During this presentation, you'll learn more about a method to manage cyber risk strategically. Organizations need to focus on the areas most at risk and where they can get the best value for their cyber security investments. Approaching this strategically allows the organization to engage with internal and external stakeholders about cyber risks.Read more >
RiskIQ Webinar feature Forrester Research
The network perimeter that organizations have long relied on for protection from cyber-threats has evaporated. Businesses are engaging with their customers, vendors and partners across web, social and mobile channels. Threat actors are following suit, increasing the digital risk that organizations face. According to The Forrester Wave™: Digital Risk Monitoring, Q3 2016 (which cited RiskIQ as a Leader):,”Without comprehensively and persistently monitoring risk in digital channels, companies remain susceptible to a wide variety of brand, cyber, and physical risk events”. Every CISO and security leader must consider implementing a Digital Risk Monitoring strategy, or be at risk due to their expanding attack surface.
In this one-hour presentation RiskIQ VP of Product Strategy Arian Evans and guest Forrester Research analyst Nick Hayes will cover:
* Expanding threat landscape via digital—web, social and mobile—channels
* Requirements for a comprehensive digital risk monitoring (DRM) strategy
* Necessary security technology elements for DRM program implementation
Join this live webinar to learn more about this growing digital risk landscape, and how you can help better protect your organization’s most critical assets, its customers, and brand.
In this webinar we will review best practice risk reporting and how to design company-wide risk reporting that focuses on providing insight rather than data or information. These approaches provide enough detail to enable informed decision making at all levels without overburdening recipients with superfluous information.Read more >
This event is designed for Heads of ERM, ERM Directors, ERM Managers, and other direct reports of the Chief Risk Officer. It is designed to teach the basics and also best practices of conducting a successful risk assessment workshop plus tactics for impactful workshop facilitation. Participants will learn a number of tactical ERM practices that can be implemented immediately.Read more >
What are your security risk assessments really telling you? Do you know how much a change in security or business operations will change your exposure? Do you know how changes in threat activity affect your risk over the long term?
Chances are you will not be able to answer these questions unless you have quantitatively calculated your Annualized Loss Expectancy (ALE). Join this presentation and learn about the factors that drive the determination of ALE and how this approach will allow you to better understand and manage your exposure to cybersecurity risks.
Join us to review the emerging risks for 2015 as executives facing an environment of unprecedented volatility: market conditions change rapidly and new risks continue to proliferate. To navigate the continually changing and complex risk environment,
The webinar will be led by Ian Beale, Senior Director, CEB Risk
Risk and risk management is pervasive throughout organisations. There are many departments that manage risk and have their unique understanding, models, and views into risk. This makes enterprise and operational risk management a challenge. Organisations fail in enterprise risk management strategies when they force everyone into one flat view of risk, they also fail when they allow different views of risk but do not do risk normalisation and aggregation as they roll-up risk into enterprise reporting.
This webinar details how organisations need to take a federated approach to risk management that allows different departments some level of autonomy and supports their department level risk management strategies but also enable a common information and technology architecture to support overall risk management activities and reporting.
This ‘Expert’ presentation will address the following:
Where and how enterprise risk management fails
How to build an enterprise risk register and show interrelationships of risk
The value of an information and technology risk management architecture
Approaches to risk normalisation and aggregation for accurate enterprise risk reporting.
Organisations across all sectors are dealing with a growing array of third party/vendor relationships. Even obscure supplier relationships can have significant impact on security, risk and compliance. The Target credit card breach is one example in which a heating and air conditioning supplier was the doorway in to a significant breach of a point of sale system and theft of credit card data. Organisations have to manage risk across their third party supplier relationships but are limited in the resources they can devote to this.
This 'Expert' webinar will address the following:-
o Understand the growing array of third party relationships
o The impact of third party relationships on security, risk and compliance
o Elements of an effective, efficient, and agile vendor risk management process
o How other areas of the organisation can leverage a common approach to third party risk management
Attend this webinar if:-
o You are concerned by the growing number of third party supplier relationships
o You realise your risk and compliance exposure is growing because of these relationships
o You need to be able to manage supplier risk but cannot recruit more staff to do so
o You desire the need to know how to keep current in a dynamic environment of third party relationships
With so many moving parts pushing an organization forward, companies today must know who has access to their data—making vendor risk management (VRM) a critical business practice. Unfortunately, not all organizations have the resources to staff full-time vendor risk managers. Security professionals now must wear multiple hats in order to reduce operating risk for their organizations. Even if vendor risk management isn’t a primary focus, there are techniques and tools security professionals can implement to make it an efficient and valuable process for your company.
In this webinar, join Andrew Calo, Manager of Technology Risk at BitSight as he offers tips and techniques to efficiently manage and assess vendor risk. Attendees will learn about:
-Basic questions you need to ask all vendors
-The top risk vectors and configurations to look at it
-The value and impact of continuous risk monitoring software
Quantitative risk analysis is achievable, can be pragmatic, and can actually out-perform qualitative risk analysis in the face of complex issues like intelligent adversaries. Join Jack Jones, the original author of the Factor Analysis of Information Risk (FAIR) framework and (ISC)2 to learn more about FAIR. Jack will highlight both the quantitative use-cases as well as the ways in which FAIR can be leveraged to improve qualitative risk analysis. This will be followed by a demonstration on how to quantify cyber risk with the RiskLens Cyber Risk Quantification software platform.Read more >
Regulators acknowledge the risks associated with vendor relationships and have demanded that business leaders monitor and take responsibility for the actions of their vendors through various laws and standards such as the Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act, the FCPA, the Health Insurance Portability and Accountability Act, as well as the Payment Card Industry Data Security Standard (PCI DSS) requirements and CFPB guidance.
Consequently, vendor management is currently at the forefront of organizational risk management priorities and Internal Audit needs to address vendor management and third party risk in their audit planning and execution.
In this presentation, you will:
- Gain an understanding of the potential risks that may arise from the use of third party service providers
- Identify the basic elements of an effective third party risk management program
For many organisations, investments in new processes and technologies is on top of the priorities list. From behavioral analytics, big data solutions, and "one touch" processes that require no manual intervention, companies are always on the lookout for technology innovations that can achieve a considerable return on investment. When companies consider cybersecurity in such a technology dependent world, most ask, "How can we secure our business and comply with the changing legal and regulatory standards?" instead of, "How do we make business focused, intelligent investments given the cyber security risks we face?"
In this webcast, Dr. Pierre Tagle, Head of Governance and Risk for SecureWorks for Asia South, will discuss the risk-based cybersecurity operating model to help companies identify and protect their most critical information assets and business processes. Dr. Tagle will focus on the most critical actions for any organisation building a risk-based security program.
Key topics covered include:
- Prioritising information assets based on value to the organisation
- Identifying and prioritisng risks to the assets
- Reduce risks with quick wins
- Build and deliver a security plan that aligns business and technology
- Ensure continuous business engagement on the topic of cyber security
Thinking strategically in an environment that requires constant tactical reaction, has become increasingly difficult. And when you’re managing a pension plan, we understand the importance of constantly addressing both. In an effort to help in this process, our investment experts have created a new quarterly webinar series designed to discuss the key market events and regulatory items that specifically affect retirement plans and provide actionable ways to address them.
In our inaugural webcast will focus on three key areas:
1.Market Update – navigating the low interest environment
2.Regulatory Review – understanding the latest Pension Protection Act provisions
3.Case Studies – Innovative ways to increase duration
•Dan Kutliroff, Senior Retirement Solutions Strategist
•Jessica Hart, Practice Lead, Retirement
•Armand Yambao, FSA, EA, CFA, Director of Pension Risk Strategy
Register now for this quick, yet informative, 30 minute update to explore the most pressing items impacting retirement plan management.
Don't understand the PCI? Watch our video here for help.Read more >
Don't understand the ISO-27001 ISMS standard? Watch our video here for help.Read more >
Don't understand the DPA? Watch our video here for help.Read more >
Regulations, examiners, internal and external auditors, as well as customers increasingly probe your business for details about your risk management practices. You are challenged to provide reports, Key Risk Indicators, status updates, and other evidence of IT Governance and risk management to satisfy them all in addition to the demands of your own management who wants to know what value all this effort returns to customers, shareholders, and stakeholders.
Will automation help you align your effort with those of IT Security, with operating goals, and with customers?
This discussion will identify what level of automation you need and when; what you can expect in results and experience, and how you can use automation to strengthen business alignment and contributed value through your risk program.
Mike Rasmussen of GRC 20/20 explores the ever changing role of the CISO in a modern organization.
This presentation offers a prescription for managing information security risk as it permeates business operations, processes, transactions, and relationships in the digital world.
This presentation will discuss the challenges and benefits of developing and managing an Operational Risk Management Program (ORMP). With availability and BC/DR being key elements of operational risk the presentation will demonstrate how an effective ORMP can benefit the acceptance and visibility of BC/DR to management. The presentation will also include a process and approach that can form the basis for an organization's ORMP.Read more >