Should More Protection Really Equal More False Positives? Nir Gaist, Founder & CTO, Nyotron Recorded: Aug 15 2018 30 mins
    Security professionals accept the paradigm of “more protection equals more false positives (FPs)” as a fact of life. The tighter they make the “screws” of the security policies in their DLP, Web or Email Gateways, UEBA, application control/whitelisting and AV tools, the higher the likelihood something benign is misclassified as malicious. That’s why it is not uncommon to see false positive rates exceed 5% using the most aggressive settings.

    What if we were thinking about this wrong? Can we break this correlation between more security and more FPs?

    During this webinar we will briefly review the definition of false positives, false negatives, true positives and true negatives, as well as the history of “more protection = more FPs” paradigm. Then we will turn the paradigm on its head and discuss how more protection can actually mean fewer FPs.


    About the Speaker
    Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
  • [Earn 1 CPE] Post-GDPR: Key Steps to GRC Integration
    [Earn 1 CPE] Post-GDPR: Key Steps to GRC Integration Moderator: Colin Whitaker. Panel: Sooji Seo, RSA; Quin Rodriguez, Riskonnect; Gabriel Gumbs, STEALTHbits; Tim Hill, Centrify Recorded: Jul 26 2018 76 mins
    Data protection laws such as the General Data Protection Regulation (GDPR) are complex, and can impact a broad range of business roles, including legal, audit, HR and finance, not just IT. In achieving GDPR compliance, organizations should focus on getting these roles to work together in ongoing efforts to ensure governance, risk and compliance (GRC) across an organization, and not be distracted by the noise in the marketplace. Through the process of integrating GRC practices real value can be achieved, as long as all stakeholders work with one another and take practical, measured steps toward integration. Join our panel of experts on this CPE accredited webinar to learn how your organization can achieve this.

    Learning Objectives

    - Find out how to align risk management with enterprise performance management under the GDPR.
    - Learn how to work with stakeholders to effectively integrate compliance activities, and gain transparency, efficiency and agility for process operations.
    - Discover how to identify and manage the digital risks that matter, and which risk functions need to transform.
  • [Earn 1 CPE] Practical Steps to Scale Your Vendor Risk Management Program
    [Earn 1 CPE] Practical Steps to Scale Your Vendor Risk Management Program Rebecca Herold. Panel: Jake Olcott, BitSight; Todd Boehler, ProcessUnity; Matt Kunkel, LogicGate; Scott Schneider, CyberGRX. Recorded: Jun 26 2018 76 mins
    As organizations rely on third parties to grow and thrive, they’re exposed to major cybersecurity risks. Mitigating this risk means confronting the potential security vulnerabilities that are present in your third party network, but traditional vendor risk management (VRM) methods are no match for modern threats. According to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

    Join our panel of experts on this CPE accredited webinar to learn how your organization can create a VRM program that’s ready and able to stand up to today's third party threat landscape.

    Learning objectives:

    • Find out how to gain executive leadership buy-in for your VRM program.
    • Learn how to perform quantifiable vendor security analyses.
    • Discover how to leverage Automation to Scale your VRM program.
  • Small Business/Big Risk: Cybersecurity for All!
    Small Business/Big Risk: Cybersecurity for All! Vince Crisler, CEO and Co-Founder, Dark3 Recorded: Jun 12 2018 41 mins
    Small businesses face great threats from cyber attackers every day, and do so with a fraction of the resources that mid-sized companies and large corporations have at their disposal. A small business’s network, its customer data, and its intellectual property is just as critical to its operation as a firm 100 times its size, but it lacks the skills, the processes and the technology to keep pace with ever-present cyber threats and defend itself. Join us for this session where Dark3 experts will outline how small businesses can protect themselves effectively by taking advantage of the confluence of cloud-based technologies, scalable automation and enterprise-grade cybersecurity expertise.

Embed in website or blog