Name: Accelerate and Optimize Your Third Party Risk Management Program
Start: 2020-09-03T17:00:00Z
End: 2020-09-03T17:00:46.000Z
Location: BrightTALK
Rating: 4.63

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

The State of SaaS Security: Trends and Insights for 2025-26, commissioned by Valence in partnership with the Cloud Security Alliance, reveals a critical inflection point in SaaS security. While 86% of organizations now prioritize SaaS security with 76% increasing budgets, significant challenges persist that threaten enterprise security postures.

Survey data from 420 IT and security professionals highlights persistent visibility gaps, with 55% reporting employees adopt SaaS applications without security involvement. Identity management remains problematic, with 58% struggling to enforce proper privilege management and 46% citing challenges monitoring non-human identities. The expanding attack surface through GenAI tools and SaaS-to-SaaS integrations presents new vulnerabilities, with 56% of organizations concerned about overprivileged API access to sensitive data. 

This webinar will explore key insights from the report, including emerging threat vectors, effective mitigation strategies, and how organizations can evolve their security programs to match the complexity of modern SaaS environments.

State of SaaS Security

Mergers and acquisitions can fuel growth—but they also create prime opportunities for cyber threats. Financial services organizations must act fast to secure newly acquired entities, maintain compliance, and prevent cyber risks from jeopardizing the deal.

In this webinar, security leaders will learn:

• The biggest cybersecurity risks during M&A and how attackers exploit them
• Best practices for securing the business throughout the process
• How organizations can reduce risk, ensure compliance, and streamline cloud security during M&A

Join Ilaiy Elangovan, Head of Cyber Product Development & Innovation at Visa, Expel's Lauren Horaist, Director of Product Management, and Peter Katz, VP & General Counsel, for an expert discussion on protecting your expanding organization—without slowing down the deal.

How to Protect M&A in FinServ: A Conversation with Visa and Expel

AWS is recognized as the most comprehensive cloud platform globally, but with complex identity management, permissions, and access controls, it can be difficult to know what you can secure at scale and where to start.

Join our cloud security experts to learn essential best practices for maintaining a secure AWS environment. Whether you’re a beginner or specialist, you’ll discover new strategies that will help continually strengthen your cloud security posture, enforce least privilege, and fix misconfigurations when they arise.

Cloud Data Security: AWS Best Practices

Discover how the Cloud Security Alliance and Northeastern University are shaping the future of safe AI. In this exclusive webinar, we unveil the Trusted AI Safety Knowledge certification program—an industry-first initiative designed to equip professionals with the principles, frameworks, and practical training to build and manage AI systems safely, securely, and responsibly.

You'll get a first look at the core components of the certification, including risk management strategies, regulatory alignment, and ethical frameworks essential to modern AI deployment. Learn how this collaboration brings together world-class academic rigor and industry-driven insights to address the urgent need for trusted AI expertise across business, compliance, and technical domains.

AI Safety Primer: Inside the Trusted AI Certification by CSA and Northeastern University

Navigate the complexities of securing your hybrid cloud. "Securing the Hybrid Cloud: Key Strategies for Network Security" tackles the critical challenges of achieving comprehensive application visibility, ensuring consistent rule alignment, and proactively managing evolving threats. Discover actionable strategies to fortify your network, optimize security posture, and gain unparalleled insight into your hybrid environment. Don't let the cloud's dynamic nature compromise your security—empower your team with the knowledge to protect your critical assets.

Securing the Hybrid Cloud: Key Strategies for Network Security

Geared towards security and IAM teams, this webinar will share insights into understanding and implementing a non-human identity solution effectively through key use cases, essential solution features and evaluation criteria that will help integrate NHI security into your broader identity strategy and strengthen your security posture.

How to Evaluate a Non-Human Identity (NHI) Security Solution

Salesforce Agentforce will revolutionize how sales, marketing, and customer service agents interact with customers and access internal documentation within the CRM tool.

However, without a proper roll out plan and understanding of how Agentforce works, your organization could face unexpected risks when it comes to security.

Join Varonis and Salesforce for an insightful discussion on mastering Agentforce, including a deep dive into how the tool works, how to plan for deployment, and other best practices that Salesforce users of all levels can adopt.

Unlocking Agentforce: Best Practices for Deploying Salesforce's AI Tools

Organizations are navigating a rapidly evolving threat landscape, with hybrid and multi-cloud environments introducing fragmented visibility and complex data exposure risks. To better understand how enterprises are managing this challenge, Thales commissioned the Cloud Security Alliance (CSA) to investigate how organizations view risk to improve their data security posture. The study explores how organizations identify and prioritize data risks, the classification methods and monitoring tools they rely on, and the limitations they face in achieving a unified, real-time view of their data security posture. It also highlights how risk-based security solutions can improve response effectiveness, reduce downtime, and support compliance by delivering continuous visibility and actionable intelligence across diverse environments. 

Join Hillary Baron, AVP of Research at the Cloud Security Alliance (CSA), as she reveals the results of the Understanding Data Security Risk survey. Also participating is Krishna Ksheerabdhi, Vice President of Product Marketing for Cybersecurity & Digital Identity (CDI) at Thales Group. They will discuss how organizations are unifying fragmented tools into cohesive platforms while adopting proactive, risk-driven approaches to enhance resilience, protect critical data, and streamline compliance.

Data Security Risk Insights for Improving Data Security Posture

Business continuity is top of mind in 2025. With AI-fueled cyberattacks at an all-time high, geopolitical instability in the news, and an ever-growing number of regulations to deal with, organizations are looking for solid foundations on which to build their operations.

In this webinar we will peel back the layers of operational resilience and explore practical ways in to help organizations:
• Remain compliant to regulations covering business continuity
• Protect their brand and reputation in an always-on world
• Look in detail at how to keep its mission critical services online
• Adopt fully managed business continuity cloud solutions

You should expect to come away from this webinar confident in your ability to stay compliant and operational, even during the most trying of circumstances.

Managed Business Continuity Cloud Solutions

Ever wonder what security leaders across industries are focusing on in the GRC space? What are their top priorities, and how should they shape yours?

Join Vanta’s GRC Subject Matter Expert, Faisal Khan, and Daniele Catteddu, CSA's Chief Technology Officer, for a deep dive on building and scaling GRC programs. They will share their take on the role of trust, AI, and automation in strengthening your foundation and preparing for what’s next.

What to expect:
Point of view on top of mind issues for GRC leaders
Role of trust management in scaling GRC 
Where to prioritize AI and automation in GRC

Scaling GRC with Trust, AI, and Automation

Dive into a full year of SOC data to identify trends in infrastructure targets, malware, schemes, and more to uncover strategies for improving your security resilience in the coming year. We’ll cover:
• Security data specific to the FinServ industry, including specific threats to be aware of and remediation tactics
• Comparisons of trends in FinServ versus cybersecurity customers as a whole
• Recommendations for keeping your FinServ organization secure

Analyzing Annual SOC Data to Inform Your 2025 FinServ Security Strategies

Join Eoghan Casey and Mark Wigham from Salesforce for an in-depth webinar on maintaining trusted and resilient data to deploy AI at scale. We will explore the essential steps to ensure that AI Agents have access to the data they need, don’t have access to data they shouldn’t, and perform optimally. 

Key topics include:
• Trusted Agentic AI: Understand how to implement robust data security measures to control and track what data Agents access, create, and modify.
• Data Reliability and Relevance: Learn how to maintain the accuracy and relevance of your data, ensuring it remains a valuable asset for your business.
• Data Security Measures: Discover best practices for tracking changes and encrypting sensitive data, including data created and changed by Agents.
• Robust Data Backup and Recovery: Understand the importance of reliable data backup and precision recovery processes in minimizing data loss and disruptions, ensuring business-critical data is easily recoverable and maintaining system integrity.
• Data Anonymization: Explore how data anonymization can enhance security and compliance, reducing the risk of data exposure in development, testing, and training environments.
• Automating Sandbox Seeding: Discover how automating sandbox seeding can speed up development cycles, improve developer productivity, and drive faster revenue growth and higher operating margins.

Walk away with actionable strategies to maintain resilient and trusted data to accelerate your AI projects with confidence.

How to Succeed at Agentic AI with Trusted & Resilient Data

With AI dominating security conversations, it’s easy to get lost in the hype. What’s real today, and what’s still just a promise for the future?

Join Jesse Booth, Sr. Director of Security Operations at GoTo, Rex Guo, CEO of Culminate, and John DiMaria, Chief of Staff of Cloud Security Alliance, for a 60-minute webcast where they’ll cut through the noise and share how GoTo is successfully leveraging AI in its SOC right now—delivering measurable security and operational improvements right now—delivering measurable security and operational improvements.

5 Real AI-Powered Use Cases in GoTo’s SOC—What’s Working Today

Join us for an exclusive fireside chat with Wiz, where industry experts will share insights, experiences, and perspectives on today’s most pressing topics. This informal yet informative session is designed to provide valuable takeaways in a conversational setting.

Top Cloud Threats within AI Security

As cloud adoption grows, managing identity access—especially for non-human identities (NHIs)—across multi-cloud environments is increasingly complex. Many organizations adopting Zero Trust focus on authentication but neglect what happens after login.

This webinar explores Zero Standing Privileges (ZSP), ensuring access is granted only when needed and revoked immediately after use. But Zero Trust is more than a technical challenge—it’s a cultural shift. By fostering a security-first mindset, organizations can integrate least privilege principles across all identities.

Key Takeaways:
• What Zero Standing Privileges (ZSP) is and its role in Zero Trust security
• Step-by-step roadmap to implementing ZSP in IAM
• Proven strategies to build a Zero Trust culture across your organization
• Expert solutions to common ZSP adoption challenges

Join us for practical insights and real-world strategies to strengthen identity access management and accelerate your Zero Trust journey.

Building a Zero Trust Culture with Zero Standing Privileges in IAM

Identity security has traditionally been viewed as a critical yet limiting layer of defense—a necessary barrier against evolving cyber threats. But what if identity management could become more than a defensive perimeter? In this session, we'll explore how forward-thinking enterprises are leveraging non-human identities, as a catalyst for innovation, agility, and business acceleration. Join us to discover:
• How proactive identity strategies enable rapid adoption of emerging technologies, from generative AI to automated DevOps.
• Real-world examples where robust management of non-human identities empowered organizations to launch new services and solutions confidently and securely.
• Practical guidance on shifting your organization's perspective from seeing identity security solely as a risk mitigation tactic to embracing it as a strategic enabler of growth and innovation.
• Turn identity security into your organization's competitive advantage.

From Barrier to Catalyst: Transforming Identity Security into an Engine of Innovation

As businesses rapidly adopt cloud and SaaS technologies, the traditional model of centralized IT control has given way to business-led technology decisions. Rather than fighting this shift, forward-thinking security teams are embracing it by implementing unified visibility and intelligence across their expanding digital ecosystem. This session explores how modern access security and data-driven governance enables organizations to support business-driven innovation while maintaining security control.

Beyond Shadow IT: Enabling Business Innovation Through Unified Access Intelligence

Cloud security teams are inundated with alerts, making it difficult to prioritize what matters most and resolve issues efficiently. While this isn’t a new problem, understanding the scope and scale of the challenge is key to finding solutions. To dive deeper, we analyzed 3,960,090 alerts from our proprietary data to break down the problem at scale. In this session, we’ll reveal the most common misconfigurations and explore the factors behind dangerously long dwell times and high MTTR, some stretching up to 498 days and 285 days, respectively. What’s adding to the complexity? Inconsistent severity ratings across different tools, making prioritization even harder. But it’s not all doom and gloom. We’ll highlight quick wins you can implement today, along with key alert types to prioritize for faster triage and risk reduction. By the end of this session, you’ll learn from our expert services team how they tackle these problems at scale every day, and you’ll take away your data-backed strategies to cut through the noise, tackle high-risk misconfigurations, and improve your cloud security posture.

From Alert to Remediation: Millions of Alerts Analyzed to Shape Your Strategy

Third-Party Risk Management has become a critical component of protecting and securing your organization. However, many companies still need to find a way to operate at scale in order to be efficient, gain insights, and improve cybersecurity resilience.

In this webinar, we will walk through the necessary people, process, and technology to help you mitigate the cyber risks introduced by your vendors, partners, suppliers, or any third party.
We will discuss:
● How to employ a risk-based assessment process
● Best practices when communicating with third parties
● How to utilize meaningful insights from tools
● And much more!

Accelerate and Optimize Your Third Party Risk Management Program

Third Party Risk Management

Risk Management

Risk Assessment

Cyber Risk Management

Cyber Security

Cloud Security

Supplier Risk

Resiliency

Cyber Resilience

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Accelerate and Optimize Your Third Party Risk Management Program

Presented by

About this talk

More from this channel