IT Governance, Risk and Compliance

Community information
Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
  • Learn about the powerful, new Arcserve Cloud which is a fully-integrated, cloud data protection solution for backup, disaster recovery and long-term retention. It’s offered as a service extension to Arcserve’s Unified Data Protection (UDP) appliance. Also discover technical details of Arcserve UDP, a next-generation data protection solution that leverages global deduplication, encryption, compression, and WAN-optimized replication.
  • An overview of defending against the bad guy, by Tim Grieveson - Chief Cyber Security Strategist for ESP, an ex CIO/CISO himself gives his views and vision based on the HP cyber security risk report.
  • How confident are you about your company’s network security? Most people do not know that their firewall is inadequate.

    Let us show you how you could be in a better position to both understand your current level of preparedness for network attacks and improve areas where your protection measures may be weak.
  • How to Align Identity Management and Access Control with Content and Collaboration

    The impetuses for cloud app adoption are still in full force: greater accessibility, elastic licensing, reduced infrastructure and improved business agility, among others, are creating new and exciting ways to reduce IT costs and complexity and meanwhile improve productivity and profitability. While the benefits are clear, technology leadership are still apprehensive due to key considerations around security and access control. Business-critical information now lives outside the traditional corporate perimeter while IT has little visibility and control over the apps and devices being used. Technology leaders and end users alike are seeking simple and secure application access.

    Join us in this session where we explore key trends, challenges and solutions from OneLogin and Dropbox, and how real estate management company Bigos Management has delivered secure and convenient access to their cloud applications to their workforce.In this session, you will learn:

    - Why Identity and Access Management is important today
    - How IAM fits into a broader cloud security program
    - How IAM aligns with File Storage and Collaboration
    - How Bigos Management has successfully leveraged OneLogin and Dropbox in their business
  • The role of the CISO is evolving - and fast. CISOs today must find innovative ways to align with the business and strategize security as a top business asset -- and those that ascend in their role will have the opportunity to play a bigger, more influential role in the years to come. In this webinar hosted by Agari, you will hear Jim Routh, Aetna CISO share real world insights into specific challenges and solutions to approach today's evolving email threats as well as key 2018 CISO research from Chris McClean, Forrester VP of Research.
  • As corporate information technology infrastructure increases in size and complexity, corporations are recognizing the need for a better mechanism for assessing IT's role and alignment to the key corporate initiatives. What began as a series of best practices has evolved into the field known as IT governance.

    IT governance is no longer just a theoretical concept, it is a fundamental business necessity, and an iterative process which requires senior management commitment over the long term in order to see results. By implementing a business risk approach to IT governance corporations can deliver immediate benefits to the entire organization.

    Join Eric Kavanagh, the Bloor Group; Paul Quanrud, TCS; Keith Breidt, BAH; and Yo Delmar, MetricStream; for this educational session as they address some of the key concepts and challenges with IT governance. They will answer as many questions as we can fit in to the 45 minute Q&A, and will provide research materials for you to takeaway.

    If you would like to attend please confirm your position below.
  • Cloud computing and DevOps are letting enterprises deploy new software faster than ever. But with development organizations focused on speed, are you achieving time to market at the expense of cyber security?

    Run time application self-protection (RASP) is a new approach to application security that enables production applications to spot and block cyber attacks from within the application itself—without recompiling and without sacrificing performance. Join the webinar to learn:

    How to enable new and legacy applications to protect themselves in as little as 10 minutes
    The four situations where RASP is the best solution
    Why Gartner says RASP is a must-have technology for bi-modal IT
  • When a popular product is launched, a high-stakes race begins between the offense and defense markets to find software vulnerabilities. More and more organizations are seeing that incenting security research with programs like bug bounties are an effective way to find vulnerabilities. Katie Moussouris, Chief Policy Officer of HackerOne, will reveal what the latest research shows and what it means for companies today.

    About the presenter:

    Katie Moussouris is the Chief Policy Officer for HackerOne, a platform provider for coordinated vulnerability response & structured bounty programs. She is a noted authority on vuln disclosure & advises lawmakers, customers, & researchers to legitimize & promote security research & help make the internet safer for everyone. Katie's earlier Microsoft work encompassed industry leading initiatives such as Microsoft's bounty programs & Microsoft Vulnerability Research. She is also a subject matter expert for the US National Body of the International Standards Organization (ISO) in vuln disclosure (29147), vuln handling processes (30111), and secure development (27034). Katie is a visiting scholar with MIT Sloan School, doing research on the vulnerability economy and exploit market. She is a New America Foundation Fellow. Katie is an ex-hacker, ex-Linux developer, and persistent disruptor. Follow her and HackerOne on Twitter http://twitter.com/k8em0 and http://twitter.com/hacker0x01
  • If Anthem, Sony, Home Depot, Target and Neiman Marcus can fall victim to security breaches, so can you. The bad news is - no company is immune, no matter how big or small you are. Without a proper understanding of zero-day threats, companies have no way of exposing the gaps of overhyped security solutions. These threats are very sophisticated and often leveraging previously unknown attack techniques and vulnerabilities.

    Join us for a compelling webcast that will highlight critical insights combating zero-day threats - including the ability to:

    • Track employee traffic at all times, in real time, irrespective of whether they are inside or outside the corporate network
    • Derive intelligent insights and meaningful data for fast corrective action
    • Avoid a strategy based on "alerting" you about infections - without any guarantees you will notice them
    • Implement a comprehensive approach to stopping zero-day threats - based on protection, (inspecting every byte of traffic and automatically blocking threats), detection and remediation
  • How confident are you that your business will bounce back and be resilient in case of a major outage? This can be even more challenging today with dispersed data centers that are a mix of physical, virtual, and cloud based.

    Join Fernando as he explains how you can confidently meet IT business continuity compliance requirements, ensure business agility while maintaining existing IT investment, and predictably meet service level agreements (SLAs) at all times.
  • Ensuring Business continuity and managing risks is becoming more and more crucial for companies heavily relying on technical infrastructure to run their business such as CRM, ERP, CMS, accounting, big data and more.

    Todays's economy cannot be conceived without the use of such systems, more and more connected and presumably accessible from everywhere.

    Data is now the key asset of any company, and needs to be protected the same way as everyone protects their assets.

    But the reality is far from this. So many companies are "saving" money by using non-redundant infrastructures, networks or servers, and often have to experience the worst scenario to start digging into Disaster Recovery, but it's already too late.

    So join Eric Sansonny as he looks at Disaster Recovery as a Service and Cloud Backups to see if the solution lies there.
  • Over 90% of targeted attacks start with email. Criminals create very convincing emails to trick your users into clicking on a link, opening an attachment, or replying with their credentials. The attack methods criminals employ with phishing emails are constantly changing and so must your email security to block these attacks before damage occurs. Learn about the newest trends in phishing email attacks and how to protect your organization.
  • Hear the latest on the most recent data breaches and cyber security topics in the news for July 2015. The best way to stay secure is to stay informed with Trend Micro experts.
  • Enterprise IT and security experts are under increasing pressure to respond to complex network changes to keep up with growing business demands. Lack of network visibility hinders the ability to deliver services and applications with the security, speed and accuracy required for today’s heterogeneous IT environments. Add to this, the demand to mitigate cyber threats by reducing attack surface and improving overall security posture.
    Together, the Tufin Orchestration Suite and Palo Alto Networks Next-Generation Firewall provide enterprises with a comprehensive application-aware Security Policy Orchestration solution. This change management and automation platform enables secure and compliant environments—from on-premise networks across hybrid cloud.
    In this session, experts from Palo Alto Networks and Tufin will show how security and network teams are already working together to achieve:
    •Automated change design and verification based on App-ID
    •Optimization of next-generation firewall policies
    •Visibility and control of complex networks—from on-premise networks across hybrid cloud environments
    •Proactive risk analysis and impact simulation
    •Unified security policy across heterogeneous platforms
    •Continuous regulatory compliance and auditability with industry standards
  • Mobile workers are demanding access to more resources from more devices, placing a growing strain on legacy access and security infrastructure. Join this webinar to learn what your network needs to be ready for looming challenges in mobile access and security. Discover:
    • Why explosive mobile growth requires you to modernize access infrastructure
    • How you can enable access for more devices, to more resource, more securely
    • How to provide comprehensive, end-to-end data protection and security for your mobile deployment
  • In this insightful and data-rich webinar Jeremiah Grossman, founder of WhiteHat Security, presents findings from WhiteHat's 2015 Website Security Statistics Report.

    The report, generated by examining vulns in more than 30,000 websites under WhiteHat’s Sentinel management, provides unique perspectives on the state of website security. Data by industry will be presented and accompanied by expert analysis and recommendations.

    Why Attend:

    -Discover the most prevalent vulnerabilities

    -Learn how many vulnerabilities are typically remediated and the average time to resolve

    -Hear why the best approach is to identify specific security metrics to improve upon

    -Take away valuable recommendations for measurable improvement within your application security programs
  • The new Microsoft Windows 10 platform is an exciting step forward from both a functionality and a security perspective. Senior Product Marketing Manager, Stephen Rose covers the new features of this operating system and what they mean to you as a way of adding additional security to your organization.
  • Your company can learn valuable lessons about risk strategy and incident response from what happened to Hacking Team, a firm that supplies surveillance tools to government agencies. Widely accused of helping governments spy on dissidents and journalists, Hacking Team found itself hacked with embarrassing, possibly damaging results. ESET senior security researcher Stephen Cobb explains the missteps made and the lessons to be learned during this webinar.

    Key takeaways:
    •How Hacking Team’s mistakes mirrored those made by Sony
    •How employees’ weak passwords helped facilitate the breach
    •How transparency would have helped Hacking Team’s credibility
    •Why every company must review what might be exposed in a breach
  • The next disaster is right around the corner. Whether in the form of a hurricane, flood, tornado, or over-eager cable cutter, events outside your control can impact your business. Planning ahead now will minimize any negative effects and keep your business protected. Join this session to hear practical advice to keep your business running when disaster strikes.