Hi [[ session.user.profile.firstName ]]

Audit and Compliance

  • Predictive Intelligence: Vulnerability Weaponization and Exploitation
    Predictive Intelligence: Vulnerability Weaponization and Exploitation Dr. Srinivas Mukkamala, Co-Founder and CEO of RiskSense Recorded: Sep 18 2018 43 mins
    The key to effectively reducing the attack surface is remediating exactly the right vulnerability or weakness that will be used by the adversary. While the idea is simple enough, executing on it has proven to be one of the largest challenges facing enterprises.

    The impact of this lack of visibility into the attacker journey is that vulnerability remediation strategies are likely unaligned, and therefore ineffective.

    There’s no data that supports the hypothesis to align early weaponization to breaches, which makes it hard to know when it is the ideal time to fix the vulnerability or weakness.

    Vulnerability prioritization and weaponization prediction must be fueled with data and domain expertise. Fixing thousands of vulnerabilities is not enough. We need to make sure we are fixing the right vulnerabilities, at the right time. In this talk we will cover:

    • Quantitative and Qualitative: details on RiskSense threat dataset and data sources that allows us to uniquely separate “signal” from “noise”.
    • Unprecedented visibility into attack validation data: from over 10+ years, this enables us to reconstruct the complete attacker journey and understand time-based patterns.
    • Insights into Vulnerability life cycle: weaponization and breach latency. This will allow us to determine no engagement vs. engagement from a remediation standpoint.
    • Attributes and variables: used for Machine Learning to predict Weaponization and Breach Susceptibility

    This presentation will be given by Dr. Srinivas Mukkamala, Co-Founder and CEO of RiskSense. RiskSense’s team was the first to predict WannaCry and has since released Koadic Post Exploitation Command & Control.
  • Corporate compliance in Latin America: main challenges and opportunities
    Corporate compliance in Latin America: main challenges and opportunities Leila Szwarc & Paola Fonseca, TMF Group and Yoab Bitran, LRN Recorded: Sep 18 2018 61 mins
    Meeting the global challenge of evolving corporate compliance.

    Issues to be discussed include:

    1.An overview of the Compliance Complexity Index 2018 (CCI 2018) - Key global trends and the most and least complex countries.

    2. Insights about the main challenges in Latin America:
    - Which are the most complex countries in the Americas (from CCI 2018)
    - Compliance and main regulatory developments in Latin America

    3. How companies should prepare to meet these challenges
  • Synthetic Identity Fraud: Best Practices to Combat & Prevent the Evolving Threat
    Synthetic Identity Fraud: Best Practices to Combat & Prevent the Evolving Threat Kevin King from ID Analytics, Deshietha Partee-Grier from Duetsche Bank & Sandeep Dhadda from Citigroup Recorded: Sep 13 2018 86 mins
    Kevin King, Director of Product Marketing for ID Analytics presented alongside Deshietha Partee-Grier, AVP Financial Crime Investigations Unit and Sandeep Dhadda, Director, Head of Advanced Analytics for CitiGroup on the evolving threat of synthetic identity fraud.
  • Aviation Law News European Drone Law
    Aviation Law News European Drone Law Airbus, Bird & Bird, Monard Law, LS Lexjus Sinacta, DLA Piper Recorded: Sep 13 2018 64 mins
    Recent months have seen the European Parliament back EU-wide safety regulations and registries for drones, which could mean large fines for manufacturers and operators, as well as recommendations by the European Aviation Safety Agency for new rules on the use of electronic identification systems and geo-awareness technology in drones.

    Against this backdrop, our panel will provide detailed insight on the current legislative state of play, taking in such topics as the transition from national to EU-wide drone laws; the timeline and implementation of the new regulations; practical challenges for regulators; and the categorisation and certification requirements for drones.

    Panellists will also examine related issues for drone users and regulators – including insurance, liability and privacy – as well as looking to what developments we can expect in the future.

    Our world-class panel will be made up of:

    - Airbus in-house counsel Vincent Barbaud and Jaime Garcia-Nieto;
    - Bird & Bird of counsel Simon Phippard in London;
    - Monard Law partner Birgitta Van Itterbeek in Brussels;
    - LS Lexjus Sinacta partner Anna Masutti in Bologna; and
    - DLA Piper senior associate Camille Lallemand in Paris.
  • Cyber Criminals have stepped up their game (1 CPE)
    Cyber Criminals have stepped up their game (1 CPE) Eric Hess Recorded: Sep 12 2018 62 mins
    Any firm that has avoided attacks due to social engineering, distributed denial of service, ransomware, evasive malware and e-mail interception can count themselves lucky...but this is the year that may be changing. Cyber criminals have stepped up their game altering the threat landscape for CPA's now and in the years ahead. More than ever, accounting professionals need to keep up to date on the latest threats and adjust their game plan accordingly. This webinar will review the current threat landscape for CPA's, as well as the actions that small to mid-size firms should be taking to mitigate risk on limited budgets.

    Presented by Eric Hess - Eric Hess founded HLC LLC in 2014 to focus on systems compliance and information security consulting. Today, it provides an array of right sized cybersecurity assessment and cybersecurity management services to small to medium sized businesses. HLC’s clients are primarily financial services firms, but HLC is developing a focus on CPA firms and law firms.
  • Third Party Risk Trends and Predictions
    Third Party Risk Trends and Predictions Moderated by Sam Abadir - Lockpath Recorded: Sep 12 2018 60 mins
    What insights can be gleaned from third-party risk management today? What are the top trends to watch out for in 2020? Get guidance from our panel of thought leaders on the leading edge of third-party risk management. Each panelist will answer a series of questions and share their viewpoints on a variety of topics, including:

    •Top trends in third-party risk management
    •Third-party risk ownership in an organization
    •How privacy is affecting third-party relationships
    •Role of continuous monitoring in business resiliency
    •Top predictions for 2020

    Plan now to attend this exclusive webinar. Or forward to risk management professionals tasked with managing third-party risk.

    PRESENTERS:

    -Phil Marshall, Director, Product Marketing, SecurityScorecard

    -James H. Gellert, Chairman and CEO, RapidRatings

    -Tom Garrubba, Sr. Director, Santa Fe Group / Shared Assessments Program

    -Eric Dieterich, General Manager – Advisors, Privacy Practice Lead, CISA, CRISC, CIPP/US, Focal Point

    MODERATOR :

    Sam Abadir, VP, Industry Solutions, Lockpath
  • Assessing Cyber Risk - Challenges and Solutions
    Assessing Cyber Risk - Challenges and Solutions Stephen Head, CISSP, CISM, CISA - Director, IT Risk Advisary Services, Experis Finance Recorded: Sep 12 2018 60 mins
    Managing cyber risk in today’s digital environment is extremely challenging, whether your organization is public, private or governmental. In response to the growing frequency and severity of cyber-attacks, many organizations have decided it’s time to focus more of their efforts on cyber risk, starting with a cyber risk assessment. This approach to proactively dealing with the risk of cyber-attacks increases the organization’s awareness of the potential impacts and costs, and enables them to take actions that reduce the overall risk to the organization, minimize the impact of cyber-attacks, and more predictably ensure the continuity of essential services.

    This webinar will provide a high-level overview of assessing cyber risk and explore the following:

    •Threats and root causes of breaches
    •The changing regulatory landscape
    •Security frameworks and tools
    •Practical ways to assess your risk and organizational exposure
    •Key elements of a successful cyber risk management program

    Whether or not you have embraced a formal cyber risk management program, this session will provide practical advice on the evolving nature of cyber risk management, how to develop and incorporate an assessment process into your organization’s overall risk management efforts, and how cyber risk management can improve your organization’s ability to withstand a cyber-attack.
  • Seven Steps to Effective Regulatory Response
    Seven Steps to Effective Regulatory Response EDRM and Zapproved Recorded: Sep 5 2018 60 mins
    Learn the seven steps to effective regulatory response and be prepared to respond quickly to ensure compliance.

    Regulatory agencies such as the SEC and CFTC can initiate an investigation into business activity at any time, bringing challenges beyond those of typical ediscovery. Regulatory investigations often relate to unclear charges, make broad and sweeping data requests under unrealistically tight timelines, and bear severe consequences for noncompliance. Organizations need to be prepared to identify, preserve, and analyze relevant information rapidly and accurately.

    In this webinar, Zapproved will discuss seven clear, actionable steps to launch a successful regulatory response. These steps start with strategizing and preserving data before moving into assessing information, negotiating the terms of the request, creating privilege logs, and keeping the lines of communication open.

    Any organization subject to regulatory oversight could be investigated at any time. Prepare today so you can face tomorrow with confidence.
  • Why KBA Won’t Survive the Digital Transformation
    Why KBA Won’t Survive the Digital Transformation Scott Hamlin, Product Marketing Manager and Libby Lefanowicz, Innovation Product Manager Recorded: Sep 5 2018 38 mins
    What is your mother’s maiden name? What street did you grow up on? We’re all familiar with answering these types of questions to verify ourselves during account opening or access. Knowledge-based authentication, or KBA, has been an industry-standard identity verification / authentication tool for nearly two decades. When initially deployed, it was highly effective and the friction it created was often overlooked because consumer expectations were different. Fast forward to today – its effectiveness has dropped considerably, and the user experience is widely considered egregious because we live in a digital world where instant is the expectation. In this webinar we’ll discuss how the digital transformation is impacting both consumers and enterprises in such a way that KBA can no longer survive. We’ll demonstrate how innovative ID verification helps enterprises reduce their exposure to fraud risk and deliver convenience that meets the expectations of today’s digital consumer.

    5 Key Takeaways:
    - How evolving consumer expectations impact your enterprise
    - What keeps risk managers up at night
    - Why KBA can’t survive the digital transformation
    - The benefits of ID verification in a digital world
    - ID Analytics’ unique approach to better, faster, stronger identity verification
  • Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
    Top 10 Tips for Selecting a Threat and Vulnerability Management Solution David Monahan (EMA) and John Dasher (RiskSense) Recorded: Aug 31 2018 61 mins
    With all the news about cyberattacks, it’s easy to feel like there aren’t enough people to cover all of the security bases. This means proper identification and management of threats and vulnerabilities is an absolute necessity to keep risk at its lowest levels.

    Join David Monahan, managing research director at leading IT analyst firm Enterprise Management Associates (EMA), and John Dasher of RiskSense, to learn why a threat and vulnerability management solution is a must have for your security portfolio.

    During this webinar you will learn:
    - How threat and vulnerability management solutions with prioritization improve security operations efficiency
    - How to use a threat and vulnerability management and prioritization solution to garner greater support for security and improve security operations and business management alignment
    - The top 10 criteria you need to consider when selecting a solution
    - How to maintain a risk-based security management program
  • Litigate or Settle? Info You Need to Make Case Decisions
    Litigate or Settle? Info You Need to Make Case Decisions Doug Austin and Tom O'Connor Recorded: Aug 29 2018 65 mins
    People say that fewer and fewer cases go to trial these days. Is that true. Regardless of whether it is or not, what information do you need to know to make an informed decision whether or not to litigate or settle the case and how do you gather that information? This CLE-approved* webcast will discuss how litigation has evolved over the years, how that impacts discovery and what you need to know to decide on the best course of action for each case. Topics include:

    + How Litigation Has Evolved
    + The Importance of Deciding Correctly
    + eDiscovery Considerations
    + Covering Your Bases While You Decide
    + Benefits of Early Data Analysis
    + How Much Each GB Can Cost You
    + Why Number of GBs Isn't All You Need to Know
    + Why You Should Test Searches Before Meet and Confer
    + Other Tips and Tricks to Know for a Successful Outcome

    * MCLE Approved in Selected States

    Presentation Leader: Doug Austin

    Doug is the VP of Products and Professional Services for CloudNine. At CloudNine, Doug manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing legal technology consulting, technical project management and software development services to numerous commercial and government clients.

    Special Consultant to CloudNine: Tom O'Connor

    Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems. Tom’s consulting experience is primarily in complex litigation matters.
  • How to Integrate Technology in Policy Gap Analysis
    How to Integrate Technology in Policy Gap Analysis Scott Lawler, LP3 and Jeffrey Lush, BAP Recorded: Aug 28 2018 40 mins
    How do organizations comply with complex mandates? This task is often overwhelming, and the solution is often expensive and may require outside help to conduct a lengthy gap analysis. The output is a long list of urgent actions to accomplish again this year just like last year—not helpful.

    The solution must be simpler with automation. In this webinar we’ll discuss:
    - How to automate gap analysis for continuous monitoring
    - Enabling policy implementation visibility for the first time
    - How to reduce the noise quickly to build a reputable cyber strategy
    - Validating continuously enterprise and system security policy enforcement
  • New Horizons in Data and Litigation
    New Horizons in Data and Litigation Christopher J. Adams, Martha K. Louks, and Michael Simon Recorded: Aug 28 2018 62 mins
    The amount of data available to legal professionals is expanding at a mind-boggling pace. Over 2.5 exabytes, or 75 trillion pages’ worth, of data is generated every day. And much of it isn’t the email inboxes and Office documents attorneys are used to dealing with.

    From chat messages, to IoT data, to ephemeral communications, tomorrow’s case-dispositive data can take nearly any shape.

    Join us for this webinar as we explore the ways novel data sources are reshaping the future of discovery and litigation. Topics to be covered include:

    -- Mobile data: Does BYOD, BYOA and BOYC all add up to Bring Your Own Nightmare?
    -- Redefining TL;DR with ephemeral messaging
    -- Welcome to your quantified life. BTW, it’s all discoverable
    -- The IoT isn’t SciFi. It’s here now and it’s also all discoverable

    It’s an educational, action- and acronym-packed hour you don’t want to miss.
  • Open Banking in Australia - An Open Forum
    Open Banking in Australia - An Open Forum Seshika Fernando, Head of Financial Solutions, WSO2 and James Bligh - Lead, API Standards Working Group, Consumers, Data61 Recorded: Aug 23 2018 47 mins
    Project deadlines that span a year or two aren’t usually nerve-racking. But, when it means making a significant change to your business strategy, internal systems and technology infrastructure, it can become a head scratcher. This is probably where the banks in Australia stand. Banks are figuring their way around it and there’s a lot to learn. Regardless, no one wants to fall victim and everyone wants to conquer open banking


    This session covers:


    - A Reality Check - Where banks stand in their open banking journeys

    - The Problem Children - What challenges they are facing

    - The Gold Stars - Critical success factors for a killer open banking strategy

    - A Whole New World - The potential of an open data world
  • Security Champions: Only YOU Can Prevent File Forgery
    Security Champions: Only YOU Can Prevent File Forgery Marisa Fagan, Product Security Lead, Synopsys Recorded: Aug 22 2018 57 mins
    If you’re a developer, there will come a time when you realize that you have the power not only to ship awesome features but also to protect them so that no one else can tamper with all your hard work. Every developer is responsible for coding securely, but a brave few among us will take this duty one step further by wearing the mantle of a Security Champion.

    This webinar is your guide to becoming the Security Champion you always wanted to be, in just five easy steps. We’ll also talk about what benefits you’ll get out of it, besides saving the world, and what to do if your company doesn’t have a Security Champions program or even a product security program.
  • Client entertainment as a form of bribery and its wide-ranging ripple effects
    Client entertainment as a form of bribery and its wide-ranging ripple effects Mike Koehler, FCPA Expert and Law Professor Recorded: Aug 21 2018 57 mins
    If you thought FCPA scrutiny and enforcement arises only from suitcases full of cash, to bona fide foreign government officials, in connection with a government contract, then you are wrong. What makes FCPA compliance challenging for business organizations is that scrutiny and enforcement can arise from normal business activity such as client entertainment if offered or provided to a specific type of customer or potential customer. In this engaging webinar, FCPA expert Professor Mike Koehler will highlight recent FCPA enforcement actions based on corporate hospitality and the compliance take-away points from the actions. In addition, the webinar will highlight the wide-ranging, negative financial consequences that often result from FCPA scrutiny and enforcement beyond settlement amounts and discuss why FCPA compliance is not just a legal issue but more properly a general business issue that needs to be on the radar screen of many professionals who can assist in risk management.
  • When to report a potential claim or incident (1 CPE)
    When to report a potential claim or incident (1 CPE) Ralph Picardi Recorded: Aug 15 2018 74 mins
    This webinar will focus on how to respond once you become aware of an actual or suspected claim or potential claim (often referred to as an incident). The session will explain how to utilize the CPAOnePro Risk Management Hotline to determine when and how to report a claim or incident to the insurance carrier, and how to proceed relative to the matter while awaiting the carrier's response to your report. The session will also explain when and how to invoke the subpoena coverage within your policy.

    Presented by: Ralph Picardi
    Ralph Picardi is the managing member of PICARDI LLC specializing in advising accountants, lawyers, and their insurers in matters of coverage, and in matters of loss control through hotlines, seminars, risk management audits and publications.
  • Roadmap to Smarter Audits
    Roadmap to Smarter Audits Sam Abadir, VP of Industry Solutions, Lockpath Recorded: Aug 15 2018 49 mins
    Audits provide a vital checks and balances function in an organization. But what if audit's role as the third line of defense was more efficient and strategic? Doing so would enhance the role of the internal auditor. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter audits, including:

    • Critical capabilities required for the audit process
    • Importance of customizing messaging to stakeholder audiences
    • The pros and cons of current audit management strategies
    • Strategic, effective audits that can scale with future growth

    More strategic and effective audits won't come from current processes. Discover the road to smarter audits by attending this educational webinar. Register now!
  • Customer Interview - Zynga - Risk Culture
    Customer Interview - Zynga - Risk Culture Fran Gutkowski - Zynga, Sam Abadir - Lockpath Recorded: Aug 14 2018 3 mins
    Hear how Zynga strengthened their risk culture with the help of the Keylight GRC Platform.
  • AppSec in Financial Services through the BSIMM Lens
    AppSec in Financial Services through the BSIMM Lens Nabil Hannan, Managing Principal, Synopsys Software Integrity Group (SIG) Recorded: Aug 14 2018 39 mins
    Do you ever wonder whether your software security program is the correct one for your organization? You spend time and money on processes, technology, and people. But how do you know whether the security efforts you’ve put in place even make sense? The Building Security In Maturity Model, or BSIMM, is a metrics-driven study of existing security initiatives at other organizations. BSIMM results help you assess the current state of your software security initiative and determine which areas need improvement.

    During the webinar, we’ll use a BSIMM broken down by the financial services industry to see what other companies are doing. We’ll also:

    · Use real data to help drive your software security initiative
    · Learn how organizations use the BSIMM to measure the maturity of their software security initiatives
    · Look at the aggregate data of the FSI vertical in the BSIMM
    · Discuss some of the most common activities that we observe with FSI companies and the drivers of those activities
  • Top 10 New Ways to Pay
    Top 10 New Ways to Pay Kieran Hines, Ovum; David Scheidemantel, Semafone; Steve Kramer, ACI Worldwide Recorded: Aug 9 2018 57 mins
    In this session, we cover the newest payment methods organizations are using, and we'll discuss how executives plan the move to more secure and convenient ways to receive consumer payments. We'll also include exclusive research from Ovum!

    Key Takeaways:

    - Learn about the top ten new ways to pay
    - Steps executives are taking to increase security
    - New payment method that could reduce the number of PCI controls in your call center by up to 90%
  • Customer Interview - Zynga - Documenting Processes
    Customer Interview - Zynga - Documenting Processes Fran Gutkowski - Zynga, Sam Abadir - Lockpath Recorded: Aug 7 2018 2 mins
    Hear how Zynga documented their risk management processes before adopting the Keylight GRC Platform.
  • DevSecOps: Security at the Speed of DevOps with Comcast
    DevSecOps: Security at the Speed of DevOps with Comcast Larry Maccherone, Sr. Director DevSecOps Transformation, Comcast Recorded: Aug 3 2018 50 mins
    Security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve.

    What’s needed to add security to DevOps are tools that work well with rapid-cycle CI/CD pipelines and an approach that reinforces the DevOps culture and process changes. This requires that security specialists become self-service toolsmiths and advisors and stop thinking of themselves as gatekeepers.

    This webinar includes guidance on the characteristics of security tools compatible with DevOps, but it focuses primarily on the harder part: the people. This talk introduces the DevSecOps manifesto and provides you with a process model, based on agile transformation techniques, to accomplish the necessary mindset shift and achieve an effective DevSecOps culture transformation. It has been successfully used in a large DevSecOps transformation at Comcast and has gained recognition in DevSecOps circles as a leading framework.
  • Don't Acquire Open Source Risks You're Not Aware Of
    Don't Acquire Open Source Risks You're Not Aware Of Daniel Kennedy, Research Director - Information Security, 451 Research; Phil Odence, GM – Black Duck On-Demand Sep 19 2018 4:00 pm UTC 60 mins
    Modern applications are constructed using open source components. Most organizations understand they’re using open source. What they likely underestimate is its prevalence in their homegrown applications and the potential security and license compliance risks they assume if they’re not continuously monitoring those libraries. When companies merge or are acquired, that unknown risk is transferred, potentially to organizations with greater regulatory exposure. Join Daniel Kennedy, Research Director, Information Security, and Phil Odence, GM, Black Duck On-Demand, for a discussion of these risks and how to address them.
  • The Thief in Your Company: Understanding the Profile of a Fraudster
    The Thief in Your Company: Understanding the Profile of a Fraudster Tiffany Couch, CPA/CFF, CFE Sep 20 2018 6:00 pm UTC 60 mins
    Join author and forensic accountant, Tiffany Couch, as she details the common traits and behaviors of people who commit occupational fraud.
  • GDPR Compliance for Contact Centers: Using PCI DSS as a Proven Framework
    GDPR Compliance for Contact Centers: Using PCI DSS as a Proven Framework John Rostern, Vice President Risk Management & Governance, NCC; Aaron Lumnah, Semafone Sep 20 2018 6:00 pm UTC 60 mins
    On May 25, 2018, the European Union's General Data Protection Regulation (GDPR) went into effect, becoming the world's strictest and most comprehensive data protection legislation. Companies around the world, regardless of whether they are physically located within EU borders, had to meet compliance requirements if they process the data of EU citizens, creating a huge headache for any organization running a call or contact center.

    For contact centers that have troves of sensitive customer information, GDPR compliance can easily become a massive undertaking. However, using preexisting tried-and-true frameworks like the PCI DSS, companies can relieve the burden of meeting compliance obligations.

    Join Semafone and NCC for this informative session, where you'll learn:
    - How to achieve GDPR compliance in your call or contact center
    - How to use existing data security frameworks like the PCI DSS to simplify compliance efforts
    - How to improve data security inside your contact center while enabling a more seamless customer experience

    Additionally, registrants will receive a free copy of Semafone's GDPR Guide for Contact Centers.

    Reserve your space now!

    About John Rostern:

    John is an experienced technology risk, IT audit, and information security executive, with over 31 years of experience in all aspects of information systems and technology including governance, strategy/architecture, operations, applications development, technical, information security, IT audit and business continuity planning.
  • Regulatory capital relief: legal framework, expected changes and BRRD impact
    Regulatory capital relief: legal framework, expected changes and BRRD impact Vladimir Maly, partner, Oliver Ireland, senior counsel, and Yulia Makarova, of counsel - Morrison & Foerster Sep 24 2018 3:00 pm UTC 60 mins
    In this webinar, we will analyse capital relief driven transactions and structures, focusing on the principle purpose of using this tool, the main structures used in the market and the legal and regulatory framework underpinning the relevant structuring solutions. Among other things, this webinar will cover:
    - the most commonly used capital relief driven structures and why the market choses them, including a comparative summary of the structures used in the EU and the US;
    - the existing legal and regulatory framework and expected changes, including potential impact of different Brexit scenarios;
    - BRRD and its implications: how the rules affect structuring and the mitigating techniques investors may explore.
  • Could millennials be the key to ending the productivity crisis?
    Could millennials be the key to ending the productivity crisis? Mark Elwood, marketing director, TeleWare Sep 25 2018 10:00 am UTC 60 mins
    By 2025, it is estimated that 75% of the workforce will be millennials. With rapidly changing expectations on how, when and where employees want to work, technology is going to play an increasingly important role in attracting and retaining talent.

    Join our discussion to find out how the millennial demand for mobility in the workplace could help solve the productivity crisis. Our panel of experts will share their views on:

    • Understanding the needs of the millennial worker
    • The key steps to providing the right technology within your digital transformation programme
    • Why mobility and flexible working is the key to hiring and retaining a millennial workforce
    • Demonstrating the proven link between mobility and productivity

    This webinar will be hosted by Mark Elwood, marketing director, TeleWare. Panellists will include Andrew Fawcett, product manager, TeleWare and guest experts.
  • Cumplimiento Corporativo en Latinoamérica: principales retos y oportunidades
    Cumplimiento Corporativo en Latinoamérica: principales retos y oportunidades Leila Szwarc & Paola Fonseca TMF Group and Yoab Bitran, LRN Sep 25 2018 3:00 pm UTC 60 mins
    Acerca de este webinario:

    Enfrentando el desafío global de evolucionar en cumplimiento Corporativo
    Los principales temas a discutir incluirán:

    1.Visión general del Índice de Complejidad de Cumplimiento Corporativo 2018 - tendencias clave a nivel global, países más y menos complejos

    2.Perspectivas sobre los principales desafíos en Latinoamérica

    - Países con mayor índice de complejidad en las Américas.
    - Cumplimiento y principales desarrollos regulatorios en América Latina

    3.Tips acerca de cómo las empresas deben prepararse para enfrentar los desafíos
  • The Complete Guide to Responsible Disclosure Programs
    The Complete Guide to Responsible Disclosure Programs Rajesh Krishnan, Product Marketing, Synack. Sep 25 2018 5:00 pm UTC 60 mins
    To beat criminal hackers, it helps to have ethical ones on your side. Responsible Disclosure Programs - where companies invite suspected security vulnerability reports from the public - have been on the rise in the past few years. Should your company consider Responsible Disclosure? Learn more about the ins and outs of these types of programs and how they can differ in the level of liability and management incurred. Technical. Social, Legal, and other indicators will all be raised.
  • Preparing for Litigation Before it Happens
    Preparing for Litigation Before it Happens Doug Austin and Tom O'Connor Sep 26 2018 5:00 pm UTC 75 mins
    Information Governance (IG) has always been part of the eDiscovery landscape and it has always been important for reducing the population of potentially responsive electronically stored information (ESI) that might be subject to litigation by helping organizations adopt best practices for keeping their information “house in order”. But now with an increased concentration on the two-fold concerns of privacy and security, IG has become more important than ever. This CLE-approved* webcast will explore the implementation of Information Governance best practices to help organizations better prepare for litigation before it happens. Topics include:

    + Minority Report: Pre-Case for Litigation Avoidance
    + What Information Governance is and What it Isn't
    + General Principles for Information Governance
    + Who Uses Information Governance?
    + IG Considerations and Issues
    + Basic Information Governance Solutions
    + Information Governance vs. Analytics
    + How Privacy/Security Has Impacted the Importance of an IG Program
    + Recommendations for Implementing an IG Program

    * MCLE Approved in Selected States

    Presentation Leader: Doug Austin

    Doug is the VP of Products and Professional Services for CloudNine. At CloudNine, Doug manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing legal technology consulting, technical project management and software development services to numerous commercial and government clients.

    Special Consultant to CloudNine: Tom O'Connor

    Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems. Tom’s consulting experience is primarily in complex litigation matters.
  • Bringing Hacker-Powered Security Testing to DevOps SDLC
    Bringing Hacker-Powered Security Testing to DevOps SDLC Andy Condliffe, Solution Architect EMEA, Synack Sep 27 2018 11:00 am UTC 60 mins
    DevOps allows organizations to bring web, mobile, and IoT applications to life faster than traditional SDLC models. However, continuous releases and updates introduce new risks by the way of exploitable vulnerabilities that are introduced and left undetected and unresolved/unpatched in the production stream.

    Traditional point-in-time penetration tests can’t keep up with the frequency and short deployment cycles of the modern DevOps organization. Traditional pen tests are usually conducted through checklist-based activities that lack the comprehensiveness to mimic and defend against sophisticated cyber attacks. The result? An increase in serious, exploitable vulnerabilities in live applications and a slew of high-profile breaches..

    Leading enterprise organizations are utilizing a crowdsourced security testing platform that combines continuous vulnerability scanning tools with manual, crowdsourced human security testing. This model of offensive and adversarial-based testing delivers realistic attack traffic on customers’ applications, resulting in effective vulnerability discovery and management and “smart” security intelligence without compromising security and control. Scalable and controlled crowdsourced testing at a continuous cadence is the answer for secure DevOps SDLC.

    Join this session by Andy Condliffe of Synack EMEA as he shares how Synack can help lower the risks of dynamic deployments with a continuous, human, offensive security testing model that’s better suited for the modern DevOps organization
  • Automate the Dreaded Task of Software Asset Management
    Automate the Dreaded Task of Software Asset Management Gary Paquette, CTO, Mike Schmitt, Sr Director Product Marketing, Karen Hutton, Sr Director of Marketing, at Nlyte Oct 3 2018 5:00 pm UTC 31 mins
    Nlyte’s Gary Paquette uncovers how you can automate discovery, management, and reporting with Nlyte Software Optimizer agentless software.

    What you will learn from the webinar:

    - Organic installation and distribution of software
    - Lack of visibility in current and new deployments
    - Matching databases to physical and virtual
    - Reconciliation between required services versus installed
    - Inaccurate systems, too many systems and files
  • Roadmap to Smarter Operational Risk Management
    Roadmap to Smarter Operational Risk Management Sam Abadir, VP of Industry Solutions, Lockpath Oct 3 2018 6:00 pm UTC 60 mins
    Operational risks are on the rise due to companies increasingly relying on digital processes and third parties. The issue is compounded by the fact that products and services are growing in number and complexity. Traditional operational risk management can't keep up. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter operational risk management, including:

    • Critical capabilities for managing digital process and third-party risks
    • Strategies for tying operational risks to business objectives
    • Advantages of managing operational risk using a GRC platform
    • Leveraging the value chain for integrated risk management

    Bring efficiency, effectiveness and agility to operational risk management. Discover the road to smarter operational risk management by attending this educational webinar. Register now!
  • Container Security – What you need to know!
    Container Security – What you need to know! Olli Jarva, Managing Consultant, Synopsys Oct 4 2018 5:30 am UTC 75 mins
    Containers are revolutionizing application packaging and distribution. They’re lightweight and easy to build, deploy, and manage. But what about security? Your containers include more than the applications your team builds. They also bundle all the third-party software and open source components those apps depend on. In our webinar “Container Security – What you need to know!”, Tanay Sethi, Senior Security Architect, outline how you can prevent vulnerable code hiding in your containers from compromising your applications and sensitive data and how you can take control in the event when a new vulnerability breaks out for open source component present in your containers.
  • OCTOBER 17! Taming the Demon Weed – Risk Management for Cannabis CPAs
    OCTOBER 17! Taming the Demon Weed – Risk Management for Cannabis CPAs R. Peter Fontaine Oct 17 2018 5:00 pm UTC 75 mins
    A growing number of states are legalizing the medicinal and nonprescription use of marijuana. Nevertheless, the legalized status of cannabis at the state level conflicts with the federal Controlled Substance Act, causing significant legal risk, business uncertainty, and operational challenges for cannabis producers and distributors, as well as their accountants. This webinar will explore how CPAs serving cannabis industry clients can actively manage their business and legal risks through the use of client acceptance and retention criteria, engagement letters and related documentation, engagement planning, staffing and execution, and an understanding of applicable regulations.

    Presented by Peter Fontaine - R. Peter Fontaine is managing partner of NewGate Law, which exclusively serves the legal needs of the accounting profession, including firms with cannabis industry clients.
  • Security in the Cloud: Identity Management, Access Control and Authentication
    Security in the Cloud: Identity Management, Access Control and Authentication Emma Bickerstaffe, Senior Research Analyst, ISF LTD Oct 23 2018 12:00 pm UTC 45 mins
    Organisations increasingly rely on cloud services, motivated by the benefits of scalability, accessibility, flexibility, business efficiencies and reduced IT costs. However, there are several security implications that organisations need to address, including the challenge of verifying identity and managing access to cloud services.

    Cloud services bring added complexity to identity and access management, exacerbated by the distribution of data across a myriad of applications accessed by users from multiple devices and locations. Failure to adequately implement user authentication and access control in the cloud can be exploited by attackers to gain access to users’ credentials, manipulate systems and compromise data.

    In this webinar, Senior Research Analyst Emma Bickerstaffe will discuss identity management, access control and user authentication in the cloud environment, and consider how organisations can effectively tackle this security concern.
  • Roadmap to Smarter Health and Safety Management
    Roadmap to Smarter Health and Safety Management Sam Abadir, VP of Industry Solutions, Lockpath Nov 1 2018 4:00 pm UTC 60 mins
    Safety is job number one in many organizations and employee health is an ongoing concern for firms. Both highlight the vital importance of health and safety management and its impact on operational risk. If workers are injured, are exposed to dangers, or are absent, they can't do their jobs and it impacts margins and goals. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter health and safety, including:

    • Critical capabilities required for health and safety management
    • Strategies for streamlining OSHA compliance and reporting
    • Approaches for increasing accountability
    • Ideas for leveraging data for operational risk management

    Making health and safety management a higher priority at your company is possible. Discover the road to smarter health and safety by attending this educational webinar. Register now!
  • Fraudulent Wire Transfers in the Accounting Industry (1 CPE)
    Fraudulent Wire Transfers in the Accounting Industry (1 CPE) Ginger Johnson & Michael J Weber Nov 14 2018 6:00 pm UTC 75 mins
    Fraudulent wire transfers scams continue to plaque accounting firms nationwide. The FBI reports that fraudulent wire transfers have doubled since 2016. The new wave of scam e-mails have grown in their sophistication and appearance and no longer resemble clumsy “Nigeria” e-mails.
    Hear directly from the insurance company and lawyers on steps to prevent these fraudulent wire transfer scams and how to deal with a claim if this happens to your firm.

    Presented by Ginger Johnson & Michael J Weber - Michael J Weber Partner at Dinsmore. He focuses his practice on fidelity and surety bond claims/litigation, complex litigation, commercial law, transactional matters, general business matters/litigation and construction law. & Ginger Johnson is Specialty Claim Consultant at The Hanover Insurance Company working with Crime, Fidelity and first party Cybercrime claims up to $10M in the Management Liability Unit.