During this presentation, you'll learn more about a method to manage cyber risk strategically. Organizations need to focus on the areas most at risk and where they can get the best value for their cyber security investments. Approaching this strategically allows the organization to engage with internal and external stakeholders about cyber risks.Read more >
In this webinar we will review best practice risk reporting and how to design company-wide risk reporting that focuses on providing insight rather than data or information. These approaches provide enough detail to enable informed decision making at all levels without overburdening recipients with superfluous information.Read more >
This event is designed for Heads of ERM, ERM Directors, ERM Managers, and other direct reports of the Chief Risk Officer. It is designed to teach the basics and also best practices of conducting a successful risk assessment workshop plus tactics for impactful workshop facilitation. Participants will learn a number of tactical ERM practices that can be implemented immediately.Read more >
What are your security risk assessments really telling you? Do you know how much a change in security or business operations will change your exposure? Do you know how changes in threat activity affect your risk over the long term?
Chances are you will not be able to answer these questions unless you have quantitatively calculated your Annualized Loss Expectancy (ALE). Join this presentation and learn about the factors that drive the determination of ALE and how this approach will allow you to better understand and manage your exposure to cybersecurity risks.
Join us to review the emerging risks for 2015 as executives facing an environment of unprecedented volatility: market conditions change rapidly and new risks continue to proliferate. To navigate the continually changing and complex risk environment,
The webinar will be led by Ian Beale, Senior Director, CEB Risk
Risk and risk management is pervasive throughout organisations. There are many departments that manage risk and have their unique understanding, models, and views into risk. This makes enterprise and operational risk management a challenge. Organisations fail in enterprise risk management strategies when they force everyone into one flat view of risk, they also fail when they allow different views of risk but do not do risk normalisation and aggregation as they roll-up risk into enterprise reporting.
This webinar details how organisations need to take a federated approach to risk management that allows different departments some level of autonomy and supports their department level risk management strategies but also enable a common information and technology architecture to support overall risk management activities and reporting.
This ‘Expert’ presentation will address the following:
Where and how enterprise risk management fails
How to build an enterprise risk register and show interrelationships of risk
The value of an information and technology risk management architecture
Approaches to risk normalisation and aggregation for accurate enterprise risk reporting.
Organisations across all sectors are dealing with a growing array of third party/vendor relationships. Even obscure supplier relationships can have significant impact on security, risk and compliance. The Target credit card breach is one example in which a heating and air conditioning supplier was the doorway in to a significant breach of a point of sale system and theft of credit card data. Organisations have to manage risk across their third party supplier relationships but are limited in the resources they can devote to this.
This 'Expert' webinar will address the following:-
o Understand the growing array of third party relationships
o The impact of third party relationships on security, risk and compliance
o Elements of an effective, efficient, and agile vendor risk management process
o How other areas of the organisation can leverage a common approach to third party risk management
Attend this webinar if:-
o You are concerned by the growing number of third party supplier relationships
o You realise your risk and compliance exposure is growing because of these relationships
o You need to be able to manage supplier risk but cannot recruit more staff to do so
o You desire the need to know how to keep current in a dynamic environment of third party relationships
With so many moving parts pushing an organization forward, companies today must know who has access to their data—making vendor risk management (VRM) a critical business practice. Unfortunately, not all organizations have the resources to staff full-time vendor risk managers. Security professionals now must wear multiple hats in order to reduce operating risk for their organizations. Even if vendor risk management isn’t a primary focus, there are techniques and tools security professionals can implement to make it an efficient and valuable process for your company.
In this webinar, join Andrew Calo, Manager of Technology Risk at BitSight as he offers tips and techniques to efficiently manage and assess vendor risk. Attendees will learn about:
-Basic questions you need to ask all vendors
-The top risk vectors and configurations to look at it
-The value and impact of continuous risk monitoring software
Regulators acknowledge the risks associated with vendor relationships and have demanded that business leaders monitor and take responsibility for the actions of their vendors through various laws and standards such as the Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act, the FCPA, the Health Insurance Portability and Accountability Act, as well as the Payment Card Industry Data Security Standard (PCI DSS) requirements and CFPB guidance.
Consequently, vendor management is currently at the forefront of organizational risk management priorities and Internal Audit needs to address vendor management and third party risk in their audit planning and execution.
In this presentation, you will:
- Gain an understanding of the potential risks that may arise from the use of third party service providers
- Identify the basic elements of an effective third party risk management program
Don't understand the PCI? Watch our video here for help.Read more >
Don't understand the ISO-27001 ISMS standard? Watch our video here for help.Read more >
Don't understand the DPA? Watch our video here for help.Read more >
For many organisations, investments in new processes and technologies is on top of the priorities list. From behavioral analytics, big data solutions, and "one touch" processes that require no manual intervention, companies are always on the lookout for technology innovations that can achieve a considerable return on investment. When companies consider cybersecurity in such a technology dependent world, most ask, "How can we secure our business and comply with the changing legal and regulatory standards?" instead of, "How do we make business focused, intelligent investments given the cyber security risks we face?"
In this webcast, Dr. Pierre Tagle, Head of Governance and Risk for SecureWorks for Asia South, will discuss the risk-based cybersecurity operating model to help companies identify and protect their most critical information assets and business processes. Dr. Tagle will focus on the most critical actions for any organisation building a risk-based security program.
Key topics covered include:
- Prioritising information assets based on value to the organisation
- Identifying and prioritisng risks to the assets
- Reduce risks with quick wins
- Build and deliver a security plan that aligns business and technology
- Ensure continuous business engagement on the topic of cyber security
Regulations, examiners, internal and external auditors, as well as customers increasingly probe your business for details about your risk management practices. You are challenged to provide reports, Key Risk Indicators, status updates, and other evidence of IT Governance and risk management to satisfy them all in addition to the demands of your own management who wants to know what value all this effort returns to customers, shareholders, and stakeholders.
Will automation help you align your effort with those of IT Security, with operating goals, and with customers?
This discussion will identify what level of automation you need and when; what you can expect in results and experience, and how you can use automation to strengthen business alignment and contributed value through your risk program.
This presentation will discuss the challenges and benefits of developing and managing an Operational Risk Management Program (ORMP). With availability and BC/DR being key elements of operational risk the presentation will demonstrate how an effective ORMP can benefit the acceptance and visibility of BC/DR to management. The presentation will also include a process and approach that can form the basis for an organization's ORMP.Read more >
So, big data huh? Over the past twelve months it hasn't been hard to notice that "big data" has become a huge fad. In fact, the backlash against its use has already begun before most of us could even figure out how to take advantage of it.
This presentation is your chance to learn about how to successfully use big data and avoid big mistakes rolling out a "big data" program. Alex Hutton works in Risk & Security for a large financial institution. This F.I. has been utilizing a big (1.2 petabytes and counting) Data Warehouse for Security & Fraud for several years. He will discuss what it is, how to start a program, and how security organizations can start getting value from an investment in data and analytics.
Join Alex Hutton as he shares what makes an effective risk management program, how to set up a big data program that works and why risk management always fails.Read more >