Hi [[ session.user.profile.firstName ]]
Sort by:
    • Vendor Management is Risky Business
      Vendor Management is Risky Business Jennifer Anderson, Jeff Avery, Ben Fagan Recorded: Apr 26 2018 3:00 pm UTC 50 mins
    • Do you struggle with truly understanding your risk with your vendors? Are you relying solely on static, self-assessments to understand vendor risk? This can put your company at a greater level of exposure. Join Verterim's Jennifer Anderson and Jeff Avery with BitSight Technology's Ben Fagan BrightTalk for an informative discussion on the changes in vendor management programs and a demonstration of the BitSight and Archer Integration. Our plug and play BitSight - RSA Archer integration provides dynamic risk information to augment your existing vendor assessment process, pointing you to specific areas that may be at risk, reducing your time on vendor risk analysis and proactively alerting you to potential issues real time.

      Read more >
    • Vendor Management Best Practices: Is Your Program Up to Par?
      Vendor Management Best Practices: Is Your Program Up to Par? Scott Roller, former head of vendor management, Citigroup Recorded: Aug 12 2015 6:00 pm UTC 60 mins
    • Among the top challenges lenders face today is the need to meet higher expectations set by the OCC and the Federal Reserve governing the use of third-party vendors. While the guidelines were released over a year ago, there is still confusion about what institutions should be doing.

      One thing, however, is certain. Effective vendor management takes resources, and many institutions are finding it necessary to add staff and/or technology to help with the cause, particularly smaller institutions. The regulators have made it clear, vendor management is not just a one-time assessment, but is an ongoing process, and monitoring vendors long term is as important as the initial due diligence.

      EDR is pleased to host a webinar on this timely topic on Wednesday, August 12, 2015 at 2:00 p.m. EST. Scott Roller, former head of vendor management at Citigroup, will provide clarity on the new regulations and help break down regulator expectations into easy-to-understand terms. Roller will explore key dimensions that attendees can use as the foundation for building out their own robust vendor management oversight program, from initial vendor risk classification all the way through ensuring adequate executive engagement in vendor management.

      Attendees will learn best practices for satisfying regulators with this educational workshop, including answers to the following:
      • What does the latest regulatory guidance on vendor management require?
      • What are the biggest headaches banks are facing in complying with them?
      • What advice is recommended for smaller banks struggling with limited manpower/resources?
      • What are bank examiners looking for during audits?
      • What are the latest best practices for policies and procedures?
      • How are banks coping with the need to track and monitor vendors?
      • What are the most common shortcomings that audits reveal?

      Attendees will also receive a free copy of a white paper on vendor oversight and the cost of compliance.

      Read more >
    • The Silent Killer: How Third-Party Vendor Risk Threatens Everyone
      The Silent Killer: How Third-Party Vendor Risk Threatens Everyone Mike Baukes, CEO, UpGuard Recorded: Oct 11 2017 5:00 pm UTC 44 mins
    • Enterprises are becoming increasingly cognizant of the massive business risk posed by incidents of cyber attacks resulting in data breaches. Less well-known, and perhaps more potent a threat, is the danger posed by third-party vendors entrusted with sensitive data in the course of a business partnership. While an enterprise can have the best and most resilient internal IT practices, there are no such guarantees their external partners will take the same care. The consequences can be enormous.

      The UpGuard Cyber Risk Team has made it its mission to find data exposures where they exist, aiding in securing them against malicious use and raising public awareness about the issues driving cyber risk today. In this talk, UpGuard CEO Mike Baukes will discuss how third-party vendor risk has proven a potent and pervasive threat in the digital landscape of 2017, as illustrated by a newly discovered third-party vendor data exposure case involving the leaking of sensitive data from major transnational corporations.

      Learn how you can mitigate such third-party vendor risk and begin to evaluate and enforce your business partners’ cyber resilience against such threats.

      Read more >
    • Roadmap to Smarter Vendor Risk Management
      Roadmap to Smarter Vendor Risk Management Lockpath Recorded: May 3 2018 4:00 pm UTC 37 mins
    • Vendors are essential to your company's success; however, they also add a layer of risk. A data breach is often traced to a service provider. A supplier botches a shipment and upsets a key customer. For risk challenges with vendors, the answer is proactive vendor risk management. In this webinar, you'll learn the roadmap to smarter vendor risk management, including:

      · Guidance on managing collected vendor data
      · Time-saving features with assessments
      · Tips on spotting trends and high-risk vendors
      · Pros and cons of continuous monitoring
      · Impact of vendor risk on operational risk

      Don't wait for an incident or a high-level exec questioning your vendor risk management processes to get smarter about vendor risk management. Learn smart strategies for the road ahead in VRM. Register for this webinar.

      Read more >
    • Open, vendor-neutral, infrastructure management with SUSE - SUSE Manager 3.2
      Open, vendor-neutral, infrastructure management with SUSE - SUSE Manager 3.2 Jason Phippen, Product & Solution Marketing & Joe Werner, Senior Product Manager, SUSE Recorded: Jul 17 2018 2:00 pm UTC 32 mins
    • In this SUSE Webinar you will learn about Open, vendor neutral, infrastructure management with SUSE.

      You will hear how to….

      Lower costs and simplify deployment while easily scaling larger environments for Public Cloud and Kubernetes infrastructures.

      Reduce bandwidth costs, minimize resource needs, and ease deployment with the new container-based Proxy deployment option, allowing you to more easily scale larger environments for Public Cloud and Kubernetes infrastructures.

      Improve DevOps efficiency and meet compliance requirements with a single tool to manage and maintain everything from your edge devices to your Kubernetes environments.

      1.Improve efficiency by managing and maintaining your Raspberry Pi based IoT devices and CaaS Platform environment, using the same tool you use to manage and maintain your bare metal and virtualized Linux environments.

      2.Improve operational efficiencies by providing easy automation of repetitive tasks without the need for advanced scripting skills via re-usable action chains.

      3.Ensure you are meeting your business’ compliance requirements, by monitoring and patching your Raspberry Pi based IoT devices and container-based workloads to the latest security and patch levels.

      Read more >
    • Are Your Third Party Vendors Creating Uninvited Cyber Risk?
      Are Your Third Party Vendors Creating Uninvited Cyber Risk? Greg Pollock, VP of Product at UpGuard Recorded: Aug 10 2017 5:00 pm UTC 36 mins
    • Many of the largest and most well known breaches are cases of third party information exposure.

      One of the largest leaks of all time was discovered when an RNC vendor, Data Root Analytics, exposed 198 million voter records, including personal details, voter information, and predictively modeled attributes such as race and religion.

      Outsourced information work is crucial for organizations to scale and remain competitive, but it should be done with careful forethought to the risks the company faces should that information be compromised.

      In this webinar you will learn:

      - Why cybersecurity is dead
      - How to mitigate cyber risk in a cost effective way
      - How vendor risk becomes your risk
      - Steps to become cyber resilient
      - How to measure success on your path towards cyber resilience

      Read more >
    • How To Prevent Data Breaches From Your Unknown 3rd & 4th Party Vendors
      How To Prevent Data Breaches From Your Unknown 3rd & 4th Party Vendors Bennett Morrison, VP of Product and Nikon Rasumov, Director of Product Recorded: Mar 10 2016 6:05 pm UTC 17 mins
    • Sometimes your biggest security challenge is the vendors who are unknown to the risk management team.

      Traditionally, in order to determine vendors an enterprise is engaged with, it required working with procurement and surveying various departments and individuals.

      It’s a time-consuming process that is prone to errors, oversights, and doesn’t account for the many “shadow” vendor relationships that may exist. Even when the vendor is known, in order to determine their level of security you had to use questionnaires or ask them to install intrusive software on each one of their computers. These methods don’t provide accurate visibility into the vulnerabilities across your entire business ecosystem, are expensive, and labor intensive.

      In this 30 minute webinar, Bennett Morrison, VP of Product and Nikon Rasumov, Director of Product, introduces Automatic Vendor Detection (AVD™), a SecurityScorecard module that discovers vendors and their security posture throughout an organization's business ecosystem.


      You will learn how:

      + Third and fourth party vendor weaknesses are exploited to obtain your organizational data

      + Challenges of determining your third and fourth party relationships throughout an enterprise

      + Standard vendor identification methods fail to provide an accurate ongoing assessment of third and fourth party risk

      + Leveraging AVD will uncover risks previously unknown to the risk management team

      + AVD automatically detects and determines vendors part of your business ecosystem

      Read more >
    • How to Mitigate Cyber Risk with Efficient Vendor Risk Management
      How to Mitigate Cyber Risk with Efficient Vendor Risk Management Kevin Roden and Julia Grunewald Recorded: Feb 22 2017 6:00 pm UTC 42 mins
    • Over the past few years, outsourcing business functions to vendors has been on the rise. In fact, there are more third-party relationships today than ever before. However, as the number of supplier relationships grows, so grows the amount of risk those suppliers pose. And in today’s hyper-connected landscape, cyber risk has taken center stage when it comes to vendor risk.

      Join former CIO, Kevin Roden, and BitSight’s Senior Customer Success Manager, Julia Grunewald, on Wednesday, February 22nd at 1pm ET, as they discuss traditional and emerging vendor risk management (VRM) tactics.

      In this webinar you’ll learn:
      - How VRM has traditionally been handled
      - Why traditional strategies alone aren’t enough
      - Advice on how to effectively and efficiently mitigate cyber risk

      Read more >
    • 5 Steps to Stronger Vendor Security and Reduced Supply Chain Risk
      5 Steps to Stronger Vendor Security and Reduced Supply Chain Risk Ishan Girdar [CEO, Privva] + Mitch Greenfield [Supply Chain Security Expert] Recorded: Nov 1 2016 5:00 pm UTC 38 mins
    • Third party vendors and digitally connected supply chains provide significant operational and cost efficiencies. But they also expose businesses to significant data security risk as sensitive data leaves your protected network. A recent report revealed more than 60% of all data breaches were from third-party vendors.

      In this webinar, supply-chain security expert Mitch Greenfield will walk you through a 5-step process to reduce your supply chain risk, improve vendor compliance, and make informed decisions about your vendor network. Learn how to:

      - Ask the right questions when assessing supplier risk
      - Manage and securely distribute vendor risk assessments
      - Automate vendor risk scoring to eliminate human error
      - Create reports to meet compliance and stakeholder requirements (CISO, C-Suite, Board, Auditor)
      - Schedule periodic re-assessment based on a vendor's risk profile and criticality to the business

      Read more >
    • Tips and Tricks For Tackling Vendor Risk
      Tips and Tricks For Tackling Vendor Risk Andrew Calo, Manager of Technology Risk Recorded: Aug 11 2016 3:00 pm UTC 48 mins
    • With so many moving parts pushing an organization forward, companies today must know who has access to their data—making vendor risk management (VRM) a critical business practice. Unfortunately, not all organizations have the resources to staff full-time vendor risk managers. Security professionals now must wear multiple hats in order to reduce operating risk for their organizations. Even if vendor risk management isn’t a primary focus, there are techniques and tools security professionals can implement to make it an efficient and valuable process for your company.

      In this webinar, join Andrew Calo, Manager of Technology Risk at BitSight as he offers tips and techniques to efficiently manage and assess vendor risk. Attendees will learn about:

      -Basic questions you need to ask all vendors
      -The top risk vectors and configurations to look at it
      -The value and impact of continuous risk monitoring software

      Read more >