Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.
Dr. Branden Williams; Smrithi Konanur, HPE Security; Kevin Eberman, Mineraltree; Asma Zubair, WhiteHat Security
In today’s digital landscape, it’s much easier for criminals to access sensitive payment card data, not only gaining direct access to a consumer’s available funds, but also their personal identity. With cyber attacks becoming much more advanced, the PCI DSS standard has been forced to adapt to address these new threats.
However, PCI compliance is something that any organization can successfully achieve. The requirements of PCI DSS are clear, but it takes work to accomplish compliance across an organization. On this webinar our panel will discuss some best practices, and solutions that provides your business with an easy, cost effective and highly automated way to achieve compliance with PCI DSS in 2017.
Struggling to manage time, cost and resources across your business applications? Are you missing real-time critical information to make the right investment decisions at the right time? Then join us as we hear how industry practitioners standardize, manage and capture execution of their projects, resources and operational activities.
Examine best practices by your peers who are using HPE Project and Portfolio Management to provide the business both visibility and data consolidation as they govern and collaborate across application projects and portfolio. Learn how they have differentiated their application delivery through speed and agility, while at the same time reducing costs for quality IT operations.
Explore out-of-the-box methods for tracking project time, cost and resources
Learn easy ways to establish standardization for your HPE PPM environment
Hear customer-proven methods for project governance and collaboration through HPE PPM
Growing exposure to IT risks has made organizations across industries volatile. Recent IT vendor incidents like data and security beaches, violation of privacy guidelines, which caused substantial fines, penalties, brand value, highlight that IT vendor risks are business risks and require focus from the leadership. An immature ITVRM programs limits the insights which are necessary for strengthening vendor relationships and building a robust ERM program. Rather than treating each risk in isolation, organizations need to have an integrated approach to manage risks holistically and in line with their business operations and objectives. With the growing dependency on IT and IT vendors, organizations need to align enterprise and IT VRM objectives to build a resilient framework suitable for today’s environment.
During the session, panelists will discuss how organizations can strengthen vendor management in the current landscape and improve business performance.
- Causes of Vendor Risks incidents and the impact on the enterprise
- Best approach to align IT vendor risk to enterprise risk
- Building mature VRM Program
- Role of technology in integrating Vendor risk to Enterprise risk management
Cyber space is composed of, and dependent on, supply chains. Our hardware and software are created in multiple locations by a multitude of suppliers and vendors. A single PC board may contain chips from many different nations, each with their own companies and manufacturing plant. Software is highly dependent on updates, which we receive mostly automatically and is directly incorporated in the software we depend on daily.
We, as a society are getting more skilled at protecting our technology from cyber-attack by hardening our network perimeters, improving anti-virus/malware tools and encrypting everything we can. The one thing we DO NOT do is evaluate what our cyber supply chain(s) are. We understand their importance to our daily tasks, to our lifestyles, and to our incomes. We need to looking into what our supply chains really are, understand their functionality and investigate ways to begin protecting them.
• Understand the basic nature of cyber supply chains
• Gain insight into cyber supply chain vulnerabilities
• Learn how to begin protecting our cyber supply chains
Curtis KS Levinson
VP Strategic Cyberspace Science, US Cyber Defence Advisor to NATO
Organizations are suffering from volatility across all risk types, and in every organization, there are a multitude of applications and devices with threats and vulnerabilities. Every process, function and system has certain risks and compliance requirements, and senior management are being pressured to improve enterprise risk management capabilities.
An organization’s enterprise risk management (ERM) program can be a powerful management tool for achieving strategic and operational objectives, but it can be difficult to maintain and grow over time. If an ERM program is not moving forward it stagnates, so executives need to implement a program that evolves with the times. Implementation has its challenges but there are a range of responses that can be effective for each ERM program challenge. In this webinar our experts discuss these responses and address some of the ways to implement an evolving GRC program that gets boardroom backing.
Every company has sensitive and confidential data. it's important that we maintain data security and compliance within our retail teams and handle that data properly. It's equally important to prevent malware from infecting servers and computers and to protect the information and data coming into your organization.
Learn how to ensure privacy and security of sensitive production data by managing devices and channels within and outside your organization.
Privacy vs. security, security vs. privacy… the debate is ongoing. Why can’t we have both? Good news: by leveraging the appropriate mix of policies, procedures and enabling technologies, it is possible to secure data AND control access to it in a way that ensures proper application of privacy policies.
After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.
While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.