Technology is no longer the exclusive domain of the IT department. Norman Marks thinks we should be talking about technology as a source of risk rather than just IT. What do you think?
Share your thoughts with Marks on a live webinar, June 5 at 2:00pm EDT, when he’ll discuss his point of view that IT is more than just a department. It’s made up of people, processes and addresses risks that typically arise from failings in those processes through the operation of IT general controls (ITGC).
From audit risks to cyber risks, Marks will help you understand that it may be necessary to take more risks than you might be comfortable with.
Find out more during this special webinar, June 5 at 2:00pm EDT.
Risk management often takes on different forms throughout the business. Some approaches are very strategically focused, some are very technology focused and some are even missing. During this webinar, Lockpath’s Sam Abadir will discuss how IT departments can identify risks in a way that is not only meaningful to their operations but also meaningful to other parts of the business. Abadir will talk about how this approach not only improves risk management but also makes IT a more valued part of the business.Read more >
Today’s business relies on distributed systems, applications and technologies to get things
done. As identities expand in mobile platforms, cloud-based software solutions and IoT, the
complexity of managing access to thousands of IT systems introduces a new type of risk to
information security programs – identity risk. In this session, Lockpath and Focal-Point will discuss:
- Challenges surrounding identity risk
- Methodology and best practices for managing identity risk
- The benefits of integrating identity management into a governance, risk and compliance (GRC) program
Join this webinar to review the latest emerging risks benchmarking survey results from CEB, now Gartner and learn how your peers identify and manage the big over-the-horizon risks to their organisations. In particular:
• Understand the latest emerging risks affecting the corporate landscape
• Explore industry-specific perceptions of emerging risk
• Identify key risk indicators and metrics used to track emerging risks
• Uncover “Risk Meteors” that could quickly affect your organisation
During this presentation, you'll learn more about a method to manage cyber risk strategically. Organizations need to focus on the areas most at risk and where they can get the best value for their cyber security investments. Approaching this strategically allows the organization to engage with internal and external stakeholders about cyber risks.Read more >
The complexity of third-party risk management increases every day, as does its importance to organizations that rely on third parties. Regulators are increasing their focus on potential third-party risk. Risk assessments for business processes and third party management are being integrated, mapped to organizational risks, and mined for patterns and trends. Some organizations are even developing and executing strategies for managing their supplier’s suppliers.
In this 60-minute webinar, Shared Assessment’s Tom Garrubba and Lockpath’s Sam Abadir discuss:
• The growing need for third party risk management programs.
• How incorporating third party risk management into an overall governance, risk and compliance (GRC) program can create greater value for your organization.
• And how the Shared Assessments Standard Information Gathering (SIG) questionnaire and the Lockpath® Keylight® Platform work together to streamline, navigate and create value in this increasingly complex third-party landscape.
Enterprise-level risk assessments are a business necessity today in light of data breaches, global outsourcing, and regulatory compliance challenges like GDPR. In this webinar, Lockpath and Focal-Point will discuss strategies and best practices for creating and leveraging enterprise risk assessments. Attendees will learn:
• Common goals and objectives for enterprise risk assessments
• How to define assessment metrics
• When to determine if a risk assessment is needed
• When to use an integrated assessment vs. an individual assessment
This is a can’t miss webinar for anyone responsible for enterprise-level risk and concerned about threats to business operations.
The risk from software vulnerabilities has historically been an IT Operations concern, but no longer. A more integrated approach centralizing vulnerability data, and decision making, is necessary to provide a holistic view of organizational risk up the executive chain. The ability to prioritize asset risk, communicate with stakeholders, and make rapid, informed decisions, will be the difference between success, and failure, for many modern enterprises.
Join this live Q&A with guest speaker, Forrester Senior Analyst Serving Security & Risk professionals, Josh Zelonis and Bay Dynamics VP of Strategy, Steven Grossman, as they answer your questions and cover:
- Why is vulnerability risk management more that scanning?
- How do you prioritize risks beyond CVE and CVSS scores?
- How can a preemptive approach elevate vulnerability risk management to the core enterprise-wide risk management item it should be?
-What are the common challenges in moving to a vulnerability risk management model?
Register for this webcast for insight into the changing demands on vulnerability management programs.
A single weak point in a line of code can create an open door for attackers. Threats originating from applications are now more pervasive than ever. We believe that the best defense against application vulnerabilities is a good offense.
In this webinar, we will share results from our recent primary research study that reveals:
• The top five application security risks
• Where these risks originate
• How to remediate these risks
• Best practices to protect your business, protect your customers
Hear how TransUnion's Jasper Ossentjuk developed a future-forward vendor risk management program by using BitSight Security Ratings to translate complex cybersecurity issues into simple business context.Read more >
Enterprises are becoming increasingly cognizant of the massive business risk posed by incidents of cyber attacks resulting in data breaches. Less well-known, and perhaps more potent a threat, is the danger posed by third-party vendors entrusted with sensitive data in the course of a business partnership. While an enterprise can have the best and most resilient internal IT practices, there are no such guarantees their external partners will take the same care. The consequences can be enormous.
The UpGuard Cyber Risk Team has made it its mission to find data exposures where they exist, aiding in securing them against malicious use and raising public awareness about the issues driving cyber risk today. In this talk, UpGuard CEO Mike Baukes will discuss how third-party vendor risk has proven a potent and pervasive threat in the digital landscape of 2017, as illustrated by a newly discovered third-party vendor data exposure case involving the leaking of sensitive data from major transnational corporations.
Learn how you can mitigate such third-party vendor risk and begin to evaluate and enforce your business partners’ cyber resilience against such threats.
Join Synack's CTO Mark Kuhr discuss a new risk management framework.Read more >
The ‘Yield’ road sign is a great example of the intersection of compliance and risk. The universal requirement for ‘Yield’ or ‘Give-way’ is defined as the following:
The requirement that a driver shall “give way” to other vehicles means that he must not continue or resume his advance or maneuver if by so doing he might compel the drivers of other vehicles to change the direction or speed of their vehicle abruptly.
Individuals are left to their own interpretation of this definition, from performing a prolonged stop to accelerating at the sign. Enforcement is difficult. And so it is with the numerous ways that Compliance and Risk must coordinate and collaborate within your organization.
Norman Marks is a firm believer in taking a risk management approach to the business objective of operating in compliance with both laws and regulations and society’s expectations, even when they aren’t reflected in laws and regulations.
Share your thoughts with Marks on a live webinar, August 14 at 2:00pm EDT when he’ll discuss his point of view about the practical application of the concept of risk appetite and its impact on influencing the day-to-day taking of risk.
You’re about to experience the ultimate guide to communicating risk. Wisk away your biases (admit it… we all have them), forego over-complicated explanations and sidestep the temptation to email risk-related issues to your colleagues.
You’ll discover how you can intelligently improve your thinking about risk and communicating risk concerns from a science-based risk communication model on a live webcast July 18 at 2:00pm EDT.
Timothy Sellnow, Ph.D. and Deanna Sellnow, Ph.D., are Professors at the University of Central Florida, Nicholson School of Communication, whose primary research and teaching focuses on strategic communication for risk management and mitigation. Tim and Deanna will share with you their best practice framework model for effective instructional risk and crisis communication during this informational session.
Stake your claim to the ultimate guide. Despite risk’s wretched reputation, you’ll be glad you did.
RiskIQ Webinar feature Forrester Research
The network perimeter that organizations have long relied on for protection from cyber-threats has evaporated. Businesses are engaging with their customers, vendors and partners across web, social and mobile channels. Threat actors are following suit, increasing the digital risk that organizations face. According to The Forrester Wave™: Digital Risk Monitoring, Q3 2016 (which cited RiskIQ as a Leader):,”Without comprehensively and persistently monitoring risk in digital channels, companies remain susceptible to a wide variety of brand, cyber, and physical risk events”. Every CISO and security leader must consider implementing a Digital Risk Monitoring strategy, or be at risk due to their expanding attack surface.
In this one-hour presentation RiskIQ VP of Product Strategy Arian Evans and guest Forrester Research analyst Nick Hayes will cover:
* Expanding threat landscape via digital—web, social and mobile—channels
* Requirements for a comprehensive digital risk monitoring (DRM) strategy
* Necessary security technology elements for DRM program implementation
Join this live webinar to learn more about this growing digital risk landscape, and how you can help better protect your organization’s most critical assets, its customers, and brand.
The Keylight Platform from Lockpath puts you in the driver’s seat for operational risk management.Read more >
Operational risks are on the rise due to companies increasingly relying on digital processes and third parties. The issue is compounded by the fact that products and services are growing in number and complexity. Traditional operational risk management can't keep up. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter operational risk management, including:
• Critical capabilities for managing digital process and third-party risks
• Strategies for tying operational risks to business objectives
• Advantages of managing operational risk using a GRC platform
• Leveraging the value chain for integrated risk management
Bring efficiency, effectiveness and agility to operational risk management. Discover the road to smarter operational risk management by attending this educational webinar. Register now!
For healthcare providers that receive Medicare and Medicaid reimbursements, managing exclusion risk is critical. Employees, business associates, suppliers, and more who land on state exclusion lists while employed or engaged by a provider can result in severe regulatory penalties. In this educational webinar, Lockpath and Kinney Services will guide you through the world of exclusion risk and point out what you need to know.
Attendees will learn:
* A definition of exclusion risk with real-world examples
* Challenges encountered with managing exclusion risk
* Strategies for implementing a consistent, repeatable review process
* Technology's role in streamlining exclusion risk management
Are you continually reviewing the exclusion status of employees and business entities? If not or reviews are conducted haphazardly, you run the risk of regulatory penalties and a potential crisis in the reimbursement process. Discover what you need to know to managing exclusion risk in this educational webinar.
Identity risk impacts multiple business functions within an organization. Vendor risk, business continuity, compliance, and more all strive to reduce risk exposure with limited regard to the holistic picture. This session discussed how to shape this breadth of exposure and provide guidance and strategy to Identity Risk Management.Read more >