Hi [[ session.user.profile.firstName ]]

From the SOC to the BOD: The Board’s Role in Cyber Security

As major breaches cause financial and reputational damage to businesses across all industries, there is a push for cyber security to become a board level issue. A recent survey from BDO International found 59% of board directors have become more involved in cyber security within the past twelve months. But how can board members unfamiliar with the ins and outs of network security effectively manage these risks?

Join BitSight’s VP of Business Development, Jacob Olcott, Partner at McKenna Long & Aldridge, Bill Ide and the Executive Director of The Conference Board Governance Center, Donna Dabney on Thursday, March 26 at 11:00am EDT for an online roundtable discussion on board involvement in cyber security. The panelists will discuss how both security leaders and board members should approach the communication and management of cyber risks in the enterprise.

Attendees will also learn:

- What cyber security metrics are most important for the board
- Methods for security leaders to communicate cyber issues across the enterprise
- How BitSight’s platform enables communication on security performance throughout the enterprise
Recorded Mar 26 2015 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Donna Dabney, Executive Director of The Conference Board Governance Center; Bill Ide, Partner at McKenna Long & Aldridge
Presentation preview: From the SOC to the BOD: The Board’s Role in Cyber Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Are Common Business Partners Putting You At Risk? Recorded: Apr 18 2017 28 mins
    Jay Jacobs, Senior Data Scientist, BitSight Technologies
    BitSight researchers recently studied the security performance of Fortune 1000 companies alongside a random sample of companies with a similar industry breakdown. How did they compare, and what should organizations take away from the study?

    Join Jay Jacobs, Senior Data Scientist at BitSight to learn about the security strengths and weaknesses found within Fortune 1000 companies. In this webinar, you’ll learn:

    - How the security hygiene of Fortune 1000 companies compare to similar counterparts
    - Why Fortune 1000 companies disclose nearly twice the amount of data breaches as other companies
    - Common machine comprises found in Fortune 1000 companies
    - What all businesses can take away as a result

    Register today and get a copy of the report upon attending the webinar!
  • How to Approach Portfolio Risk Aggregation Recorded: Mar 29 2017 38 mins
    Samit Shah
    Join us on Wednesday, March 29th has Samit Shah, BitSight's Insurance Solutions Manager discusses how cyber insurers should approach portfolio risk aggregation and how other businesses can use this mindset to decrease risk across their portfolio of vendors.
  • 3 Ways to Improve Your Security Performance This Year Recorded: Mar 9 2017 24 mins
    Julia Grunewald, Senior Customer Success Manager, BitSight Technologies
    With new cyber attacks and data breaches emerging on a daily basis, today’s organizations need a deeper understanding of the security performance of their programs, policies, and third parties. That’s why many companies use security ratings to help measure and mitigate cyber risk across their business ecosystems.

    Join this talk to learn how you can improve your organization’s security rating by improving your overall security posture.

    In this webinar, you’ll learn:

    - Three ways to improve your security performance in 2017
    - What impact these changes could have on your Security Rating
    - How to use BitSight Security Ratings to prioritize the remediation of security events and issues
  • How to Mitigate Cyber Risk with Efficient Vendor Risk Management Recorded: Feb 22 2017 42 mins
    Kevin Roden and Julia Grunewald
    Over the past few years, outsourcing business functions to vendors has been on the rise. In fact, there are more third-party relationships today than ever before. However, as the number of supplier relationships grows, so grows the amount of risk those suppliers pose. And in today’s hyper-connected landscape, cyber risk has taken center stage when it comes to vendor risk.

    Join former CIO, Kevin Roden, and BitSight’s Senior Customer Success Manager, Julia Grunewald, on Wednesday, February 22nd at 1pm ET, as they discuss traditional and emerging vendor risk management (VRM) tactics.

    In this webinar you’ll learn:
    - How VRM has traditionally been handled
    - Why traditional strategies alone aren’t enough
    - Advice on how to effectively and efficiently mitigate cyber risk
  • A CIO's Guide to Benchmarking Cybersecurity Performance Recorded: Feb 9 2017 61 mins
    Jake Olcott, VP of Business Development, BitSight, Tom Stumpek, Technology Advisor and former CIO of GE
    In order for a business to be competitive, it must be continuously improving. This is something the modern chief information officer (CIO) knows all too well. Further, technological advances and greater outsourcing in business have made cyber risk a key area that requires a great deal of thought from the CIO. So, how can CIOs know how their security programs are performing in order to make decisions on allocating funding, headcount, and policies?

    Join Jake Olcott. VP of Business Development at BitSight and Tom Stumpek, a Technology Advisor and former CIO for GE. Attendees will learn:

    - Why cybersecurity benchmarking is difficult for the modern CIO
    - Different methods of benchmarking you may be involved in (or want to consider)
    - How Security Ratings may solve many benchmarking challenges
  • Presenting Cybersecurity to the Board: Your How-to for Success Recorded: Jan 25 2017 62 mins
    Richard Clarke, Jasper Osstenjuk, Jake Olcott
    Today, cybersecurity is a #1 concern for board members. But what do they need to know? And how should it be presented?

    Richard Clarke has a pretty good idea. As a senior White House advisor to four U.S. Presidents, a member of three corporate boards, and CEO of Good Harbor Security Risk Management, he’s talked cybersecurity in both the Situation Room and the boardroom.

    Jasper Ossentjuk also knows how to present cybersecurity in the boardroom. As SVP and CISO for TransUnion, Jasper regularly presents information to his Board about his organization's security posture.

    On January 25th at 1:00PM ET, join Richard and Jasper for a discussion of:

    - What cybersecurity metrics and measurements are most important for the board
    - Methods for security leaders to communicate security issues across the enterprise
    - How to graphically represent your cybersecurity program
  • Exploring the Current State of Cybersecurity in the Legal Sector Recorded: Jan 19 2017 45 mins
    Jake Olcott, VP of Business Development at BitSight Technologies and Jay Jacobs, Sr. Data Scientist at BitSight Technologies
    Despite the fact that third party breaches have been on the rise, organizations may not be doing enough to manage the cybersecurity of all of their critical vendors. Law firms, in particular, are one of the most widely used third parties, yet the Legal sector may be getting overlooked in vendor security discussions.

    In fact, the latest BitSight Insights Industry Index report revealed that although companies in the Legal sector have high security ratings and low rates of vulnerabilities, the industry remains a key target for cyber criminals. Therefore, it’s crucial for organizations in this space to understand their cybersecurity posture and improve their vendor risk management techniques.

    Join Jake Olcott, VP at BitSight, and Jay Jacobs, Sr. Data Scientist at BitSight as they discuss data security in the Legal sector and beyond. In this webinar, you’ll learn:

    - How the cybersecurity posture of the Legal sector has changed over time
    - How the Legal sector stacks up against six other industries
    - The importance of cybersecurity in the Legal sector
  • 3 Tips to Improve your Security Posture in 2017 Recorded: Dec 21 2016 23 mins
    Julia Grunewald, Senior Customer Success Manager at BitSight Technologies
    With new cyber attacks and data breaches emerging on a daily basis, today’s organizations need a deeper understanding of the security performance of their programs, policies, and third parties. That’s why many companies are now using BitSight Security Ratings to help measure and mitigate cyber risk across their business ecosystems.

    On Wednesday December 21st at 12pm ET, join BitSight Technologies’ Senior Customer Success Manager, Julia Grunewald, as she discusses how you can improve your organization’s security rating by improving your overall security posture.

    In this webinar, you’ll learn:
    - Three ways to improve your security performance
    - What impact these changes could have on your Security Rating
    - How to use BitSight Security Ratings to prioritize the remediation of security events and issues
  • The Data Disconnect: Why Not All Security Ratings are Created Equal Recorded: Dec 20 2016 61 mins
    Stephen Boyer, CTO and Co-founder of BitSight, Dave Shackleford, Voodoo Security and SANS
    From time-consuming audits to expensive penetration tests, evaluating a company’s security posture can seem like a daunting task. However, today’s organizations are increasingly adopting Security Rating Services (SRS) as a means to quantify and monitor their own cyber risk, as well as the risk of their third party vendors.

    So, how should you go about using security ratings? What’s the real difference between different rating services? And how does that impact your business?

    Join BitSight Technologies’ CTO and Co-founder, Stephen Boyer, and Dave Shackleford of SANS as they discuss the importance of curating high-quality data for security ratings and explore why verifiable data should be at the heart of any security rating solution.

    In this webinar, you’ll learn:
    - The key components of highly-actionable security ratings
    - How those components impact your cyber risk
    - Why data quality is so important
    - What the difference between subpar and superior security ratings could mean for your business
  • Cybersecurity Benchmarking For CIOs Recorded: Nov 29 2016 60 mins
    Jake Olcott, Tom Stumpek
    In order for a business to be competitive, it must be continuously improving. This is something the modern chief information officer (CIO) knows all too well. Further, technological advances and greater outsourcing in business have made cyber risk a key area that requires a great deal of thought from the CIO. So, how can CIOs know how their security programs are performing in order to make decisions on allocating funding, headcount, and policies?

    Join Jake Olcott. VP of Business Development at BitSight and Tom Stumpek, a Technology Advisor and former CIO for GE. Attendees will learn:

    - Why cybersecurity benchmarking is difficult for the modern CIO.
    - Different methods of benchmarking you may be involved in (or want to consider).
    - How Security Ratings may solve many benchmarking challenges.
  • Bridging the Gap on Data Breaches: What Makes the Difference? Recorded: Nov 23 2016 57 mins
    Jay Jacobs, Dave Bradford
    Every organization wants to know how to best protect their systems and data – but exactly where to focus efforts and resources can be daunting. Compromised machines, outdated software, certificate mismanagement, and faulty encryption practices can all increase the risk that an organization will experience a breach, but is there one single area on which businesses should concentrate?

    In this webinar, Jay Jacobs, Senior Data Scientist at BitSight discusses new research on common characteristics exhibited by organizations that have suffered data breaches. Dave Bradford, Chief Strategy Officer and Director of Strategic Partnership Development at Advisen will discuss how this research is relevant for carriers and providers of cyber insurance.
  • Vendor Risk Management Scenarios That Haunt You Recorded: Oct 27 2016 32 mins
    Matt Cherian
    Whether you are in the beginning stages of implementing a vendor risk management (VRM) program, or you have a robust program, there are always scenarios that can blindside your organization. Compounding this uncertainty is the dynamic environment of cyber risk. Yet, there are tools and techniques organizations can leverage in order to reduce uncertainty about the security of their third parties and vendors.

    Join Matt Cherian, Director of Products at BitSight as he discusses how to grapple with common vendor risk scenarios. In this webinar, viewers will learn:

    - How to gain full visibility into the security of your critical third parties to avoid being caught off guard
    - How to understand and communicate potential threats occurring on the networks of your third parties
    - What to do when an infection- or breach occurs
  • Managing Cyber Risk In Your Supply Chain Recorded: Oct 21 2016 61 mins
    Jake Olcott, VP at BitSight
    Large data breaches have caused executives to invest significant time and resources in improving cybersecurity within their own companies. But now the attackers are targeting an organization’s weakest links - business partners and contractors who have access to the most sensitive data. How should senior leaders develop a strategy to manage third party cyber risk? Who are the most critical business partners to be concerned about? How can contractual language reduce the risk? Is there a way to gain real-time visibility into the security posture of the supply chain? And what are the regulators saying about all of this?

    Join Jake Olcott, Vice President at BitSight Technologies as he talks about:

    - Assessing your organization’s maturity with respect to managing third party cyber risk
    ​- Building a third party cyber risk management program
    - Regulatory requirements for third and fourth-party cyber risk management
    - Incorporating real-time data into your vendor risk management program
  • How To Gain Actionable Insight Into Cyber Risk With Security Ratings Recorded: Sep 29 2016 30 mins
    Ira Scharf, GM of Worldwide Insurance, BitSight, Dave Bradford, President, Advisen
    With so many different cyber risk metrics being used, how can cyber insurance underwriters and risk managers know how likely a company is to experience a data breach?

    Join Ira Scharf, GM of Worldwide Insurance at BitSight, and Dave Bradford President, Research and Editorial at Advisen as they discuss new correlations between BitSight Security Ratings and data breaches.

    Attendees will learn:

    - Why security ratings are a clear indicator of cyber risk
    - How likely companies with BitSight ratings of 400 or below are to experience a data breach
    - How underwriters, policyholders, and applicants can use BitSight Security Ratings to lower their cyber risk
  • Exploring The Latest Cybersecurity Trends In Major Industries Recorded: Sep 22 2016 36 mins
    Jay Jacobs, Senior Data Scientist, Joel Alcon, Product Marketing Manager
    In 2015, large-scale data breaches have hit all industries, leading to millions of compromised records. According to the Identity Theft Resource Center, there were 780 data breaches in which 177,866,236 records were compromised. While no industry is immune to data breaches, some are more prepared than others.

    In this webinar, Jay Jacobs, Senior Data Scientist at BitSight explains how security posture differs in six key industries. This webinar will highlight new findings on:

    - The most common ransomware infections
    - The rate of ransomware infections found across major industries
    - The aggregate BitSight Security Rating for each industry
  • Managing Cyber Risk From Third Party Contractors Recorded: Aug 30 2016 46 mins
    Jake Olcott, VP Business Development, Bitsight Technologies
    Many recent data breaches have exploited security weaknesses in the networks of third parties to attack businesses. With supply chains growing and business functions increasingly outsourced, the number of third party organizations with access to your company’s most sensitive data has increased dramatically. How should organizations assess and manage the cyber risk by their vendors and suppliers? What kinds of policies and controls should organizations put in place in order to mitigate third party cyber risk? How can organizations continuously monitor the cybersecurity performance of their critical vendors in real time?

    Getting familiar with third party cyber risk management best practices and industry standards is a good start towards mitigating cyber risk for your organization. Join Jake Olcott, VP of Business Development as he discusses these topics and more.
  • Tips and Tricks For Tackling Vendor Risk Recorded: Aug 11 2016 48 mins
    Andrew Calo, Manager of Technology Risk
    With so many moving parts pushing an organization forward, companies today must know who has access to their data—making vendor risk management (VRM) a critical business practice. Unfortunately, not all organizations have the resources to staff full-time vendor risk managers. Security professionals now must wear multiple hats in order to reduce operating risk for their organizations. Even if vendor risk management isn’t a primary focus, there are techniques and tools security professionals can implement to make it an efficient and valuable process for your company.

    In this webinar, join Andrew Calo, Manager of Technology Risk at BitSight as he offers tips and techniques to efficiently manage and assess vendor risk. Attendees will learn about:

    -Basic questions you need to ask all vendors
    -The top risk vectors and configurations to look at it
    -The value and impact of continuous risk monitoring software
  • From Signal to Action: Security Metrics that Drive Business Decisions Recorded: Jul 28 2016 42 mins
    Stephen Boyer, Jay Jacobs
    How can companies effectively measure their company’s risk of a data breach? Which security metrics are most important when it comes to determining cyber risk? How do different types of security compromises, whether botnet infections or brand name SSL vulnerabilities, contribute to an organization’s risk profile?

    In this presentation, BitSight’s Chief Technology Officer Stephen Boyer and Senior Data Scientist Jay Jacobs answer these questions and more. This data-driven webinar will highlight the extensive analysis that the BitSight Data Science team undertakes to make security signals into concrete risk mitigation actions. Perhaps most importantly, the speakers will give guidance on how security and risk professionals at every level - from the board room to the server room - can drive positive change throughout their organizations.
  • Global Security Performance: How Top Nations Stack Up Recorded: Jul 12 2016 54 mins
    Stephen Boyer, CTO and CoFounder BitSight
    How do some of the most prominent nations in the international economy differ in cybersecurity performance? As organizations increasingly open offices abroad, their networks face global security threats.

    In its latest research report, BitSight studied the security performance of companies with more than 50% of their IP space in the following countries: The United States, United Kingdom, Germany, Brazil, China, and Singapore.

    Join Stephen Boyer, CTO and CoFounder of BitSight as he takes a deep dive into the threat landscape that organizations face in each of these nations.

    Viewers will learn:

    ● Why companies in some nations tend to be more or less secure than others

    ● How global companies deal with threats such as botnet infections, SSL attacks, and Spam propagation.

    ● What businesses with a large global presence can do to mitigate cyber risk across their ecosystem.
  • Managing Fourth Party Cyber Risk With BitSight Discover Recorded: Jun 23 2016 24 mins
    Matt Cherian, Director of Product Management & Customer Operations
    In recent years, organizations’ dependency on cloud service providers, web hosting platforms, and other cloud services has increased. Many companies now rely on cloud technologies for critical services, making them vulnerable to single points of failure in their supply chains. A data breach originating from a service provider may affect multiple organizations across different industries. Many of your company’s vendors may rely on certain cloud service providers. What risk does this pose to your organization?

    In this webinar, Matt Cherian, Director of Product Management & Customer Operations at BitSight will discuss:
    - Why organizations need to identify and monitor fourth party connections as64 they transition to the public cloud and digital systems
    - Which industries could be most impacted by service provider outages and which of these industries rely on obsolete software
    - How BitSight Discover can help enterprises mitigate operational and cyber risk
Find Out How Security Ratings can Reduce Your Company's Risk.
The BitSight Security Rating Platform gathers terabytes of data on daily security outcomes from hundreds of sensors deployed across the globe.

All of the data is externally available and collected without any intrusive testing. Data is classified into several risk categories, including botnets, spam, malware, unsolicited communication, DDoS, and system configuration, and then mapped to an organization's known networks.

BitSight’s sophisticated algorithms analyze the data for severity, frequency, duration, and confidence to create an overall rating of that organization’s security performance.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: From the SOC to the BOD: The Board’s Role in Cyber Security
  • Live at: Mar 26 2015 3:00 pm
  • Presented by: Donna Dabney, Executive Director of The Conference Board Governance Center; Bill Ide, Partner at McKenna Long & Aldridge
  • From:
Your email has been sent.
or close