Hi [[ session.user.profile.firstName ]]

Audit and Compliance

  • Not All Background Checks Are Created Equal
    Not All Background Checks Are Created Equal
    Nathan Rowe, Chief Technology Officer & Co-Founder , Evident Recorded: Nov 14 2018 43 mins
    "Why Background Checks Should Be a Part of Your IT Security Program"

    The term “background check” is not particularly well-defined –– it can mean many different things to different companies, and can also vary from type to type (and from vendor to vendor), but ultimately, having the right background checks in place can help organizations avoid serious IT and cyber security issues.

    Those who have never purchased background checks can be understandably confused and overwhelmed by the broad range of options, when selecting the right check can be as simple as evaluating them based on a few key factors: cost, scope, diligence, and regulatory compliance.

    Determining the best checks for your specific business needs can be a challenging undertaking. Some companies require background checks that are more comprehensive, while others may opt for checks that are less detailed and less costly.

    In this webinar, we’ll discuss the most common background checks available today, how they support a comprehensive IT cyber security program, and their applications in several different use cases, ranging from small businesses to enterprise-level organizations.

    Key takeaways:
    - Complete summary of all primary background check types
    - How background checks support a comprehensive (and compliant) cyber security program
    - Examples of which background checks work for specific company and industry use cases
    - Learn how automating background checks can minimize friction and reduce liability
  • How to turn customer experience into customer trust
    How to turn customer experience into customer trust
    Louise Thorpe, Chief Privacy Officer, American Express Recorded: Nov 13 2018 62 mins
    Forrester found that only 11 percent of companies are able to deliver a customer experience (CX) that sets them apart from their competition. Without a CX that elevates the brand, companies are at risk of being left behind while customers choose to spend their purchase dollars or business investments elsewhere.

    There are four key ways to ensure that your CX is flawless and your market share keeps growing. It starts from the inside out, with a unified vision of CX; a strategy to solve problems fast while offering self-help; continuous, ongoing iteration and improvement of best practices, and a consistent, personalized experience in every way.

    To learn more about why CX has to be the core of your company and how to launch the strategy that ensures your company maintains competitive advantage, don’t miss this VB Live event!

    Register here for free.

    Webinar attendees will learn:
    * How to build trust with increasingly savvy consumers
    * Why brand reputation is your most important calling card -- and how to protect it
    * The key qualities customers look for in a trusted brand
    * The secrets of the modern customer-focused organization

    Speakers:
    * Louise Thorpe, Chief Privacy Officer, American Express
    * Andrew Leede, Product Owner, Blinker
    * Ting Ting Luo, Senior Product Marketing Manager, Docusign
    * Stewart Rogers, Analyst-at-Large, VentureBeat
    * Rachael Brownell, Moderator, VentureBeat

    Sponsored by Docusign
  • Risk is a Board Game - Navigating Board Conversations on Cybersecurity Risk
    Risk is a Board Game - Navigating Board Conversations on Cybersecurity Risk
    Ed Amoroso and John Dasher Recorded: Nov 13 2018 61 mins
    You’ve gotten what you wished for. Cybersecurity and cyber risk are now board-level issues. Whatever barriers that once existed between business and security have disappeared, and your board is expecting a meaningful conversation on the topic. After all, board members can be held personally liable for business disruptions caused by security issues. Depending on how often these conversations occur, it’s probably safe to assume that the board has a) forgotten what you told them in the last meeting, and, b) wishes you framed your reporting in more of a business context, especially if they don’t have an IT or security background.

    In this webinar, we’ll be chatting with Ed Amoroso, former CISO for AT&T and founder and CEO of TAG Cyber. Ed’s extensive experience interacting with board members and recent publications on the topic will serve as the backdrop for walking through a few of his favorite questions that board members should be asking you about cybersecurity risk, and how you can go about providing answers that matter.
  • Re:Call from TeleWare at Microsoft Future Decoded 2018
    Re:Call from TeleWare at Microsoft Future Decoded 2018
    Mark Elwood - Marketing Director, TeleWare Recorded: Nov 12 2018 2 mins
    Check out our highlights video from Future Decoded 2018 to see what we got up to (you might have even made the final cut!).
  • Getting Off the Threat & Vulnerability Management Treadmill
    Getting Off the Threat & Vulnerability Management Treadmill
    John Dasher Recorded: Nov 9 2018 22 mins
    Organizations “know” what they need to do. They scan, find piles of vulnerabilities, then rush to patch. But low and behold, they aren't sure that their patching efforts are improving their security posture, and with patch tickets accumulating at an alarming rate, they fall further and further behind. Why? What’s wrong?

    Unfortunately, Security and IT teams often find themselves in this unenviable position. The good news is that there’s a movement afoot that can rescue them. In this session you will learn how a risk-based approach to vulnerability management reduces vulnerability fatigue while improving workflow efficiency and personnel productivity in a truly measurable way.
  • Curing the PCI DSS Headache for Contact Centers with Sutter Health and Genesys
    Curing the PCI DSS Headache for Contact Centers with Sutter Health and Genesys
    Alicia Gee, Dir., Unified Communications & Steve Chambers, GM,VP PAS, Sutter Health; Alan Watson, Head of Presales, Semafone Recorded: Nov 8 2018 42 mins
    Healthcare call and contact centers face some tough challenges when it comes to data security. In fact, healthcare data breaches are reported at a rate of more than one per day in the US alone, exposing patients’ personally identifiable information (PII)—from medical records to payment card data and beyond—to the wrong people.

    Earlier this year, IBM published their 2018 Cost of a Data Breach Report, which stated that, for the 8th year in a row, healthcare organizations had the highest costs associated with data breaches—$408 per lost or stolen record. That’s nearly three times higher than the cross-industry average of $148.

    These challenges are not unique to the healthcare sector. All call and contact centers face similar obstacles and need to consider if their Payment Card Industry Data Security Standard (PCI DSS) compliance strategy is sound.

    Join Genesys, Semafone and Sutter Physician Services (SPS) in this webinar to learn how SPS:

    • Overcame IVR frustration, improved customer service and reduced abandoned call rates
    • Increased customer data security—no need to verbalize card data
    • De-scoped for PCI DSS

    Reserve your space now.
  • Beyond Bug Bounty in Financial Services
    Beyond Bug Bounty in Financial Services
    Karl Schimmeck, Morgan Stanley; Jay Kaplan, Synack; Mikhail Sosonkin, Synack Red Team; Sean Sposito, Javelin Strategies Recorded: Nov 7 2018 60 mins
    Penetration testing is not a new concept – and that’s the problem, especially for financial institutions working to protect their financial assets and customer data in a modern, digital economy.

    Banks, credit card companies, digital currency exchanges, and other financial institutions from the Fortune 500 to early stage companies are turning to crowdsourced security to get beyond penetration testing and achieve both real security and compliance.

    Karl Schimmeck, Executive Director, Global Head of Vulnerability Management at Morgan Stanley, recently took the stage with Jay Kaplan, CEO & Co-Founder of Synack, and Mikhail Sosonkin, Synack Red Team member, at leading payments conference Money20/20 to talk about how the industry is conducting more aggressive security testing in a controlled, efficient, results-oriented way.
  • GRC and IT Security Series: Addressing GDPR Security Provisions
    GRC and IT Security Series: Addressing GDPR Security Provisions
    Paul Schoeny, VP Cybersecurity, BAP Recorded: Nov 7 2018 26 mins
    Join the GRC & IT Webinar Series for byte-sized sessions aimed at making federal regulations understandable and actionable. The European Union’s General Data Protection Regulation (GDPR) has been active for several months. Organizations find themselves building or refining a repeatable and scalable infrastructure to manage GDPR security controls. Join us to learn:
    -GDPR’s impact on Security, Data Protection and Compliance Programs
    -Key importance of continuous monitoring to demonstrate ROPA and to reduce risk of fines
    -The steps for implementing and maintaining GDPR within your organization
    -How to align active threats with GDPR standards to know real-time if your organization is secure
    -Understand how continuous monitoring of GDPR control health can eradicate fines and failing GDPR assessment reports.
    -How to align the security objectives with NIST 800-53 security controls and map them to events, giving you complete accountable security.
  • Regulating financial benchmarks for European transactions
    Regulating financial benchmarks for European transactions
    Jeremy Jennings-Mares, partner and Peter Green, senior of counsel, Morrison & Foerster, John Crabb, IFLR Recorded: Nov 7 2018 64 mins
    The EU Benchmark Regulation came into force in June 2016 and most of its provisions came into effect at the start of 2018. It establishes a new regime for the authorisation and supervision of administrators (including non-EU administrators) of financial benchmarks that are used in the EU. We will consider the likely impact of the Regulation in the EU financial markets and look in detail at certain issues raised by market participants including:
    · Timetable for benchmark administrators to be authorised under the regulation and the extent to which administrators of pre-existing benchmarks can rely on 'grandfathering' relief up until 2020.
    · What indices are within the scope of the Regulation and when will an index be regarded as 'available to the public'?
    · What is meant by 'use' of a benchmark in the EU?
    · Are there any regulatory obligations on entities that contribute benchmark data?
    · What is the impact of Brexit on UK benchmark administrators?
  • Security & Democracy: Collaborating on Election Security
    Security & Democracy: Collaborating on Election Security
    Chris Krebs and tech leaders Synack, Microsoft, and Cloudflare Recorded: Nov 6 2018 55 mins
    Under Secretary for the Department of Homeland Security’s National Protection and Programs Directorate (NPPD) Chris Krebs and tech leaders Synack, Microsoft, and Cloudflare came together in Washington D.C. today through a “Security and Democracy” event convened by TheBridge. This event brought together private companies who are driving election security initiatives with the Department of Homeland Security to discuss the election threat landscape, the progress of public-private collaboration efforts to secure the election process, and the future outlook on local elections and election security.
  • Configuration Risk
    Configuration Risk
    Sam Abadir Recorded: Nov 6 2018 33 mins
    We talk a lot about risk management as part of an overall GRC security strategy, but today we'll focus on one specific area: configuration risk. Of all the types of security risks companies face, configuration risk is one of the most prevalent; it touches all company assets and affects all parts of the business, however, managing these risks is often deprioritized or overlooked. There are three main challenges organizations face when evaluating and managing misconfigurations: how to obtain a holistic and accurate view of company assets, how much risk does each misconfiguration pose to the company, and how to communicate these risks to other parts of the business for remediation escalation. Today’s 20/20 webcast explores these challenges in-depth and discusses how organizations can leverage existing GRC security strategies to address and reduce configuration risk.
  • Innovation Through Digital Transformation
    Innovation Through Digital Transformation
    Dave Welch, Christine McMonigal, Oliver Linder, Jay Hibbin Recorded: Nov 6 2018 51 mins
    Join this live panel discussion with experts at VMworld Europe for up-to-date trends on what's disrupting the market and how to take your business to the next level.

    Tune into this interactive Q&A session with world renowned IT and business leaders while they discuss the following:

    - How to declutter and take on today's most pressing IT priorities
    - The latest technologies, methodologies and best practices for IT leaders
    - How to ensure your organization is primed for 21st century trends from both a business and tech perspective

    This live panel will be streamed directly from VMworld Europe! Join us for live Q&A from the comfort of your desk.

    Panellists
    Dave Welch, CTO, House of Brick Technologies
    Oliver Lindner, Head of Business Line DCIM, FNT Software
    Jay Hibbin, Sales Director, Financial Services, CenturyLink EMEA
    Christine McMonigal, Director of Hyperconverged Marketing, Intel Corporation
  • Offensive Security Testing for SAP HANA and Fiori Apps; why you are at risk ...
    Offensive Security Testing for SAP HANA and Fiori Apps; why you are at risk ...
    Ron Peeters, Synack; Uemit Uezdurmus; SAP; Holger Stumm, CEO of LOG2 Recorded: Nov 6 2018 59 mins
    SAP HANA environments have complex architectures with large attack surfaces and many potential breach points. They are often exposed and external facing to a large extent i.e. SAP FIORI Apps. Traditional compliance-based pen tests and vulnerability scanning simply aren’t able to mimic sophisticated cyber attacks in order to find and fix exploitable vulnerabilities. This puts your organization at great risk of being compromised, data breaches and GDPR violations. So what are the options?

    Join this session as we outline the need for a smarter security testing solution that is offensive, mimics attacker behaviour, reduces your attack surface, and lowers vulnerabilities against sophisticated attacks. We will cover:

    How a crowd of elite security testers can be deployed rapidly to uncover serious vulnerabilities in your external facing SAP applications
    How a continuous offensive security approach to your SAP landscape is needed in support of modern agile SDLC / DevOps environments

    Presented by:

    – Uemit Uezdurmus, Global Head of SAP Managed Security Services, SAP

    – Holger Stumm, CEO of LOG2, a Germany based specialist in SAP security testing for 30+ years

    – Ron Peeters, Managing Director EMEA of Synack, a Silicon Valley based leader in Offensive Security Testing.
  • Keylight Team Edition Overview
    Keylight Team Edition Overview
    Lockpath Recorded: Nov 5 2018 5 mins
    There’s no question about it, risk and compliance management are complex. Requirements are always changing, there’s always something to review, and some item is inevitably overlooked creating new risks you don’t know about. When it’s time for an audit, it’s anyone’s guess where the information you need is stored, and if it’s the latest version. It requires a lot of time, resources, and effort to make sure responses are accurate.
  • Leveraging AI to automate Regulatory Change
    Leveraging AI to automate Regulatory Change
    Ben Richmond, CEO, CUBE Recorded: Nov 1 2018 30 mins
    This 30-minute webinar explores practical examples of how Artificial Intelligence (AI) and Machine Learning (ML) is leveraged to drive regulatory change strategies based on our experience of bringing together customer best practice and the latest technology.

    What will you learn?

    - The key factors that need to be taken into consideration to build an effective RegChange strategy?
    - How AI and ML drive insight to support a RegChange strategy?
    - How to establishing RegChange as a BAU process

    Find out how RegTech can transform the world of compliance and regulatory change!
  • Roadmap to Smarter Health and Safety Management
    Roadmap to Smarter Health and Safety Management
    Sam Abadir, VP of Industry Solutions, Lockpath Recorded: Nov 1 2018 40 mins
    Safety is job number one in many organizations and employee health is an ongoing concern for firms. Both highlight the vital importance of health and safety management and its impact on operational risk. If workers are injured, are exposed to dangers, or are absent, they can't do their jobs and it impacts margins and goals. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter health and safety, including:

    • Critical capabilities required for health and safety management
    • Strategies for streamlining OSHA compliance and reporting
    • Approaches for increasing accountability
    • Ideas for leveraging data for operational risk management

    Making health and safety management a higher priority at your company is possible. Discover the road to smarter health and safety by attending this educational webinar. Register now!
  • Webinar: Regulatory Change and AI - a customer journey
    Webinar: Regulatory Change and AI - a customer journey
    Ben Richmond, CEO, CUBE Recorded: Nov 1 2018 30 mins
    Join us on a journey to explore a case study of a global financial institution leveraging Artificial Intelligence (AI) to support their regulatory change initiatives and the lessons they learnt along the way.

    This session, hosted by CUBE's Founder & CEO, is designed to help those involved in managing the complex world of regulatory change within financial institutions.
  • Get a “Clue” Regarding Your eDiscovery Process
    Get a “Clue” Regarding Your eDiscovery Process
    Doug Austin, Tom O'Connor, and Mike Quartararo Recorded: Oct 31 2018 69 mins
    As evidenced by some high-profile recent eDiscovery disasters, managing eDiscovery projects is more complex than ever. Not only have the volume and variability of ESI data sources increased dramatically, but there are often more stakeholders in eDiscovery projects today than characters on the board game Clue©. Successful eDiscovery today means not only meeting your obligations, but also making sure that each stakeholder in the process succeeds as well. This CLE-approved* webcast will discuss the various participants in the eDiscovery process, what motivates each of them, and best practices on how to avoid becoming the next high-profile eDiscovery disaster. Topics include:

    + The Process: Managing the Project from Initiation to Close
    + The Phases: Managing the Flow of ESI Before and During the Process
    + The Players: Goals and Objectives of Each eDiscovery Stakeholder
    + Whodunnit?: Lessons Learned from a Large Financial Institution’s Mistakes
    + Whodunnit?: Lessons Learned from a Government Entity’s Mistakes
    + Whodunnit?: Lessons Learned from a Medical Center’s Mistakes
    + Recommendations for Avoiding Your Own Mistakes
    + Resources for More Information

    Presentation Leaders:

    Doug Austin is the VP of Products and Professional Services for CloudNine where he manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing legal technology consulting, technical project management and software development services to numerous commercial and government clients.

    Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems. Tom’s consulting experience is primarily in complex litigation matters.

    Mike Quartararo is the founder and managing director of eDPM Advisory Services. He is also the author of the 2016 book Project Management in Electronic Discovery, the only book to merge project management principles and best practices in electronic discovery.
  • The Path to a Software-Defined Business - Next-Gen Trends and Technologies
    The Path to a Software-Defined Business - Next-Gen Trends and Technologies
    Omar Alassil, Dave Welch, Melinda Safdarzadeh Recorded: Oct 31 2018 62 mins
    With just a few days to VMware’s premier digital infrastructure event, we've gathered some of the elite speakers who will be taking the stage to debate the hottest solutions, trends and the biggest opportunities and challenges for businesses to successfully embrace digital change.

    - Innovation Through Digital Transformation
    - The Future of Data Centres and Cloud in a Virtualized World
    - Securing Your Cloud Networks
    - Next-Gen Trends and Technologies

    Join this session to get a glimpse of the innovations that will accelerate your journey to a software-defined business—from mobile devices to the data center and the cloud!

    This session (and VMworld Europe) is specifically aimed at CTOs, CIOs, heads of IT infrastructure, security specialists and technical experts.

    What will they be talking about at the Fira Gran Via Barcelona, on the 5 – 8 November 2018, what do they want to hear about, what are they looking forward to?

    Moderator: Omar Alassil, Cloud Solution Owner, Nokia

    Panellists;
    Dave Welch, CTO, House of Brick Technologies
    Melinda Safdarzadeh, Senior Business Manager, Hybrid Cloud, Data Center Group at Intel
  • Panel debate:Is Machine Learning and AI ready for mainstream in the data center?
    Panel debate:Is Machine Learning and AI ready for mainstream in the data center?
    Bruce Taylor, Data Center Dynamics, James Cribari, Cisco, John E Miller, IBM, Enzo Greco Nlyte Software Recorded: Oct 30 2018 62 mins
    This webinar will take you through how you can learn the reality and benefits of Machine learning and AI in data centers, from companies with significant and critical data center expertise.

    The presenters will address how AI will drive the performance, availability, resiliency and security demanded of modern digital infrastructure.

    Key issues to be addressed include:

    - Are self-diagnosis and self-healing a reality?
    - How will machine learning and AI optimize workload placement?
    - Will AI-enabled "in-stream" analytics drive the megascale cloud data center?

    Speakers:

    - Bruce Taylor, VP, Data Center Dynamics
    - James Cribari, Global Infrastructure Services Delivery Manager, Cisco
    - John E. Miller, STSM –Sr. Technical Staff Member, Infrastructure Support & Datacenter Services, IBM
    - Enzo Greco, Chief Strategy Officer, Nlyte Software
  • Taming the Security Data Tsunami
    Taming the Security Data Tsunami
    Kristy Zyburo Recorded: Oct 26 2018 20 mins
    Today's security and IT teams are suffocating under an avalanche of security data. The sheer volume of the data, along with its multiple origins in siloed systems all but guarantee that it lacks context, meaning, and is difficult to make actionable.

    Learn how RiskSense harnesses the vulnerability data you have, adds context with threat intel, and incorporates business asset criticality as well as pen test findings to tame your security data tsunami.
  • GRC & IT Series: Using a NIST Based Approach to Align Cyber & Compliance
    GRC & IT Series: Using a NIST Based Approach to Align Cyber & Compliance
    Paul Schoeny, VP Cybersecurity, BAP Recorded: Oct 24 2018 27 mins
    Join the GRC & IT Webinar Series for byte-sized sessions aimed at making federal regulations understandable and actionable.The NIST Cybersecurity Framework is quickly becoming the flagship program for managing cybersecurity risk. However, complying with the security standards can be a complicated process. Join us to take the guesswork out of NIST and learn:

    -To understand the security management provisions found in the NIST Framework
    -How to view the controls set forth in the Framework
    -How to measure your security success
    -To understand your IT risk tolerance
    -What teams should be involved and have responsibility?
  • Data Center Due Diligence:  Assessing Risk in Your Critical Infrastructure
    Data Center Due Diligence: Assessing Risk in Your Critical Infrastructure
    Matt Stansberry, Vice President - North America, Uptime Institute Recorded: Oct 24 2018 42 mins
    Whether you are considering an expansion of existing facilities, consolidation of multiple data center sites, or an acquisition or divestiture of data center assets, this session will cover some key points to mitigate risk, identify the infrastructure and operational health of assets, management and operations, lifecycle considerations, and the overall resiliency of key data center assets.
  • Security in the Cloud: Identity Management, Access Control and Authentication
    Security in the Cloud: Identity Management, Access Control and Authentication
    Emma Bickerstaffe, Senior Research Analyst and Benoit Heynderickx, Principal Analyst, ISF LTD Recorded: Oct 23 2018 44 mins
    Organisations increasingly rely on cloud services, motivated by the benefits of scalability, accessibility, flexibility, business efficiencies and reduced IT costs. However, there are several security implications that organisations need to address, including the challenge of verifying identity and managing access to cloud services.

    Cloud services bring added complexity to identity and access management, exacerbated by the distribution of data across a myriad of applications accessed by users from multiple devices and locations. Failure to adequately implement user authentication and access control in the cloud can be exploited by attackers to gain access to users’ credentials, manipulate systems and compromise data.

    In this webinar, Senior Research Analyst Dr Emma Bickerstaffe and Principal Analyst Benoit Heynderickx will discuss identity management, access control and user authentication in the cloud environment, and consider how organisations can effectively tackle this security concern.
  • Automate the Dreaded Task of Software Asset Management
    Automate the Dreaded Task of Software Asset Management
    Gary Paquette, CTO, Mike Schmitt, Sr Director Product Marketing, Karen Hutton, Sr Director of Marketing, at Nlyte Recorded: Oct 23 2018 31 mins
    Nlyte’s Gary Paquette uncovers how you can automate discovery, management, and reporting with Nlyte Software Optimizer agentless software.

    What you will learn from the webinar:

    - Organic installation and distribution of software
    - Lack of visibility in current and new deployments
    - Matching databases to physical and virtual
    - Reconciliation between required services versus installed
    - Inaccurate systems, too many systems and files
  • Future Proofing GDPR Compliance
    Future Proofing GDPR Compliance
    Nathalie Semmes - KPMG, Mark Thompson - KPMG, Matt Malone - KPMG and Guy Mettrick, Appian Nov 15 2018 2:00 pm UTC 45 mins
    Webinar presented by Appian and KPMG - 15 November 2018 2pm GMT.

    The race to tighten up GDPR compliance is still on. Are you managing GDPR effectively?

    November will mark six months since the General Data Protection Regulations (GDPR) came into effect. Faced with the regulations, numerous institutions have had to modify how they harvest, store and use their customers’ data.

    Having significant experience with regulatory compliance, many financial services and insurance companies are well ahead of the curve with GDPR compliance. However, a number of large organisations have only implemented measures to deal with the minimum requirements.

    In a brand-new live broadcast on 15th November at 2 pm GMT, Nathalie Semmes, KPMG and Guy Mettrick, Appian will discuss handling GDPR compliance and sustainable technological solutions - the right way.

    Key Themes
    ●Achieving alignment across the business
    ●Ensuring integration with existing systems to comply with the requirements
    ●Assuring compliance is demonstrable to regulators
    ●Operationalising GDPR compliance
    ●Security - handling new threats in the digital environment

    Please note that your details will be shared with Appian after you have viewed this webinar.
  • How Effective is Your Internal Audit Function?
    How Effective is Your Internal Audit Function?
    Alec Arons, Ed Williams, CIA, CRMA, Christine Dobrovich, CRMA, and C. Michael Baron, CIA, CISA, CFSA, AMLP of Experis Finance Nov 15 2018 5:00 pm UTC 60 mins
    Experis Finance is pleased to announce the third webinar in our Hot Topics series. Our goal is to provide you with a series of webinars that provide practical insights on topics of interest to internal audit, risk and compliance professionals, audit committees, and board members.

    Our third session covers Internal Audit Function Effectiveness.

    In this webinar, a panel of seasoned Internal Audit practitioners from Experis Finance will share their insights, experiences and recommendations on how Internal Audit functions can assess the effectiveness of their activities. With different drivers and many available possibilities, this is a classic “one size does not fit all” scenario. This session will help Internal Audit leaders understand the available options in order to determine the approach and methodology that best suits their individual situation and relevant stakeholders.

    During this webinar, we will address the following topics:
    •How is Internal Audit effectiveness defined and how can Internal Audit manage the competing expectations of their stakeholders (Senior Management, the Board, the Audit Committee, Regulators, External Auditors, etc.)?
    •What are the elements of the Quality Assurance and Improvement Program (QAIP) as defined by the IIA’s International Standards for the Professional Practice of Internal Auditing? Are there different options and possibilities for assessing Internal Audit effectiveness?
  • How To Create A Mobile-First People Strategy To Modernise Employment
    How To Create A Mobile-First People Strategy To Modernise Employment
    Mark Elwood Nov 22 2018 11:00 am UTC 45 mins
    Just 29% of UK employees work for firms that operate flexible working policies for all employees according to recent research commissioned by TeleWare.

    This highlights the stark differences in how firms are creating workforces who can work flexibly in an increasingly mobile environment. One thing is certain, tools that enable employees to work wherever and whenever they want to are here to stay, but how firms deploy them could be the difference between success or failure.

    Join us in the latest webinar in our mobility and productivity programme where we will share exclusive insight into mobile and flexible working practices.

    Join our panel of experts to find out:
    •The impact on businesses who fail to deliver changing flexible working expectations
    •The technological advancements that are helping firms operate flexibly
    •The benefits and the pitfalls of a more mobility enabled workforce
    •The barriers to successful adoption and how you can overcome them.

    Panellists:
    Steve Haworth, CEO, TeleWare
    Andrew Fawcett, Product Manager, TeleWare
  • The “Luddite” Lawyer: Will Lawyers Ever Embrace Technology?
    The “Luddite” Lawyer: Will Lawyers Ever Embrace Technology?
    Doug Austin and Tom O'Connor Nov 28 2018 6:00 pm UTC 75 mins
    Technology Assisted Review (TAR) has been court approved for nearly seven years now and other technologies and approaches have been proven to save time and money while even improving quality within the discovery process. Yet, many lawyers still have yet to embrace these new technologies and approaches. Why, and what needs to happen to change things? This CLE-approved* webcast will discuss a lawyer’s ethical duty to understand technology, how to address today’s challenges and embrace approaches for addressing those technologies, pertinent case law regarding the use of technology and resources for more information. Topics include:

    + Ethical Duties and Rules for Understanding Technology
    + Addressing Discovery of Various Sources of ESI Data
    + Understanding the Goals for Retrieving Responsive ESI
    + Considerations and Challenges for Using Technology Assisted Review
    + Considerations for Form of Production
    + Key Case Law Related to Technology Challenges
    + Resources for Expanding Your Technical Expertise
    + Recommendations for Becoming Technology Competent
    + Resources for More Information


    Presentation Leaders:

    Doug Austin is the VP of Products and Professional Services for CloudNine where he manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing legal technology consulting, technical project management and software development services to numerous commercial and government clients.

    Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems. Tom’s consulting experience is primarily in complex litigation matters.
  • 2018 eDiscovery Case Law Review
    2018 eDiscovery Case Law Review
    Judge Thomas I Vanaskie, U.S. Third Circuit Court of Appeals, and a panel of attorney experts Nov 28 2018 7:00 pm UTC 75 mins
    In modern legal practice, the difference between failure and success can often turn on data. Yet after nearly two decades of eDiscovery case law and two related sets of revisions to the Federal Code of Civil Procedure, the bench and bar still grapple with how best to handle data in litigation, as the most important cases of the past year show.

    From discovery processes gone wrong and new sources of sanctions, from anonymous messaging platforms to claims of discovery malpractice, the past year’s cases are a reminder that discovery remains as critical, and sometimes as risky, as ever.

    Join Judge Thomas I. Vanaskie of the U.S. Court of Appeals for the Third Circuit and a panel of attorney experts for an upcoming webinar surveying these cases and more.

    Feature Presenter:
    Judge Vanaskie was appointed to the Third Circuit Court in 2010, having served at the federal district court level in Scranton for 16 years prior. Over the course of his two decades on the bench, technology has dramatically reshaped how litigation is waged and disputes resolved. But Vanaskie has spearheaded efforts to keep the justice system up to speed. In 2005, he was selected by Chief Justice William Rehnquist to head the Information Technology Committee of the U.S. Judicial Conference, the policy making body for federal courts, a role he served until 2008. Judge Vanaskie may be best known in legal technology circles for authoring what is perhaps the most influential decision on the recovery of electronic discovery costs, Race Tires America.
  • GRC & IT Security Series: The Risk Management Framework for Today's GRC Concerns
    GRC & IT Security Series: The Risk Management Framework for Today's GRC Concerns
    Paul Schoeny, VP Cybersecurity, BAP Nov 28 2018 7:00 pm UTC 30 mins
    Join the GRC & IT Webinar Series for the byte-sized sessions aimed at making federal regulations understandable and actionable. What is the NIST Risk Management Framework (RMF)? Simply put: The RMF provides steps/activities to manage your organizations risk and to develop an effective information security program applied to legacy and new systems. Join BAP as we breakdown the six steps identified in the RMF and:
    -Understand what is your cyber policy
    -Break down the six steps found within RMF
    -Establish a baseline of control policies
    -Gain tips for accelerating your control and policy management needs
    -Automate Continuous Monitoring
    -Understand how continuous monitoring of NIST and RMF control health can eradicate failing health scores.
  • US and EU risk retention requirements: impact on financing transactions
    US and EU risk retention requirements: impact on financing transactions
    Vladimir Maly and Geoff Peck, partners; Kenneth Kohler, senior of counsel; Yulia Makarova, of counsel - Morrison & Foerster Nov 29 2018 4:00 pm UTC 60 mins
    Risk retention requirements, or 'keeping skin in the game' were intended as a means of addressing the misalignment of incentives that were inherent in many of the 'originate to distribute' securitisation products. Has the aim been achieved and how have these requirements developed in the US and in the EU?

    This presentation will cover:
    · comparison of US and EU risk retention requirements;
    · market reaction to the LSTA decision; and
    · new regulatory framework for securitisations transactions in the EU.
  • Rising Stars in 2019: PRISM Developing Leaders Program Launch
    Rising Stars in 2019: PRISM Developing Leaders Program Launch
    John Rybak, 2017 winner of the PRISM Industry Influencer award, and BB&T’s SVP Environmental Risk Manager Dec 4 2018 7:00 pm UTC 60 mins
    Each year at EDR’s PRISM conference, an up-and-coming risk management or due diligence professional is recognized for impressive achievement in leadership, visibility, professional competency and/or industry involvement. Building on this popular awards category, EDR is excited to launch a new Developing Leaders program aimed to further the development of our industry’s future leaders. This new initiative will provide education and mentor/mentee connections to leverage the industry knowledge of prominent business leaders, and provide newer professionals with the tools and resources they need to fulfill their education and professional development goals.

    Each of the webinar speakers is an industry veteran who is deeply committed to helping rising professionals learn what they wish they knew when they were just starting out. Whether you’re a seasoned manager looking to retain top talent—or a newbie just starting out, join us for this kickoff webinar to hear what’s in store from EDR’s new PRISM Developing Leaders program!

    Who should attend:

    •Risk management professionals just starting out in the field
    •Experienced industry veterans
    •Anyone looking to broaden his/her professional development expertise

    Speakers:

    John Rybak, 2017 winner of the PRISM Industry Influencer award, and BB&T’s SVP Environmental Risk Manager
    Roger Caramanica, Ph.D., EDR’s VP of Organizational Development
    Dianne Crocker, EDR Insight’s Principal Analyst
  • Why your penetration tests in 2018 were a let down and best practices for 2019
    Why your penetration tests in 2018 were a let down and best practices for 2019
    Quoc Dang, Andy Condliffe & Nathan Jones, Synack EMEA Dec 5 2018 10:00 am UTC 60 mins
    You know that standard penetration tests delivered by the BIG 5 misses the mark when it comes to protecting the new needs of the cyber-secure, agile, data-driven organisation. You probably run them once or thrice a year to tick a compliance box or because your superiors have told you to do so. Why settle for the old way of doing a penetration test performed by a couple of junior testers only to wait weeks for the reports and be disappointed with the results? Join the Synack EMEA team for an upcoming webinar where we will share how crowdsourced security testing is modernizing the pen test for agile, data-driven organisations who need, more than ever, to be secure. We will cover:

    What's wrong with traditional penetration tests
    Why smarter, innovative organizations adopt a continuous, crowdsourced approach to security testing
    How the use of AI, bug bounty and smart technology transforms testing results
    When you can started your own crowdsourced security testing
  • RegTech for Information Governance
    RegTech for Information Governance
    Devie Mohan, Co-Founder and CEO, Burnmark Dec 5 2018 3:00 pm UTC 60 mins
    If you are feeling challenged by regulatory change, you are not alone. Everyone involved in information governance, at every stage of the information lifecycle, is feeling the effects – from Records Management and the Data Office through to Legal and Compliance. Heightened focus on data protection has created a collision of worlds – new intersections between data, records, privacy and security, requiring superhero experience, skill and agility to solve.

    •How have changes in data privacy and protection disrupted information governance?
    •How are financial institutions ensuring compliance, faced with extensive regulatory change?
    •Which technologies are best suited to managing regulatory change?

    We have assembled a team of superheroes to debate how to tackle these challenges, and offer tips to help you combat compliance.

    Meet the superhero panel
    Devie Mohan, Co-Founder and CEO, Burnmark
    Lynn Molfetta, Global Head of Records Management, Deutsche Bank
    Matthew Bernstein, Information Management Strategist, MC Bernstein Data
    Ben Richmond, Founder and CEO, CUBE

    Exclusive Research Report Access!
    Register now to get your pre-launch copy of Burnmark’s latest research report ‘RegTech for Information Governance’, direct to your in-box immediately following the webinar.

    If you are a Chief Data Officer, Head of Information Governance, Head of Records Management or a Chief Compliance Officer, register now to discover if your information governance standing up to regulatory change.
  • Beyond Open Source Compliance: Security in M&A Due Diligence
    Beyond Open Source Compliance: Security in M&A Due Diligence
    Nabil Hannan, Managing Principal, Synopsys Dec 12 2018 5:00 pm UTC 60 mins
    The headline of Wall Street Journal article from March read “Due Diligence on Cybersecurity Becomes Bigger Factor in M&A.” In April, Gartner reported, “Cybersecurity is Critical to the M&A Due Diligence Process.” Companies that invest in open source license compliance as part of diligence are starting to dive more deeply into security issues.
     
    A first step in assigning the security of software assets is looking at known vulnerabilities in open source components. But, now as part of the Synopsys Software Integrity Group, Black Duck can bring much broader capabilities to bear to analyze the overall security of code assets, including proprietary code.
     
    This webinar will discuss application security issues at a high level and the security services that you can include with a due diligence audit.
  • GRC & IT Security Series: Financial & Banking Service Regulations: SEC, PII, PCI
    GRC & IT Security Series: Financial & Banking Service Regulations: SEC, PII, PCI
    Jeffrey Lush, CEO & Co-Founder, BAP Dec 12 2018 7:00 pm UTC 30 mins
    Join the GRC & IT Webinar Series for byte-sized sessions aimed at making federal regulations understandable and actionable. Often understanding the interpretation of SEC Cybersecurity Guidance, PII and PCI can be difficult and is often more of an art than a science. The objective of every organization is to provide cybersecurity protection and compliance with the standards established within these regulations. Join us to discover the steps you need to develop your cyber strategy and:

    -Understand the SEC, PII and PCI regulations
    -Focus on the security objectives all regulations are hoping to achieve
    -Learn how to leverage your existing cyber investment, augment the tools you already have for real-time threat detection
    -Understand how continuous monitoring of Policy control health can eradicate failing scores.
    -Automate cyber standards, policy, and compliance
    -Learn how to build and discover your cyber standard needs
    -Analyze and validate the implementation of those standards
  • IFLR Women in Business Law: using coaching to advance your career
    IFLR Women in Business Law: using coaching to advance your career
    Julie Smith, Pressurevalve (with introduction from IFLR managing editor Amelie Labbe) Dec 13 2018 1:00 pm UTC 60 mins
    Coaching is now a key component of many development packages, but do we really understand what it is and how to use it to our advantage?
    In this practical session we’ll explore the following questions:
    - What is coaching and what isn’t coaching?
    - What type of challenges and goals can coaching help with?
    - What happens in the coaching process?
    - Are you ‘coachable’?
    - How do you find a coach and assess whether they are the right fit for you?

    Julie Smith

    Julie Smith is diirector and coach at Pressurevalve Ltd. As well as being a qualified executive coach, she’s also an experienced leader with 15+ years in management positions, 10 of which were in senior posts, including heading national operations and an interim CEO post. This means she understands the complexities, challenges and rewards of leadership. Key success factors in her coaching include helping people develop: skills in viewing situations from different perspectives, self-awareness, decision-making, confidence, self-belief, self-coaching and resilience. As well as coaching, Julie designs and facilitates sessions for leadership programmes in London and New York, runs network groups for leaders and is chair of the Global Taskforce of the American Express Leadership Academy, Alumni Network. If you’d like more information on Julie’s coaching services, plus self-coaching resources, visit: https://www.pressurevalvecoaching.com/free-stuff
  • 2019 Risk Trends and Predictions
    2019 Risk Trends and Predictions
    Sam Abadir, Lockpath Dec 13 2018 5:00 pm UTC 60 mins
    What a year 2018 has been, from indictments and data breaches to an increasing regulatory landscape and a greater focus on integrated risk management. What were the major risk trends in 2018 and what predictions can we make for 2019? In this can’t miss webinar, our panel of industry experts will recap 2018 and offer their views on what to expect in 2019 and beyond.

    As an attendee, you’ll learn:

    • The shift to a more integrated risk management
    • The growing emphasis on supply chain cybersecurity
    • The rise in data privacy and its impact on information security

    Plan now to attend this special webinar on 2018 highlights and trends and predictions for 2019.
  • GRC & IT Security Series: Healthcare Compliance & Security: Understanding HIPAA
    GRC & IT Security Series: Healthcare Compliance & Security: Understanding HIPAA
    Paul Schoeny, VP Cybersecurity, BAP Jan 9 2019 7:00 pm UTC 30 mins
    Join the GRC & IT Webinar Series for byte-sized sessions aimed at making federal regulations understandable and actionable.HIPAA compliance remains critical for all healthcare organizations to combat security breaches. It is no surprise that the Healthcare industry remains one of the top targets for cyber-attacks. To avoid hefty fines and to gain the eagle eye view of the overall health of the organizations, GRC, IT Security and Compliance teams are quickly developing strategies to mitigate security breaches and achieve compliance to HIPAA. Join this bite-sized webinar to learn how organizations are tackling HIPAA.
    -Understand the policies and controls set forth in HIPAA
    -Understand how traditional compliance methods invite risk
    -Understand how continuous monitoring of HIPAA control health can eradicate failing health scores.
    -Discuss the innovations happening to drive automation of security breach policy and policy health oversight
    -See checks and balances to confirm implementation and policy health.
  • GRC & IT Security Series: Tips and Tricks for FISMA, HIPAA, PCI, PII
    GRC & IT Security Series: Tips and Tricks for FISMA, HIPAA, PCI, PII
    Jeffrey Lush, CEO & Co-Founder, BAP Jan 23 2019 7:00 pm UTC 30 mins
    Join the GRC & IT Webinar Series for byte-sized sessions aimed at making federal regulations understandable and actionable. The challenge: achieving compliance against regulations such as FISMA, HIPAA, CCPA, GDPR, PCI and PII, among others. In this webinar quickly learn best practices in Information Assurance to automate regulation and compliance to achieve accountable security using controls, policies and more than check-the-box actions.
    -Techniques to adopt to automate policy and control mapping
    -Steps to improve your ability to see the over health of your environment
  • Fraudulent Wire Transfers in the Accounting Industry (1 CPE)
    Fraudulent Wire Transfers in the Accounting Industry (1 CPE)
    Ginger Johnson & Michael J Weber Feb 13 2019 6:00 pm UTC 75 mins
    Fraudulent wire transfers scams continue to plaque accounting firms nationwide. The FBI reports that fraudulent wire transfers have doubled since 2016. The new wave of scam e-mails have grown in their sophistication and appearance and no longer resemble clumsy “Nigeria” e-mails.
    Hear directly from the insurance company and lawyers on steps to prevent these fraudulent wire transfer scams and how to deal with a claim if this happens to your firm.

    Presented by Ginger Johnson & Michael J Weber - Michael J Weber Partner at Dinsmore. He focuses his practice on fidelity and surety bond claims/litigation, complex litigation, commercial law, transactional matters, general business matters/litigation and construction law. & Ginger Johnson is Specialty Claim Consultant at The Hanover Insurance Company working with Crime, Fidelity and first party Cybercrime claims up to $10M in the Management Liability Unit.