Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?
Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!
Guests: Mary Chaney, Attorney At Law, The Law Offices of Mary N. Chaney, P.L.L.C.
Threat Intelligence and Forensics Expert, Founder of Horton Technologies, LLC
Hosted by Jessica Gulick, VP of the Women's Society of Cyberjutsu
About the Speaker:
Mary N. Chaney, Esq., CISSP, has 20+ years of experience within the fields of Law, Information Security, Privacy and Risk Management. She graduated from Xavier University in Cincinnati, Ohio with her B.S.B.A in Information Systems and received her J.D. degree from Thurgood Marshall School of Law. She spent several years practicing law in Washington, DC focusing primarily on anti-trust and intellectual property rights infringement cases. She then transitioned to serve by becoming a Special Agent for the FBI where she investigated cybercrime as their Information Systems Security Officer.
Ms. Chaney obtained her Certified Information Systems Security Professional (CISSP) certification in 2008. She has held senior level information security roles with Comcast, Johnson & Johnson and GE Capital. As an adjunct professor with the University of Cincinnati, she assisted with the establishment of their Cybersecurity Certificate program.
Currently, Ms. Chaney practices cyber security law for her own firm, The Law Offices of Mary N. Chaney, P.L.L.C. where she specializes in helping the CIO, CISO and General Counsel understand each other to legally protect the enterprise from cyber security risk.
The EU General Data Protection Regulation (GDPR) deadline of May 2018 is fast approaching! In the midst of preparing for the new regulation, it is equally important to understand how to provide visibility into endpoint data generated by your knowledge workers, and how to protect it.
In this live webinar, Code42’s Josh Evans, product manager, and Abhik Mitra, product marketing manager, will discuss how Code42 addresses the endpoint gap and enables your GDPR strategy.
Most security information and event management (SIEM) customers are struggling to achieve meaningful success a year or more after initial deployment. This is especially true with mid-market companies, where shrinking IT security budgets and shortage of skilled cyber security resources have forced them to reconsider investing in a SIEM, and seriously look at managed security services options.
Before CIOs/CISOs take a leap of faith into any kind of managed security service, they want to be able to measure ROI with an outsourced managed solution, as opposed to managing their own SIEM. In this webinar, hear from security experts on:
- What does it take to build and manage your own SIEM in-house?
- What security SIEM blind spots can you avoid with a managed security service?
- How do you determine ROI of a managed service as compared to a SIEM?
In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. It can clearly outline who’s in charge, what resources are available, and what options there are for detection and containment. Having a documented, tested process brings order to chaotic situations and keeps everyone focused on solving urgent issues.
So, how can you test your incident response plan and ensure your team is ready to handle the next breach?
Join our incident response experts for a 45-minute presentation plus Q&A to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.
What you’ll learn:
• Proper taxonomy for writing an incident response plan
• Recommendations for developing and building in cyber exercises
• How to use your knowledge management system to keep plans agile
• Avoiding scope creep and identifying likely scenarios to test
About the Speakers:
Stephanie Ewing is a Solutions Expert with Delta Risk. She has 17 years of experience in information technology and information security leadership. Prior to joining Delta Risk, she spent several years working with leaders of critical infrastructure organizations across the nation to improve their security programs. Through workshops, training classes, and tabletop exercises, Stephanie has worked to educate executive level leadership and elected officials on security threats and risk management strategies.
Ryan Clancy is a Senior Associate for Security Operations Services with Delta Risk. He has more than 15 years of experience in the IT and cyber security domain providing consulting services, hunt operations, threat intelligence, cyber exercises, enterprise defense assessments, and training in defensive and offensive network security operations.
Daily reports of attacks and breaches, from servers, PCs and data centers to IoT systems, mean that developers and OEMs must embed security at the foundation of their systems and ecosystem. This new webcast with long-time TPM and Trusted Software Stack expert Lee Wilson, OnBoard Security, and Philip Tricca, Intel Corporation, will review the key attributes of the TPM and how the new TCG TSS can be used for bottoms-up defense using a trust chain and improving overall platform security.
Attendees will learn about the changes to TSS to make use much easier and more efficient, how to start developing applications and resources. Use cases including key storage and software measurement will be addressed along with strong device identity and authentication. Using the TPM and TSS for health monitoring also will be discussed.
Wilson is business development engineer at OnBoard Security, where he is responsible for technical support and business development of OnBoard Security's TCG Software Stack 2.0 (TrustSentry 2.0) and OnBoard Security's post-quantum cryptography (NTRU and pqNTRUsign).
Prior to joining OnBoard Security, Lee had a 35 year career with IBM. He currently chairs the Trusted Software Stack and Virtualized Platform Work Groups for Trusted Computing Group. Lee earned his BSEE work at Northwestern University and his MSEE work at Syracuse University and has been awarded TCG’s Key Contributor Award.
Tricca is a software architect and engineer working in Intel’s platform security division. His career began with a 7-year stint in a U.S. Air Force research lab working with open source Linux security technology including mandatory access control systems like SELinux and measured boot using the TPM 1.2 devices. Most recently Philip has found his way to Intel where his current responsibilities include transforming Intel’s open source implementation of the TPM2 Software Stack (TSS2) from proof of concept to a vibrant and sustainable OSS project.
The volume and frequency of cyber-attacks makes it impossible for security analysts to use manual threat analysis to keep up with a rapidly changing threat landscape.
Innovations in artificial intelligence (AI) now make it possible to automate mundane security operations, and provide security analysts with access to large data sets. The benefits are significant: analyst time is freed-up, and they have access to better information enabling smarter, faster decisions about how to continually improve the security posture of their organization.
Join this Q&A panel on how AI can help improve your organization's overall security.
- Chris Roberts, Chief Security Architect, Acalvio
- Chris Morales, Head of Security Analytics, Vectra
- Vikram Kapoor, Co-Founder and CTO, Lacework
- Willy Leichter, Vice President of Marketing, Virsec
May 25th, 2018, the day that Europe’s General Data Protection Regulations (GDPR) comes into effect, is fast approaching. Many US companies are behind the curve in determining whether and how GDPR applies to them and figuring out what to do about it.
Paul-Johan Jean, a GDPR legal consultant at Sphaerist Advisory, works with US companies to cut through the ambiguity and paralysis and get ready. Tune in on 2/15 at 1 PM EST to learn from this GDPR expert on how to:
-Dispel myths around the new regulation
-Take a practical, manageable and cost-effective approach to dealing with GDPR
-Identify resources that can help you comply with various requirements, such as record keeping or data breach notification
The reality is that Consumer Identity and Access Management and the Internet of Things are fostering unprecedented change. The scale and types of devices and digital identities are increasing at a significant pace, driving huge security and performance concerns. These concerns have many companies asking:
• How are potential risks being monitored and secured?
• How are users and devices being managed?
• How are directory services being configured?
Learn to address these challenges, while shaping a more secure and cost-effective infrastructure.
Join CA Technologies gurus Clayton Donley, SVP, Software Engineering, Security and Rob Lindberg, Sr Principal Product Manager, CA Directory to explore alternatives and recommendations. You'll also be able to compare performance results of leading next-gen directory services, tested and compiled by an independent, third-party.
Chances are, your organization has made a move to the cloud. In fact, most enterprises run approx. 45% of their applications and infrastructure in the cloud with that number sure to increase in the next 12 months. But as you relocate more into the cloud, what’s your strategy? What are you moving? What benefit are you seeking? Different businesses have different goals and objectives. Join F5 and (ISC)2 on February 15, 2018 at 1:00PM Eastern for a discussion on the continuing evolution of cloud migration and how organizations should prepare, strategize and execute their cloud journey while addressing operational needs, security concerns and the options that cloud-based services can bring.
It’s not an illusion. The increase in cloud app adoption has increased the exposure to your most sensitive data. Our Shadow Data Report covers the key trends and challenges to consider so you can deal with the risks head-on and still maintain the benefits of moving to the cloud.
Register for this webcast for insights on the top 5 threats from the report to consider as well as:
•The hidden signs of looming data breaches and where to look for them
•What kind of risky employee activity could expose your most sensitive data
•Whether file sharing, email and social or a combination change your exploitation risks
Modern businesses are being transformed into digital businesses. To do so, IT is being re-imagined to span hybrid infrastructures; including multiple data centers, co-location facilities and cloud service providers. This hybrid approach has many benefits including cost savings, but can increase the overall difficulty in supporting such environments to deliver a predictable level of IT services. We’ll discuss one methodology designed to assess your current risk profile and spot vulnerabilities.
In our uncertain regulatory climate, it’s essential for compliance to remain flexible. One way to achieve this is by implementing a harmonized controls framework. In this webinar, Lockpath and Unified Compliance will explore the growing need for harmonized controls and how this type of controls framework can bring agility to compliance--a necessity in a time of regulatory uncertainty.
Attendees will learn:
• The concept and reasons for using a single controls framework
• How one organization quickly addressed updated regulatory guidance using a harmonized controls framework
• How to achieve compliance agility with harmonized controls and an integrated risk management platform
Before an organization can benefit from a self-service data environment to reduce time to insight, an essential first step is to catalog your data so that business users can discover what’s important to them. Seamlessly wrapping other self-service data tools around a comprehensive data catalog is the remainder of the journey to faster business insights.
This webinar will discuss approaches that enable self-service data for analytics, from discovery to insight, including making the most from a data lake and standing up new data processing pipelines for achieving business success.
DevOps organizations are increasing turning to container environments to meet the demand for faster, more agile software delivery. Container orchestration presents the most effective way to manage the operational challenges as these production environments scale. However, large-scale container deployments present a new array of security challenges, including how to properly manage open source security risk. A 2017 451 research report recently identified security as the single biggest hurdle to container adoption.
The challenges of managing security risk increase in scope and complexity with the size of your deployment and the number of open source software components that are a part of your application code base. In 2017, dozens of new CVEs were reported every day, making it essential to have good visibility into and control over the open source in use in order to understand if any known vulnerabilities are present.
Join experts from Red Hat and Black Duck as they share the latest insights and recommendations for securing open source in your containers. You’ll learn:
- The role of containers in addressing some of the problems faced by teams moving to DevOps
- How OpenShift enhances that solution by answering questions of networking, image registries, deployment automation, application lifecycle, etc.
- Why container environments present new application security challenges, including those posed by open source
- How to scan applications running in containers to identify open source and map against known vulnerabilities
- Best practices and methodologies for deploying secure containers with trust
In anticipation of the 2018 GDPR implementation date, EY will host a live webinar focusing on immediate actions to take and building a long-term privacy strategy post May 2018.
The webinar will be moderated by EY's Steve Holt, EMEIA Financial Services Cybersecurity Leader, who will be joined by the below three panelists. The panelists will be asked to contribute their views on the EU and non-EU impacts of GDPR for the financial services sector.
•Torrin Stafford, Head of Data Privacy and Records Management, Lloyds Banking Group
•Tony de Bos, Partner, EMEIA Financial Services Data Protection and Privacy Leader, EY
•John Doherty, Partner, Americas Financial Services Data Privacy Leader, EY
Topics for discussion will include:
•Demonstrating compliance: the key GDPR program focus areas over the next few months
•Defining and managing your risk exposure: what is your organizations risk reduction journey up to and post the May 2018 deadline
•Compliance to business benefit: leveraging your GDPR strategy for commercial and business benefits
A snapshot demonstration of the process required to set up and view persistent highlight terms within CloudNine to ensure important terms are always highlighted during review, regardless of search criteria.
Failing to spot highly relevant, hot or privilege terms during document review can lead to important documents being missed or inadvertent disclosure of privileged information. Persistent highlighting enables these important terms to be always highlighted – regardless of search criteria – enabling them to be more easily spotted during review, which improves the quality of the review process.
Training Snapshot Presenter: Brian Kelley
Brian is the Director of Customer Success for CloudNine. At CloudNine, Brian manages training, support and customer success efforts for CloudNine's Software-as-a-Service (SaaS) eDiscovery clients. Brian has extensive experience providing legal technology consulting and technical support services to numerous commercial and government clients ranging from multinationals corporations and large law firms to litigation support providers and governmental agencies.
Cyber Thursday is a regular monthly broadcast video which provides an update on the latest development in the field of Cyber Security. Every second Thursday of the month the programme will feature a number of contributors and panellists from both within Palo Alto Networks and third party thought leaders from the Security Industry.
This first edition will focus on Next Generation EndPoint Security Solutions and the challenges that organisations face when a breach occurs. Among the things we will discuss are:
- what we mean by endpoint
- how come attacks go through despite all measures
- what happens after a breach
- what are the big challenges in endpoint protection and any specific to EMEA
- what are the changes coming up
- the big threat of ransomware
What are some of the key challenges that organisations face when adopting a Data as a Service (DaaS) approach?
How can Privacy Engineering help?
Here you can find a short video interview with David Roberts, Technical Sales at Privitar, in which he talks about some of the challenges of adopting a Data as a Service (DaaS) approach, and how best to overcome them.
How can telecoms innovate with data and at the same time ensure the privacy of their customers' sensitive information?
The vast quantities of customer data held by telecoms companies present a largely untapped opportunity for business intelligence, but how can telecoms innovate with data whilst ensuring the privacy of their customers' sensitive information?
Watch this short video of Privitar Senior Account Director for Telecommunications, James Kenney, in which he talks about the privacy challenges facing telecoms companies today.
It’s time to protect your users from threats that easily bypass antivirus.
Join us for a live webinar on endpoint security
•What hidden costs traditional AV imposes on your organization
•How to determine the true value of any endpoint security solution
•Which five capabilities are critical to protect your users, systems and endpoints
•How Traps v3.4 prevents security breaches in your organization – without traditional AV.
SSHing into a container for troubleshooting or burdening it with additional monitoring tools is kind of an anti-pattern. But… you still want to have full control, traceability and visibility right? Containers are highly volatile, how can you do this if your container doesn’t exist anymore?
Sysdig uses Linux tracepoints to collect and then process and filter kernel system calls and events. Still this requires a deep knowledge on a tcpdump like filtering syntax and understanding on the syscalls involved. Sysdig Inspect makes our deep dive into system calls much more intuitive and visual though a graphical user interface that allows to correlate high level activities like containers, processes, containers, network or file I/O and commands, events or logs.
In this webinar series you will get to know how Sysdig and Sysdig inspect works through a series of practical examples:
-Exploration and performance analysis of container, processes, network and file activity on a typical Wordpress setup
-Debug a 502 HTTP error on a load-balanced Python app with HAproxy
-Troubleshoot a Kubernetes CrashLoopBackOff error
Who should attend?
If you're managing containers in production, using containers for development or just beginning our container exploration, you'll want to attend to understand the challenges of troubleshooting system or application errors when running inside containers.
HITRUST Alliance is a not-for-profit organization that offers a security framework and training courses, helping cloud experts achieve compliance with legal mandates. While it's voluntary, being HITRUST certified can help you safeguard sensitive information and manage risk across the supply chain.
In this webinar learn more about HITRUST and how it is likely to impact your organization.
Most of us want to have better meetings with senior executives. Meetings that feel like conversations, not pitches. Meetings that build deeper relationships. Meetings that uncover more ways in which they can help their customers. Behind closed doors, when I ask what's holding people back, many will tell me things like, "I don't feel comfortable," "I have nothing to offer to them,"" or "I'm not at their level." Selling to Senior level executives can be difficult, and getting a first meeting can be a real challenge. But, in our experience, the most difficult part is not getting the first meeting. It's getting the second one. Or the third one. This webinar explores the ways that you can get to that second and third meeting
Join (ISC)² EMEA and PhishMe for a look back at 2017’s threats and a look ahead. We’ll provide an overview of what PhishMe's Intelligence team uncovered, discuss trends in phishing-delivered malware, and analyse how various delivery vectors evolved.
Some of the trends we’ll discuss:
•The implications of last year’s major global cyber-events, such as WannaCry and NotPetya
•The emergence of new ransomware families
•The abuse of legitimate functions built into business-critical software platforms to deliver malware
•The favouring of modularity and plug-in accompaniments to lightweight botnet and stealer malwares
•New ways cyber-criminals are obtaining cryptocurrency
Cyber-crime won’t slow down. Take this opportunity to learn from the recent past as you deal with current threats and prepare for whatever’s next.
In many ways, having your Data Protection Policy in place is not necessarily the last mile, but the first. In order to be fully GDPR-compliant, you need to understand where all of your information is, where your privacy data lives and how it’s being secured.
Join Tom Mighell, VP of Delivery Services at Contoural as he discusses the roadmap you need to follow to achieve full compliance before the May 25th deadline.
Topics will include:
• Strategies to execute your policy
• How to train everyone in your organization to be aware of privacy requirements
• Appointing a Data Protection Officer to manage your privacy program for your organization
• Steps your organization needs to take now to be ready
A lot has been written recently about Agile expansion. That might sound scary when you are still new to Agile and might only have a few teams onboard. However, it is still important to start thinking about how you envision Scaling Agile and incorporating your business strategy.
Industry expert and ProjectManagement.com SME Andy Jordan believes that even for someone who is early in their agile adoption, it is essential to understand the concept of business agility.
Join Andy for this high energy, thought provoking webinar to learn:
-Why business agility matters and why you need to care about it
-The role of strategic agile models in supporting your agile success
-The importance of broadening Agile across multiple departments
In today’s business world every organization has to be able to react quickly and with minimal disruption to the inevitable changes they face. Business agility maximizes your ability to do that. Start improving things right now by signing up for this webinar.
Join this conversation between Primitive Logic’s technology solutions experts and Latham & Watkins’ Privacy and Data Protection legal expert to understand GDPR key points and technical solutions to help your GDPR readiness.
- What steps do you have to take to address the expanded definition of Personal Data?
- Consent Management Considerations
- What do the Privacy Rights given to data subjects mean for your digital data governance solutions?
Day 1 of 3 day series:
Day 1 – Overview of key concepts with legal and technical discussion of suggested actions
~ Day 2 – Focus on Privacy side of GDPR from a technology perspective
~ Day 3 – Focus on Security side of GDPR from a technology perspective
Jill P. Reber, Primitive Logic CEO
Kevin Moos, Primitive Logic President
Michael Rubin, Latham & Watkins Partner – Privacy and Data Protection
Email remains the biggest entry point into your healthcare organization, and with medical records at least 10X as valuable as credit cards, potential payoffs are high. Security threats are real and debilitating – they can even affect patient care – and they aren’t going away anytime soon. Join us for Anatomy of an Email-Borne Attack where we'll paint the current healthcare threat landscape for attacks and demonstrate an actual live “hack.”
In this webinar, Guardian Analytics Fraud experts will describe Same Day ACH BEC fraud scheme and explain how Guardian Analytics' machine learning and behavioral analytics patented technology can help you combat ACH social engineered fraud scheme.
The Same Day ACH Fraud detection is part of a four-part ACH webinar series that includes:
- ACH Kiting Fraud
- ACH Small Transactions Fraud
- ACH Payroll Fraud
- Same Day ACH BEC Fraud
As we’re all aware, GDPR will be enforced starting May 25th, 2018 and organizations should understand which aspects of its preparations will be in place before the deadline.
Much like other technological shifts of the last decade —GDPR will change the way our organization handles personal data. GDPR will require organizations to implement specific, defined controls over the handling of collected personal data, with the primary objective of streamlining data security regulations and bolstering data protection in the face of a fast-evolving technology landscape.
Join this webinar with guest speaker Tim Hill, Director of Product Management and Strategy from Centrify, as he discusses best practices around frameworks and architectures needed to ensure better business process and data management.
Tim will also cover how organizations with a strong IAM strategy in place are more likely to provide better notification and more openness if and when data has been compromised.
Register for this webinar and learn:
- Key elements to consider as the deadline for GDPR approaches
- How a strong IAM strategy enables organizations to quickly identify whose data they are responsible for and where its stored.
- How Centrify’s Zero Trust approach to IAM can help you prepare for GDPR’s underlying policy goals.
Just three months remain before companies that process the personal data of those within the EU must be in compliance with the General Data Protection Regulation (GDPR). Yet, there are often still outstanding questions around some of the key changes that will go into place and their impact on various parts of an organization. This webinar will highlight 10 key considerations that need to be made for controlling how data is accessed, stored, kept up to date, transferred and deleted. It will also breakdown four key steps to take to assure that you are on your way to meeting the necessary requirements.
Join the GDPR Dream Team as they discuss:
- What GDPR is and who it applies to
- How to assess the level of exposure your company has to this regulation
- Understanding the new rights of data owners and what you need to be prepared for
- How to ensure you put the right processes and technology in place to stay compliant
The General Data Protection Regulation (GDPR), a key legislation covering privacy rights, data security, data control, and governance, is going into effect in May 2018. As organizations are scrambling to achieve GDPR compliance before the May 25th deadline, some are still not clear on the exact GDPR requirements.
Join this panel of experts as they discuss:
- The regulatory landscape in 2018
- What GDPR means for you and your organization
- GDPR requirements around data collection and governance, exposure and breach disclosure, identity and privacy
- Evaluating your cyber risk
- Last minute changes your organization needs to make
- Failure to comply & fines
- Recommendations for achieving compliance and other regulation on the horizon.
- Michelle Dennedy, VP & Chief Privacy Officer at Cisco
- Ariel Silverstone, Managing Partner, Data Protectors
- Paul Rosenzweig, Principal at Red Branch Consulting
On May 25 the long-awaited General Data Protection Regulation (GDPR) will go into effect across Europe. GDPR is the biggest overhaul of data protection laws in more than two decades. How prepared is your organization for GDPR?
Join this interactive panel of experts as they discuss:
- What is GDPR?
- Why should you be GDPR-compliant?
- How to achieve compliance?
- Steps your organization should take today to prepare for GDPR
- Other GDPR considerations
- Amar Singh, Founder, Cyber Management Alliance
- Guy Cohen, Strategy and Policy Lead, Privitar
- Punit Bhatia, Author of "Be Ready for GDPR"
By now, you’re probably well into the implementation of policies and governance to ensure your organization is GDPR-compliant. Nevertheless, you may still be questioning whether there is a database, process or function within your department that hasn’t been through the full rigor of your compliancy program.
Join our live webinar as a sanity check against best practice and real-life examples whether:
- All sources of applicable data have been identified and risk-assessed you have created a comprehensive policy framework and guidance
- Functional departments understand their risks and taken the correct steps to mitigate
- Have sufficient transparency in place
- Know which third parties are holding data on your behalf
- Learn the required ongoing governance and testing of your compliance processes
We'll cover 'Cryptocurrency Related Attacks' for this month's theme. In doing so, we'll provide insight as seen by our investigators and analysts. For the 'Insight' portion, Adam Harrison will provide a 2018 Data Breach Digest pre-release 'sneak peek' on a Cryptocurrency-Mining Malware scenario. For the 'Today's Risk' portion, we'll feature Roy Porter who'll provide an in-depth look into cryptocurrency-related attacks as seen in our caseload and on the DarkNet and internet.
This will be followed by our regularly scheduled programming:
If asked, “What’s our risk of a DDoS attack?”… Would you be able to answer with confidence? With all the attention given to ransomware, it’s easy to forget about availability protection. But the data is clear. DDoS attacks are increasing in frequency and complexity. And if not adequately prepared, the impact of a DDoS attack can be quite significant. To help you more accurately assess your risk of DDoS attacks, join Rob Ayoub, IDC Research Director and Tom Bienkowski, Arbor Networks Director of Product Marketing to learn about the latest trends in DDoS attacks and more importantly best practices in protection.
In many ways, creating your GDPR Data Protection Policy is the easy part. As the May deadline approaches, the real work begins on finding all your Privacy Data not only in databases but also GDPR content scattered across file shares, desktops and other storage repositories around the world.
In this Webcast, Contoural experts Greg Forest and Tom Mighell will discuss:
• Real-world strategies and processes for identifying, classifying and securing large amounts of not only unstructured GDPR data
• Addressing semi-structured content
• Applying automation
• Creating an ongoing process
According to Gartner, the application layer contains 90% of all vulnerabilities. This is why you cannot let potential system flaws or weaknesses in your application be exploited to compromise the security of your organization’s most critical assets. Learn about the methods and solutions attackers typically rely on to perform application vulnerability discovery and compromise.
Join this 20-minute webinar to see how Veracode can help your security and development teams identify and remove the vulnerabilities and flaws that can put your organization at risk. Recognized as a Gartner Magic Quadrant Leader since 2010, Veracode provides on-demand application vulnerability testing to detect and offer solutions for vulnerabilities and other security issues.
The healthcare industry is adopting technologies that give care providers rapid access to sensitive patient information, when and where they need it. While productivity is enhanced with cloud computing, mobility, “BYOD” unmanaged personal devices, and hosted SaaS apps like Office 365, the CISO is concerned with resolving the inherent risk these technologies bring with them.
For the CISO, it’s important to look at everything, assess risk the right way, and have a practical mitigation plan to address issues that could lead to data loss or breaches, ransomware and other threats.
In this webinar led by Mitchell Parker, Executive Director of Information Security and Compliance (CISO) at Indiana University Health and Salim Hafid, Product Marketing Manager at Bitglass, you’ll learn how to resolve the risk of cloud applications and access via unmanaged devices, and how to apply appropriate controls that enable patient care in a seamless and secure manner.
Our experts will talk about the issues everyone is struggling with, and how cloud security is evolving to address them.
Dr. Raj Aggarwal is back to address an important topic on the alignment of internal audit and the board. As a board member, Dr. Aggarwal gets to see both sides, internal audit interaction with the board, and the board expectations of the internal audit function.
Dr. Aggarwal will expand on the recent article of Board Matters in IIA’s Internal Auditor magazine and share his experiences related to the exchanges of the board and the internal audit.
This webinar is designed not only for the CAEs but all members of the internal audit function and the Board of Directors for both private and public companies.