Recent enforcement actions by bank regulators are heightening the need to establish formal policies for third party vendor management. Financial institutions that use outside firms for all types of underwriting and other bank functions are ramping up their oversight of outside firms and for some, the data management burden is not insignificant. This timely event will focus specifically on how risk managers can develop effective policies for managing outside vendors for appraisals and environmental assessments.
EDR is pleased to host a webinar on this timely topic with Mitch Kreeger, a well-known subject matter expert on valuation, environmental and seismic risk, and regulatory compliance topics, will share his insights and advice on establishing an effective vendor management policy for appraisers and environmental professionals. Kreeger will explore the myriad ways that attendees can improve vendor management, from initial project bidding to vendor selection to monitoring vendors over time.
At this educational webinar, attendees will receive advice on managing relationships with appraisers and environmental consultants, including answers to the following:
• What should we consider in selecting the “right” vendor for the job?
• How do we find quality appraisers? EPs?
• What guidance should our institution be giving our appraisers and EPs?
• What criteria should we be using to grade vendors and monitor performance?
• How are banks facing today’s vendor management challenges?
This webinar will review the things that are missing in many of the people who want to become a computer security consultant. Many people start off at the Application Layer (layer 7), in this webinar we will discuss the importance of establishing a solid security foundation; we will look at the three main components to build this foundation. Those are:
During the webinar we will discuss mastering the power of the command line and the importance of understanding the traffic at the lowest level … the packet! We will also look at some simple but important protocol analysis techniques.
The webinar is an introduction to the Core Concepts course that was developed to provide those entering the fascinating world of computer security consulting, a foundation prior to embarking on this journey. The more solid foundation of skills you have the better you will be prepared as a consultant or security professional.
Your guide to starting out as a consultant, and what you need to build a portfolio career.Read more >
The CRO+Consultant+Sponsor Relationship: Collaborating to Ensure Sponsor and Client Success.Collaboration is the key to a successful consulting partnership. This webinar will focus on the responsibilities and perspectives of key stakeholders (Sponsor, consultant and CRO), how to make the most out of the Sponsor/consultant relationship, and key considerations when partnering with a contract research organization. Explore ways to optimize your consultant relationships to ensure success!Read more >
75 CLAS Consultants participated in an Independent Survey into Network Security. During this webcast you will learn:
- How CLAS Consultants percieve the threat of Network Hacking, as part of the Threat Lanscape
- What are the trend that they see that are contributing the increased threat levels surrounding the Security of Networks
- What types of remediation/ security technologies can be used to address the challenges
The expectation from the start of 2017 – that we hadn’t seen the back of ransomware – was justified. 2017 was plagued with global attacks such as Petya, WannaCry, Bad Rabbit and many others. Unfortunately, 2018 could be even worse.
With ransomware continuously developing new delivery techniques, organisations must learn how to prepare and protect themselves from the threat of ransomware, but how can they do this?
In this webinar, Nick Frost, Principal Consultant at the ISF, will explore the latest threats in ransomware and what organisations can do to minimise vulnerabilities to reduce risks of an attack.
About the presenter:
Nick is currently the Principal Researcher for the Information Security Forum (ISF) Ltd. He has more than 15 years’ experience designing and implementing a risk-based approach to securing information. He has developed leading solutions for evaluating risk across both internal and supplier environments.
How to make your staff your first and last line of defence.
Learn how to:
•Identify your enemy and their tactics
•Discover why technological defences will lose to hackers
•Learn how to make staff genuinely care about security
About Rob Shapland BSc (Hons) OSCP OSWP CRT Principal Cyber Security Consultant, First Base Technologies LLP
Rob Shapland is an ethical hacker with 9 years’ experience conducting penetration tests for hundreds of organisations, from small businesses to major international organisations.
He specialises in simulating advanced cyber attacks against corporate networks, combining technical attacks with his other hobby of dressing up and tricking his way into company headquarters using social engineering techniques.
He is also a regular speaker at events and conferences around Europe, and has appeared on both BBC and ITV as a cyber security adviser. He holds qualifications from SANS, Offensive Security and CREST, and has been trained in social engineering techniques by Chris Hadnagy, one of the world's leading practitioners and researchers.
Consultant Corner - Beta WebcastRead more >
Investment consultants advise on the investment practices of trillions of dollars worldwide. They are a recognised source of authority and knowledge. However, most consultants and their asset owner clients are failing to consider environmental, social and governance (ESG) issues in investment practice – despite a growing evidence base that demonstrates the financial materiality of ESG issues to portfolio value.
There currently seems little commercial imperative for investment consultants to extend the coverage of ESG integrated services among their clients. Nor do we see pension schemes demanding ESG integrated services from their consultants. In too many cases, consultants and their clients simply don’t talk about ESG issues.
In this session, we will discuss the barriers and solutions with a view to maximising the global SRI opportunity.
One of the many benefits of best-of-breed object storage solutions is the ability to scale on demand and pay as you grow. How do you predict your capacity needs and determine your roadmap for scaling your storage? VP of Product Tony Barbagallo and Sr. Consultant John Bell will provide concrete guidance to help you predict your needs so you can accurately map out and budget for your organization’s data growth.Read more >
You’ve decided to implement object storage but do you know all of the best practices around its installation and management? VP of Product Tony Barbagallo and Sr. Consultant John Bell will share the techniques used by object storage experts to set up the largest installations in existence that have been running continuously with no downtime.Read more >
Thinking about implementing object storage in your infrastructure and not sure what hardware you need? With information and tips curated from hundreds of installations, VP of Product Tony Barbagallo and Sr. Consultant John Bell will explain the criteria you should consider as you make your selections and will be available to answer your questions.Read more >
Are you implementing Qualys, Rapid7, Nessus, or another network scanner and still struggling to prioritize your most critical vulnerabilities? Are you searching for a simple, single view of your organization's exposure to risk that you can share across security and IT ops teams and up to the CISO and the Board of Directors?
Join Security Engineer, Brian Orr and Security Consultant, Gabe Howden as they take you through the Kenna Security Platform and our risk-based approach so you can learn how to take control and reduce your risk.
The demo will cover:
- How Kenna Security's algorithm works to correlate scan data with real-world exploit intelligence
- The Kenna Security Risk Meter and tips for customizing dashboards and reporting for any IT environment
- Best practices for viewing, tracking, and reporting on your risk posture across all levels of your organization
May 25, 2018. It’s a date that is approaching quickly. It’s also the deadline for GDPR compliance. For companies that fail to comply, the cost can be high - as much as 4% of annual turnover.
Note: There is a misconception is that the regulation affects only companies in the European Union. In fact, it applies to any company that has dealings or plans to have dealings with citizens that reside in the EU.
Take the lead and get ready to initiate GDPR. Join Cullen Lemley, Cybersecurity Consultant at CA Technologies, for an overview of the impending regulations. Learn the important security facets of GDPR, the challenges for Privileged Access Management, and how businesses around the globe are preparing for the deadline.
How will virtualization, cloud, mobility and IoT impact your legacy network and what’s the best strategy moving forward? Join networking consultant, Colin Murray from Dimension Data, as we discuss how SDN provides increased network management flexibility and eases implementation of fine-grained security policies.
Colin Murray, Principal Consultant at Dimension Data
Moderated by Justin Ong, Technical Advocacy Manager at Spiceworks
"It’s no longer a case of ‘if you will be breached’, but instead how you’ll respond to and remediate the situation ‘once you are breached." – Kevin Mandia, CEO, FireEye
The FireEye 2017 M-Trends report indicates the average global dwell time of an attacker within a targeted environment is 99 days. This gives adversaries over three months to roam your network and steal sensitive data—before a breach is even detected.
Cyber security and incident response (IR) readiness is an evolving responsibility that has become a strategic priority for enterprises worldwide.
Given today’s cyber landscape, all C-suite leaders have an important role to play in their organization’s cyber security posture and IR plan. Their individual and departmental contributions must help protect vital assets, safeguard privacy and ensure uninterrupted operations.
Join the conversation as Troy Scavella, Principal Consultant of Mandiant, a FireEye company, talk to executives about:
• The current state of C-suite IR involvement, and how and why their status is evolving
• A best practice phased approach of executive contributions to be made before, during and after a breach
• Actionable tips for executives to apply and enforce across each phase of the IR process
• Protection of critical assets with IR preparation and improvement