Hi [[ session.user.profile.firstName ]]
Sort by:
    • Vendor Management Best Practices: Is Your Program Up to Par?
      Vendor Management Best Practices: Is Your Program Up to Par? Scott Roller, former head of vendor management, Citigroup Recorded: Aug 12 2015 6:00 pm UTC 60 mins
    • Among the top challenges lenders face today is the need to meet higher expectations set by the OCC and the Federal Reserve governing the use of third-party vendors. While the guidelines were released over a year ago, there is still confusion about what institutions should be doing.

      One thing, however, is certain. Effective vendor management takes resources, and many institutions are finding it necessary to add staff and/or technology to help with the cause, particularly smaller institutions. The regulators have made it clear, vendor management is not just a one-time assessment, but is an ongoing process, and monitoring vendors long term is as important as the initial due diligence.

      EDR is pleased to host a webinar on this timely topic on Wednesday, August 12, 2015 at 2:00 p.m. EST. Scott Roller, former head of vendor management at Citigroup, will provide clarity on the new regulations and help break down regulator expectations into easy-to-understand terms. Roller will explore key dimensions that attendees can use as the foundation for building out their own robust vendor management oversight program, from initial vendor risk classification all the way through ensuring adequate executive engagement in vendor management.

      Attendees will learn best practices for satisfying regulators with this educational workshop, including answers to the following:
      • What does the latest regulatory guidance on vendor management require?
      • What are the biggest headaches banks are facing in complying with them?
      • What advice is recommended for smaller banks struggling with limited manpower/resources?
      • What are bank examiners looking for during audits?
      • What are the latest best practices for policies and procedures?
      • How are banks coping with the need to track and monitor vendors?
      • What are the most common shortcomings that audits reveal?

      Attendees will also receive a free copy of a white paper on vendor oversight and the cost of compliance.

      Read more >
    • The Silent Killer: How Third-Party Vendor Risk Threatens Everyone
      The Silent Killer: How Third-Party Vendor Risk Threatens Everyone Mike Baukes, CEO, UpGuard Recorded: Oct 11 2017 5:00 pm UTC 44 mins
    • Enterprises are becoming increasingly cognizant of the massive business risk posed by incidents of cyber attacks resulting in data breaches. Less well-known, and perhaps more potent a threat, is the danger posed by third-party vendors entrusted with sensitive data in the course of a business partnership. While an enterprise can have the best and most resilient internal IT practices, there are no such guarantees their external partners will take the same care. The consequences can be enormous.

      The UpGuard Cyber Risk Team has made it its mission to find data exposures where they exist, aiding in securing them against malicious use and raising public awareness about the issues driving cyber risk today. In this talk, UpGuard CEO Mike Baukes will discuss how third-party vendor risk has proven a potent and pervasive threat in the digital landscape of 2017, as illustrated by a newly discovered third-party vendor data exposure case involving the leaking of sensitive data from major transnational corporations.

      Learn how you can mitigate such third-party vendor risk and begin to evaluate and enforce your business partners’ cyber resilience against such threats.

      Read more >
    • Are Your Third Party Vendors Creating Uninvited Cyber Risk?
      Are Your Third Party Vendors Creating Uninvited Cyber Risk? Greg Pollock, VP of Product at UpGuard Recorded: Aug 10 2017 5:00 pm UTC 36 mins
    • Many of the largest and most well known breaches are cases of third party information exposure.

      One of the largest leaks of all time was discovered when an RNC vendor, Data Root Analytics, exposed 198 million voter records, including personal details, voter information, and predictively modeled attributes such as race and religion.

      Outsourced information work is crucial for organizations to scale and remain competitive, but it should be done with careful forethought to the risks the company faces should that information be compromised.

      In this webinar you will learn:

      - Why cybersecurity is dead
      - How to mitigate cyber risk in a cost effective way
      - How vendor risk becomes your risk
      - Steps to become cyber resilient
      - How to measure success on your path towards cyber resilience

      Read more >
    • How To Prevent Data Breaches From Your Unknown 3rd & 4th Party Vendors
      How To Prevent Data Breaches From Your Unknown 3rd & 4th Party Vendors Bennett Morrison, VP of Product and Nikon Rasumov, Director of Product Recorded: Mar 10 2016 6:05 pm UTC 17 mins
    • Sometimes your biggest security challenge is the vendors who are unknown to the risk management team.

      Traditionally, in order to determine vendors an enterprise is engaged with, it required working with procurement and surveying various departments and individuals.

      It’s a time-consuming process that is prone to errors, oversights, and doesn’t account for the many “shadow” vendor relationships that may exist. Even when the vendor is known, in order to determine their level of security you had to use questionnaires or ask them to install intrusive software on each one of their computers. These methods don’t provide accurate visibility into the vulnerabilities across your entire business ecosystem, are expensive, and labor intensive.

      In this 30 minute webinar, Bennett Morrison, VP of Product and Nikon Rasumov, Director of Product, introduces Automatic Vendor Detection (AVD™), a SecurityScorecard module that discovers vendors and their security posture throughout an organization's business ecosystem.

      You will learn how:

      + Third and fourth party vendor weaknesses are exploited to obtain your organizational data

      + Challenges of determining your third and fourth party relationships throughout an enterprise

      + Standard vendor identification methods fail to provide an accurate ongoing assessment of third and fourth party risk

      + Leveraging AVD will uncover risks previously unknown to the risk management team

      + AVD automatically detects and determines vendors part of your business ecosystem

      Read more >
    • How to Mitigate Cyber Risk with Efficient Vendor Risk Management
      How to Mitigate Cyber Risk with Efficient Vendor Risk Management Kevin Roden and Julia Grunewald Recorded: Feb 22 2017 6:00 pm UTC 42 mins
    • Over the past few years, outsourcing business functions to vendors has been on the rise. In fact, there are more third-party relationships today than ever before. However, as the number of supplier relationships grows, so grows the amount of risk those suppliers pose. And in today’s hyper-connected landscape, cyber risk has taken center stage when it comes to vendor risk.

      Join former CIO, Kevin Roden, and BitSight’s Senior Customer Success Manager, Julia Grunewald, on Wednesday, February 22nd at 1pm ET, as they discuss traditional and emerging vendor risk management (VRM) tactics.

      In this webinar you’ll learn:
      - How VRM has traditionally been handled
      - Why traditional strategies alone aren’t enough
      - Advice on how to effectively and efficiently mitigate cyber risk

      Read more >
    • 5 Steps to Stronger Vendor Security and Reduced Supply Chain Risk
      5 Steps to Stronger Vendor Security and Reduced Supply Chain Risk Ishan Girdar [CEO, Privva] + Mitch Greenfield [Supply Chain Security Expert] Recorded: Nov 1 2016 5:00 pm UTC 38 mins
    • Third party vendors and digitally connected supply chains provide significant operational and cost efficiencies. But they also expose businesses to significant data security risk as sensitive data leaves your protected network. A recent report revealed more than 60% of all data breaches were from third-party vendors.

      In this webinar, supply-chain security expert Mitch Greenfield will walk you through a 5-step process to reduce your supply chain risk, improve vendor compliance, and make informed decisions about your vendor network. Learn how to:

      - Ask the right questions when assessing supplier risk
      - Manage and securely distribute vendor risk assessments
      - Automate vendor risk scoring to eliminate human error
      - Create reports to meet compliance and stakeholder requirements (CISO, C-Suite, Board, Auditor)
      - Schedule periodic re-assessment based on a vendor's risk profile and criticality to the business

      Read more >
    • Tips and Tricks For Tackling Vendor Risk
      Tips and Tricks For Tackling Vendor Risk Andrew Calo, Manager of Technology Risk Recorded: Aug 11 2016 3:00 pm UTC 48 mins
    • With so many moving parts pushing an organization forward, companies today must know who has access to their data—making vendor risk management (VRM) a critical business practice. Unfortunately, not all organizations have the resources to staff full-time vendor risk managers. Security professionals now must wear multiple hats in order to reduce operating risk for their organizations. Even if vendor risk management isn’t a primary focus, there are techniques and tools security professionals can implement to make it an efficient and valuable process for your company.

      In this webinar, join Andrew Calo, Manager of Technology Risk at BitSight as he offers tips and techniques to efficiently manage and assess vendor risk. Attendees will learn about:

      -Basic questions you need to ask all vendors
      -The top risk vectors and configurations to look at it
      -The value and impact of continuous risk monitoring software

      Read more >
    • Vendor Risk Management: Trends and Market Maturity
      Vendor Risk Management: Trends and Market Maturity Stephen Boyer, CTO and CoFounder BitSight Recorded: May 10 2016 5:00 pm UTC 41 mins
    • How do organizations assess and manage the security risk by their vendors and suppliers? What kind of programs to organizations have in place to manage risk, and how mature are these programs?

      In this webinar, Stephen Boyer, CTO and CoFounder of BitSight and Joyce Chutchian, Senior Managing Editor, IDG Enterprise discuss recent survey data on the maturity of vendor risk management programs. This presentation will provide an in-depth analysis of which methods are being used by organizations in order to mitigate third party risk.

      Attendees will also learn:

      - Why vendor risk management is becoming a standard business practice
      - About the challenges organizations face in building a formalized vendor risk program
      - How continuous monitoring solutions and security ratings can help bolster vendor risk management programs

      Read more >
    • Essential Components of a Vendor Risk Management Program
      Essential Components of a Vendor Risk Management Program Jake Olcott, VP at BitSight Recorded: Feb 9 2016 6:00 pm UTC 57 mins
    • Understanding the cybersecurity posture of vendors, suppliers, and third-parties is now a necessity for businesses in all industries. Yet, many businesses do not have a formalized vendor risk management program. There are multiple components needed to create a comprehensive vendor risk management program. These span governance and control, as well as security controls and technology.

      Join Jake Olcott, VP at BitSight on February 9 as he highlights best practices and industry standards for vendor risk management programs. Attendees will learn:

      - Which frameworks and methodologies can help get you started
      - Vital questions you should be asking your vendors
      - Why continuous monitoring and verifying vendor security is crucial to mitigate cyber risk

      Read more >
    • Trust, But Verify: The Evolution of Vendor Risk Management in Finance
      Trust, But Verify: The Evolution of Vendor Risk Management in Finance Stephen Boyer, CTO and Cofounder BitSight Recorded: Dec 17 2015 6:00 pm UTC 37 mins
    • Vendor risk management has long been an area of concern for Financial Institutions. Regulators are now looking for banks to do more and provide a higher level of assurance about the security practices of their vendors. But how? With regulators continuously raising the bar, one thing is clear: the vendor reviews of the past will no longer be sufficient in today's environment.

      In this presentation Stephen Boyer, CTO, and Cofounder of BitSight Technologies will explore:

      - The evolving regulatory landscape regarding Vendor Risk Management and the practices organizations are adopting to meet these more stringent demands.
      - Why continuous monitoring of vendor security performance is both critical and achievable, through the use of data-driven, evidence-based security ratings
      - How a global financial services firm is transforming the way they select and interact with vendors and suppliers, detailing their own industry-leading practices in VRM and how the use of security performance ratings is allowing them to harden their extended enterprise.

      Read more >