Open source software and code has become common place in application development, as have the use of vulnerability assessment tools. After all, no one wants to be the victim of the next Heartbleed, Poodle or Logjam. But vulnerability assessment tools, while helpful, have blind spots. How can you ensure that you are protecting your networks and applications from newly disclosed vulnerabilities? Join Black Duck Software and (ISC)2 on February 18, 2016 at 1:00PM Eastern for a discussion on VA Tools, Open Source Assets and secure application development.Read more >
You’ve invested in firewalls and endpoint protection. You’ve optimized and tweaked. Your content filters and AV are updated. Your email is locked down and you’re ready for whatever attackers might throw your way. Right? That’s what the targets of many of the recent headline-grabbing breaches would have said too.
Every organization can use an extra set of eyes – Audits should be a regular part of any security plan, but they can be expensive and time consuming. Enter the Fortinet Cyber Threat Assessment, a free evaluation of your existing security infrastructure that helps you:
•Evaluate potential security risks from the edge to the endpoint and everywhere in between
•Determine areas where security infrastructure is compromising performance and how to eliminate bottlenecks while still protecting your network
•Find often overlooked vulnerabilities and learn about risks both within and outside your organization.
This year has brought profound changes to the security landscape, especially in the area of Distributed Denial of Service (DDoS) attacks. Aside from the traditional saturation objectives of such assaults, DDoS attacks are increasingly used as cyber “smokescreens” to mask more intrusive and more destructive penetration operations. Join Neustar and media leader, Cox Communications, in a forward-looking discussion on what you should consider to safeguard your business in 2015.
During this session, you’ll hear about:
• 2014 security trends and lessons
• 2015 DDoS threat assessments
• Real-world approaches to help keep you safe
Jared Pfost gives an overview of our Assessment Manager.Read more >
Lee Smith (Dee Smith & Associates) and David Cuthbertson (SMS) will cover their approach and methods of assessing existing data centre facilities and management processes. Rapid changes in both IT and data centre technologies often mean that facilities and management techniques fail to evolve fast enough, with the data centre potentially being the weak link in the delivery chain of all IT services. Achieving a baseline through an assessment is critical for any improvement or transformation activity - but is not so easy to do in practice.Read more >
Bill Wildprett shows us how to conduct a HIPAA/HITECH risk assessment using Caliber Security's Security Process Management Suite (SPM).Read more >
With multiple mandates, constantly changing IT environments and a vast and evolving threat landscape—maintaining compliance requires measurable and enforceable controls. Now you can reduce risk and continuously comply with internal policies and external regulations.
Join us for this webcast to learn how a comprehensive and automated controls assessment can help you quickly and easily demonstrate due diligence about securing your IT assets through:
• System-hardening controls—selecting host and app settings to check for each policy
• Deep assessment—automatically scanning and analyzing your entire network
Today’s workforce embraces the idea that with mobile technology, we can work anywhere. Risk and compliance professionals are challenged to complete assessments that require location or site-specific information. Physical security, facility site and self-assessments require them to collect data and evidence while they are away from their desks, and organizations are turning to mobile to help them accomplish these tasks more efficiently.
During this webcast, you will learn how to develop and implement a mobile strategy for your GRC assessments to more efficiently capture risk and compliance assessment information on-site. By transforming time-consuming operational chores into efficient, value-added processes, you can significantly reduce potential data entry errors and delays in sharing this critical risk data.
Join us to learn more about:
• Considerations for determining what GRC use cases are best suited for the mobile environment
• How customers are utilizing RSA Archer GRC Mobile
• Using RSA Archer GRC Mobile to conduct audit, risk and compliance assessments via a product demonstration
Corporate data volumes are exploding exponentially, but legal budgets and court imposed deadlines are not keeping pace. It doesn't take Sherlock Holmes to recognize that reducing your time to knowledge can yield big dividends in cost containment and risk mitigation.
We can help you to see the bigger picture and better prepare for strategic project management, meaningful discovery negotiations, and informed proportionality arguments.
Our webinar will show you how you can use common investigative techniques to:
- Perform timeline and gap analysis
- Identify anomalies and trends
- Reduce the noise quickly and efficiently
- Find connections.
This webinar will review minimum EPA requirements and best practice for assessment and reporting on the integrity of retaining structures such as bunds (tank bunds, pallet bunds, bunded drum storage, etc..) and effluent pipelines and identify common areas where improvements can be made. The EPA would also welcome questions as part of this webinar and time will be allowed at the end of the webinar for this.Read more >
Internal auditors are increasingly under pressure to provide value and meet the needs of key stakeholders. Join us for a complimentary Protiviti webinar to address:
• Requirements of IIA Standards for Quality Assessment & Improvement Program
• Changes to the IIA QAR Manual
• Innovative Internal Audit Practices
• Improvement opportunities and emerging trends
CPE will be provided to qualifying attendees
In this two hour briefing Richard Staton, Chair of Examiners for GCSE History, will explain the assessment details for our newly accredited GCSE History specification. He’ll talk you through our approach to question setting and mark schemes. You’ll also have the opportunity to learn more about our forthcoming support and post questions.Read more >
Risk assessments are a critical activity for the organization to perform to prioritize the areas that should be reviewed. In the absence of an IT audit risk assessment, are critical IT components and process areas supporting the business being reviewed sufficiently?
Join us for this webinar to:
• Understand how an IT audit risk assessment fits into an organization’s overall internal audit activities
• Obtain a perspective on how an IT audit risk assessment can be used to develop an IT audit plan
• Take away ideas and concepts that you can use to improve an existing IT audit risk assessment process
CPE will be provided to qualifying participants.
Improving workplace productivity starts with getting the right people on your team and eliminating the wrong ones. Furthermore, preventing problem generator candidates from joining your organization in the first place is accomplished through performance-based hiring, strategic interviewing, including thorough reference checking, and utilizing pre-hire assessments.
Our expertise will teach you to identify and get rid of the toxic employees on your team through performance management so that you can replace them with top performers. We also show you how combining effective reference checking from previous direct supervisors and pre-employment assessment tests give you the greatest likelihood of preventing problem employees from being hired thereby automatically increasing workplace productivity.
The Chef DevOps Journey Assessment or Dojo is a tool that is used to assess both the current and desired state of your organization's DevOps progress. The goal of the exercise is to expose opportunities for continuous improvement by defining a baseline of where you are on your journey and the desired state you’re trying to get to. After we compile the results, patterns will emerge and be used to visualize goals and generate custom guidelines towards success.
In this webinar, Justin Redd, Customer Engineering Lead, and Thomas Enochs, VP Customer Success, will explain:
- Why we created the Dojo and how it can help your organization accelerate DevOps adoption
- What the DevOps Journey Assessment is and how it’s conducted
- Who in your organization should attend the Dojo exercise
- How to get it
Internal audit functions are increasingly under pressure to provide value and meet the needs of key stakeholders. Join us for this webinar to address:
- Requirements of IIA Standards for Quality Assessment & Improvement Program;
- Top ten common QA findings and lessons learned;
- Improvement opportunities and emerging trends; and
- What internal auditors can do to add value to their organization.
The Employee Retirement Income Security Act of 1974 (ERISA) is federal law that regulates employer-sponsored health and welfare plans. While the law is complex, the government agencies tasked with enforcing its provisions ensure complete compliance through the use of intensive plan investigations and the administration of significant financial penalties. An ERISA gap assessment can serve as a plan sponsor’s first line of defense against the costly and burdensome consequences of non-compliance, and can provide the added benefit of optimal plan administration.
This presentation will cover the nuts and bolts of ERISA, how and when to conduct a gap assessment, and how to address areas of compliance weakness.
IDC Announces the Best Vendors for Client Computing Software
In the multi-device workplace, there are many vendors IT can choose from to better manage applications and desktops. So, which vendors offer the best client computing solutions with a commitment to long-term end-user computing innovation?
Find out how a variety of vendors compare and the reasons why VMware has moved into the Leaders category in the IDC MarketScape: Worldwide Virtual Client Computing Software 2015 Vendor Assessment.
Join us and learn:
Which vendors are well aligned when it comes to customer needs
Which vendors offer the best client computing solutions with a commitment to long-term end-user computing innovation?
Which vendors have the commitment to providing resources and continued expansion of the EUC infrastructure