Executive IT Forums

Channel profile:

Empowering the GRC Community

The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.

Subscribers (6,131)
The New Data De-identification: Enabling Business Agility while Protecting Data *On this webcast we're giving away a pass to our partner event: the Chicago Cyber Incident Response Summit, between June 21-23, 2014*

Let’s face it, there’s unrelenting pressure on IT to enable competitive advantage through new technology and use of data assets‒-but the business is driving initiatives that can push sensitive production data into more and more exposed areas. The key question is ‘How can you enable the business to be agile AND take a more proactive, programmatic approach to security at the same time?’ With the advanced threats that are pervasive today, it’s becoming increasingly dangerous for organizations to deploy new technologies and processes, and then reactively address the implications for data security in the ecosystem. You need a blueprint to reverse this trend in your organization.

In this webinar, William Stewart, Senior Vice President of Booz Allen Hamilton and Jeff Lunglhofer, Principal of Booz Allen Hamilton–a leading management technology and consulting firm driving strategic innovation for clients–will discuss the top trends in cyber threat mitigation, data privacy, data governance, and data security, with Mark Bower, VP Product Management and Solutions Architecture at Voltage Security.

Attend this webinar to learn more about how to:
•Increase responsiveness and security in your IT environment and architecture
•Fight pervasive threats from inside and outside attack with data-centric technologies
•Raise your organization’s overall data privacy, compliance, and security profile
•Implement a new data de-identification framework across production, test & dev, and analytics use cases
•Proactively enable critical business initiatives
--Can't attend live? Register below to receive a link to the recorded webcast.
Read more >
Apr 23 2014 5:00 pm
UTC
75 mins
Attend

Webinars and videos

  • Live and recorded (31)
  • Upcoming (5)
  • Date
  • Rating
  • Views
  • *On this webcast we're giving away a non-transferable guest pass to the IQPC 2nd Annual Cyber Security for Oil and Gas Summit, being held in Houston, Texas between June 16 - 18, 2014.

    In December 2013, US retailer Target suffered a high profile data breach at the hands of a cybercriminal group, who infected its point-of-sale (PoS) terminals with malware to steal the details of around 110 million customers. Marcus Group's systems were also compromised recently and crooks made off with customer card details, while several other merchants are reported to be preparing to go public with their own breaches.

    Data breaches are nothing new and have been around for quite some time; however, we are seeing a significant increase in incidents and 2013 was the worst year in terms of data breaches recorded to date. According to the Online Trust Alliance over 740 million records were exposed in 2013, and they determined that 89% of all breach incidents were avoidable had basic security controls and best practices been enforced. Join us as we discuss some key lessons learned from the recent breaches and:

    - Discuss how malware aimed at retailers is evolving on a daily basis
    - Analyze the tools and methodology employed hackers to bypass security
    - Address steps retailers and banking institutions should take to secure their networks
    - Provide procedural and technical steps for securing third party code
    - Discuss how to develop an effective Data Incident (DIP) Plan, including a communication strategy
  • * On this webcast you can win a pass to the GRC Summit in Boston!

    Providing services and features to website visitors often requires deploying many third party service providers for analytics, marketing, payment processing, and data management. Managing risk from these third parties is vitally important in a landscape filled with new threats and regulations. The nature of these relationships requires that information be shared, and risk accrues whenever sensitive information is shared with or processed by third parties.

    During this webcast our panel will specifically address the practical 'how to's' around managing website data to reduce corporate risk, and we'll look at some cost effective third party due diligence solutions.
  • The official release of PCI DSS v3.0 is here, now what?

    Voltage Security have invited a PCI DSS QSA to assist you with your PCI challenges by providing recommendations on how to execute a seamless upgrade from PCI DSS version 2.0 to 3.0. Find out why it's no longer acceptable to strive for compliance over real-time security. And learn how the new standard brings a whole new meaning to 'business as usual'.

    Learn about these important changes and how they affect your business:

    - PCI DSS 3.0 – Business as Usual
    - PCI DSS 3.0 – Template Changes
    - PCI DSS 3.0 – Scope
    - PCI DSS 3.0 – Phase-in Requirements
    - PCI DSS 3.0 – New Reporting Template

    Find out why the new standard can help you make PCI DSS part of your business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
  • New initiatives such as cloud computing are imposing significant security risks on the corporation, network, IT and the day to day activities of the business. How do businesses maintain compliance, control and ownership of sensitive data as they move from the physical environment to a cloud world? The distribution of data onto devices may not be completely controlled by the data owner, and there is liability confusion as cloud service providers take on a larger role. As a result CIOs are looking at technologies and strategies to assure security while delivering the required services.

    Fortunately, this model of enterprise computing doesn't have to be the high-risk proposition some IT professionals fear. By rethinking of security as an enabler instead of an obstacle for cloud adoption, you can easily protect data, mitigate the risks and achieve compliance across public and private cloud environments while maximizing the business potential of the cloud. During this webcast we will discuss ways to achieve compliance across cloud environments, and address considerations that will help you assure data protection, and empower workers to new levels of productivity while maintaining information governance and managing risk.
  • Organizations outsourcing card data to the cloud face significant security risks. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for the PCI Data Security Standard (PCI DSS). And as soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI DSS becomes increasingly challenging.

    In this new environment cloud users and cloud service providers need to clearly understand what their roles and responsibilities are when it comes to protecting this data. Organizations need to know where their data is at all times yet they have limited or no control over cardholder data storage. These are all things that you have to take into consideration when you're thinking about outsourcing to a cloud provider. In this webcast our panel will address ways to navigate the main PCI security challenges in the cloud, and attendees will gain insights on:

    - Emerging PCI security risks in the cloud
    - Processes for assessing risk when card data could potentially be stored in multiple locations
    - Recommendations for achieving PCI compliance across virtual environments
    - How to use a data-centric approach to maintain PCI scope management
  • **At the end of the session we're giving away a $2,950 guest pass to the Cyber Security & Digital Forensics Exchange (http://www.cyber-securityexchange.com). The pass is for the entire 3 day event, and includes meals and two night hotel accommodation. The winner will be chosen at random. To be entered into the draw you must attend this live webcast.**

    Today’s corporate leaders face multiple challenges, including the need to innovate in extremely competitive business climates, address highly dynamic regulatory and compliance challenges, and secure the enterprise against a wide barrage of new and evolving sophisticated threats. Security is a major consideration in the way that business and information technology systems are designed, built, operated, and managed. Organizations often take a bottoms-up approach to security and continually build on top of their existing security investments. This technology-centric approach often creates an excessively complex and disjointed security infrastructure that is difficult to manage and prone to operational inefficiencies which can escalate IT costs.

    The need to be able to integrate security with business functions and operations exists more than ever. A Business-Driven approach can achieve end-to-end security that supports business goals such as driving innovation and reducing organizational costs, as well as operational requirements to address compliance measures, protect against internal and external threats, and prioritize the security risk management activities that make the most sense for their organization. In this webcast presentation we will address how to implement a solid Business-Driven security strategy within your organization.
  • **At the end of the session we're giving away a $2,950 guest pass of to the Cyber Security & Digital Forensics Exchange (http://www.cyber-securityexchange.com). The pass is for the entire 3 day event, and includes meals and two night hotel accommodation. The winner will be chosen at random. To be entered into the draw you must attend this live webcast.**

    Big Data is a trend that has engulfed today's IT industry and one that organizations are struggling to manage. Today’s expanded IT infrastructure, including Social, Mobile and Cloud Computing, is collecting more data, including sensitive data, and now significant security risks are being compounded as the data is being concentrated in large data “lakes” such as Hadoop. As a result CIOs are looking at upgrades, new technologies and new strategies to assure security while delivering the required services.

    Fortunately, this model of enterprise computing doesn’t have to be the high-risk proposition some IT professionals fear. By rethinking security to meet expanded requirements, you can mitigate the risks that may arise and take full advantage of Big Data benefits. During this webcast we will discuss ways to create a strong strategy to protect sensitive corporate and customer data in Hadoop, and help you assure security in the cloud and empower workers to new levels of productivity while maintaining information governance and managing risk.
  • **At the end of the session we're giving away a $2,950 guest pass of to the Cyber Security & Digital Forensics Exchange (http://www.cyber-securityexchange.com). The pass is for the entire 3 day event, and includes meals and two night hotel accommodation. The winner will be chosen at random. To be entered into the draw you must attend this live webcast.**

    Big Data is a trend that has engulfed today's IT industry and one that organizations are struggling to manage. The size of the digital universe this year will be tenfold what it was just five years earlier. Therefore, organizations must find smarter data management approaches that enable them to effectively corral and optimize their data.

    Fortunately, this model of enterprise computing doesn't have to be the high-risk proposition some IT professionals fear. Enterprises willing to create automated processes to identify and value business data can take control of information governance before the big-data onslaught swamps them. As a result, they can meet key corporate objectives, such as lowering costs, lowering risk and making better business decisions. By rethinking security to meet expanded requirements, you can ensure compliance in the big data world.
  • Organizations outsourcing card data to the cloud face significant security risks. As soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI Data Security Standard becomes increasingly challenging. Cloud users and cloud service providers need to understand what their roles and responsibilities are when it comes to protecting this data. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for PCI-DSS.

    Organizations need to know where their data is at all times. A lot of cloud clients have limited or no control over cardholder data storage. Organizations should be concerned about collecting and correlating access logs and other information from cloud vendors to ensure they are maintaining security compliance. Where's the data being stored? Is it stored in multiple locations? These are all things that you have to take into consideration when you're thinking about outsourcing to a cloud provider. Join this webcast as we address the compliance challanges in the cloud, and gain new insights on:

    - Emerging PCI security risks in the cloud
    - Understand the role of cloud entities
    - Processes for assessing risk when card data could potentially be stored in multiple locations
    - Structuring planning controls to deal with PCI DSS changes
    - Recommendations for achieving PCI compliance across virtual environments
  • ON THIS SESSION WE'RE HOLDING A PRIZE DRAW AND TWO LUCKY ATTENDEES WILL WIN A GUEST PASS TO THE BOSTON GRC SUMMIT IN APRIL.

    Organizations are suffering from volatility across all risk types, and need to re-think their enterprise risk strategy. In a landscape filled with new threats and new regulations, risk management has never been more critical to senior leaders in all sectors, and gaining a complete view of an organization's risk exposure is increasing in complexity.

    A well defined risk management program cannot achieve high maturity scores without integrating risk management systems across divided organisational units. Organizations must thoroughly understand the true value at risk and ensure their compliance mandates are not geographically siloed. At the heart of this strategy is the need for a single consistent view of the data. It is a necessity for organizations to build a new generation of integrated risk solutions and applications that exploit this single view of the truth discretely and holistically, driving towards maximum synergy within the enterprise.

    Join our panel as they discuss a new generation of risk technologies which use a holistic approach to data management and achieve functional competence. We will explain the most effective way to manage risk across the enterprise, how to get the attention of executives to make sure that enough attention is being paid to the risk, and how to achieve enormous economies of scale while simultaneously meeting the demanding landscape of regulatory change.

Embed in website or blog