Hi [[ session.user.profile.firstName ]]

Uncovering Security Performance Myths & Realities

Organizations have long struggled to find objective ways to measure and compare performance, leaving many executives to trust metrics and data points that may not be painting the clearest picture of security posture.

To highlight this issue, BitSight recently surveyed over 300 IT executives in 4 major industries to assess their confidence in their security performance. We then compared responses to our own security ratings data, which measures effectiveness across key performance areas including security events, configurations, and user behaviors.

In this webinar, BitSight EVP of Sales & Marketing Tom Turner takes a deeper look into these fidings and discusses the business implications of optimism bias.

Download this webinar to learn:

How security performance varies among Finance, Healthcare, Retail, and Energy/Utilities
Whether optimism bias exists in these industries and how it may be affecting overall security performance
Why continuous performance monitoring should be a critical component of enterprise risk management and how leading organizations are using BitSight Security Ratings to manage their cyber risk
Recorded Jul 28 2015 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tom Turner, EVP, BitSight
Presentation preview: Uncovering Security Performance Myths & Realities

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Lessons Learned in 2017: Reflecting on the Year's Security Trends Dec 5 2017 4:00 pm UTC 60 mins
    Stephen Boyer, CTO, BitSight; Dan Dahlberg, Data Scientist, BitSight
    From WannaCry to NotPetya, 2017 demonstrated an increase in the sophistication of cyber attacks occurring worldwide. As these incidents become more frequent and target more prominent organizations, is your business adequately prepared in your cyber risk strategy moving into 2018? Join BitSight CTO Stephen Boyer and Data Scientist Dan Dahlberg as they discuss:

    - BitSight’s own research on outdated endpoints and their correlation to the May 2017 WannaCry attacks.

    - Cybersecurity trends shown throughout the year, and their implications on the nature of the incidents we can expect in 2018.

    - Recommendations for creating a strong security strategy that proactively mitigates risk within your organization and across your supply chain in 2018.
  • Vendor Risk Management Performance: Key Reporting Metrics for Executives Nov 29 2017 4:30 pm UTC 60 mins
    Rebecca Ruiz (Southern California Edison), Tom Stumpek (Former CIO & CISO, General Electric), Joel Alcon (BitSight)
    Organizations continue to outsource critical operations to third parties. As a result of this trend, security ratings are quickly becoming a key component of effective vendor risk management (VRM) strategies.

    Although Boards of Directors and senior executives are interested in their organization’s security posture, information security and risk management teams often lack the necessary information to help them understand details and clearly communicate about the aggregate risk of their vendor ecosystem.

    Join us as Rebecca Ruiz (Principal Advisor, IT Cybersecurity & Compliance, Southern California Edison), Tom Stumpek (former CISO and CIO, General Electric), and Joel Alcon (Product Marketing Manager, BitSight) discuss best practices for reporting metrics to senior executives around vendor risk management performance.

    Join this interactive webcam panel webinar to learn more about:
    - Southern California Edison’s methods of effectively reporting their vendor risk management program performance to their cybersecurity oversight group.
    - An executive perspective on the “do’s and don’ts” of successfully presenting your organization’s security posture through metrics and beyond.
    - Proactive ways to mitigate third party risk.
  • Assessing the Cyber Performance of the Financial Services Supply Chain Nov 8 2017 4:00 pm UTC 60 mins
    Tom Montroy, Data Scientist, BitSight; Noah Simon, Product Marketing Manager, BitSight
    An increasing number of data breaches begin with the compromise of a key vendor or business partner. This was evident with the spread of NotPetya ransomware this past June, which highlighted to the world the importance of updating systems within corporate networks to prevent susceptibility to breach. Now more than ever, it’s critical that organizations are aware of both the vulnerabilities within their own networks and those within their supply chain.

    Join Noah Simon (Product Marketing Manager, BitSight) and Tom Montroy (Data Scientist, BitSight) as they analyze BitSight’s findings on common security issues found within the supply chain of the Financial Services industry, and what any organization managing third-party risk needs to know. In this webinar, they will discuss:

    - The security performance of over 5,200 Legal, Technology, and Business Services companies monitored by hundreds of Financial Services firms on the BitSight Security Rating platform.

    - BitSight’s research on botnet infections, outdated systems, and peer-to-peer file sharing within the Financial Services industry.

    - Best practices for managing third-party cyber risk and analyzing weak links in your supply chain.
  • Improving the Maturity of Your Vendor Risk Management Program Oct 31 2017 3:00 pm UTC 30 mins
    Erinmichelle Perri, CISO, Multiplan; Joel Alcon, Product Marketing Manager, BitSight
    As the complexity of cyber attacks grows, healthcare organizations are keenly aware of the sensitive data that is at the heart of their businesses. Healthcare companies must remain vigilant about their security posture as well as the security of their third and fourth party vendors, especially as patient data continues to migrate to digital systems.

    In this webinar, Erinmichelle Perri, CISO of MultiPlan, and Joel Alcon, Product Marketing Manager at BitSight will discuss:

    - The biggest security challenges facing the healthcare industry today and proactive ways these organizations can mitigate cyber risk.

    - How MultiPlan effectively reports on their security and vendor risk management programs to their Board of Directors using security ratings.

    - How MultiPlan has established a scalable vendor risk management strategy that fosters collaboration between MultiPlan and its trusted vendors.
  • Are You Ready for GDPR? Preparing Your Organizational Checklist Oct 19 2017 11:00 am UTC 60 mins
    Julian Parkin, Metro Bank; Ewen O'Brien, BitSight
    Introduced in 2016, the General Data Protection Regulation (2016/679)—or GDPR—was created for the purpose of strengthening the European Union’s (EU) procedures and practices related to data protection. GDPR will impact organisations worldwide and implement maximum fines of up to €20,000,000 (or 4% of global turnover) if they fail to ensure compliance. Join BitSight’s Ewen O’Brien and Metro Bank’s Julian Parkin as they discuss:

    - The checklist organisations should review to align their business with GDPR.
    - Noteworthy articles within GDPR and how they affect data governance/usage.
    - BitSight’s recommendations for monitoring the GDPR compliance of third party vendors.
  • A Growing Risk Ignored: Exploring the Risks & Pitfalls of Outdated Systems Sep 27 2017 3:00 pm UTC 45 mins
    Dan Dahlberg, Data Scientist, BitSight
    This past May, over 300,000 computers in over 150 countries were affected by the WannaCry ransomware attacks. Despite an available patch from Microsoft, many of the companies failed to install critical updates prior to the attack-- leaving them vulnerable. Thousands of machines were infected and the worm caused network outages, flight cancellations, and ATM failures.

    Given the increasing number of endpoint devices connected to corporate networks, the ever- expanding supply chain, and the complexity of cyber attacks, are companies adequately updating their operating systems? In this webinar, BitSight Data Scientist Dan Dahlberg will discuss:

    - BitSight’s own research on outdated endpoints and their correlation to the May 2017 WannaCry attacks
    - The risk of running outdated systems on your business’ bottom line
    - The risks organizations face if companies in their supply chain are not keeping up with their patching process
  • Lessons from the Trenches: 6 Years of Continuous Monitoring Recorded: Sep 14 2017 47 mins
    Jake Olcott, VP of Strategic Partnerships, BitSight
    Join Jake Olcott, VP of Strategic Partnerships at BitSight, as he discusses best practices and lessons learned from top risk leaders and organizations, along with unique data and insight into recent events like WannaCry. This webinar will cover:

    - The evolution of vendor risk management and the increasing importance of investment in cybersecurity programs to monitor and mitigate emerging threats.

    - A breakdown of the Fortune 1000’s security performance according to BitSight researchers.

    - BitSight’s recent research on data breaches, especially the correlation between ransomware attacks like WannaCry and outdated systems.

    - The value of continuous monitoring with security ratings throughout the vendor lifecycle.
  • Catching the Blind Spots of Vendor Risk Management Recorded: Aug 15 2017 26 mins
    Joel Alcon, BitSight
    In today’s day and age, organizations understand that data breaches are a growing problem, but many fail to realize that a third party breach can impact them as much as a breach on their own network. In this webinar, BitSight’s Joel Alcon will discuss:

    -Several misconceptions surrounding vendor risk management (VRM)

    -The role both the Board of Directors and Regulators are playing in third party security practices

    -How organizations can proactively create a strategy to avoid common pitfalls
  • Secrets of the Superstar CISO Recorded: Jul 27 2017 59 mins
    Jake Olcott, VP of Strategic Partnerships, BitSight; Chris McClean, Vice President, Research Director, Forrester (Guest)
    As business success grows more reliant on data, technology, and third parties, CISOs and security leaders are finding themselves more often in the spotlight. They're being asked to brief board members, respond to third party requests, guide critical decisions, and make tough strategic calls. These increasing expectations are creating great opportunities for CISOs to shine, but to do so, they need to rise to the occasion. This webinar takes best practices and lessons learned from "superstar" CISOs, explaining what top security leaders are doing to lead their companies successfully through some of today's most complex business and technology challenges.
  • Impact of NotPetya & Top Recommendations for Defending Against the Next Big One Recorded: Jul 13 2017 62 mins
    Greg Bell (Corelight), Stephen Boyer (BitSight), Michael Landewe (Avanan), Brian Robison (Cylance)
    In the aftermath of the recent NotPetya/ExPetr cyber attack that spread across Europe, Asia and the US in June, what are the lessons for enterprises and organizations? How should we improve our critical data security in an age of high-frequency and high-impact cyber attacks?

    Join this interactive Q&A panel session with security experts from Cylance, Corelight and BitSight as they discuss:
    - Trends in cyber attacks: NotPetya / Wannacry
    - The short-term and long-term impact
    - Tips for organizations on how to improve their security posture
    - Steps to take today and insights to guide your long-term security strategy

    - Greg Bell, CEO of Corelight
    - Stephen Boyer, CTO & Co-founder of BitSight
    - Michael Landewe, Co-Founder of Avanan Cloud Security

    - Brian Robison, Sr. Director of Technical Marketing, Cylance
  • A Growing Risk Ignored: Exploring the Risks & Pitfalls of Outdated Systems Recorded: Jul 12 2017 40 mins
    Dan Dahlberg, BitSight
    This past May, over 300,000 computers in over 150 countries were affected by the WannaCry ransomware attacks. Despite an available patch from Microsoft, many of the companies failed to install critical updates prior to the attack-- leaving them vulnerable. Thousands of machines were infected and the worm caused network outages, flight cancellations, and ATM failures. Given the increasing number of endpoint devices connected to corporate networks, the ever- expanding supply chain, and the complexity of cyber attacks, are companies adequately updating their operating systems? In this webinar, BitSight Data Scientist Dan Dahlberg will discuss:

    -BitSight’s own research on outdated endpoints and their correlation to the May 2017 WannaCry attacks

    -The risk of running outdated systems on your business’ bottom line

    -The risks organizations face if companies in their supply chain are not keeping up with their patching process
  • Ransomware & Other Cybersecurity Trends In Major Industries Recorded: May 31 2017 36 mins
    Jay Jacobs, Joel Alcon: BitSight
    Large-scale data breaches continue to hit all industries, leading to millions of compromised records. According to the Identity Theft Resource Center, there were 780 data breaches in which nearly 178 million records were compromised. While no industry is immune to data breaches, some are more prepared than others.

    Join Jay Jacobs, Senior Data Scientist at BitSight as he explains how security posture differs in six major industries. This webinar will highlight new findings on:

    - The most common ransomware infections
    - The rate of ransomware infections found across major industries
    - The aggregate BitSight Security Rating for each industry
  • Reputation Matters: Keeping Your Brand Strong in the Age of Cyber Risk Recorded: May 23 2017 61 mins
    Jake Olcott, VP of Business Development, BitSight; Siobhan Gorman, Brunswick Group; John Fiore, Former CIO, BNY Mellon
    In today's world, a cybersecurity incident can quickly become a risk to an organization's reputation. Reputational risk management is a critical business practice to ensure that your organization is doing everything possible to minimize the potential damage to its character or value.

    Join our panelists Jake Olcott, VP of Business Development at BitSight, Siobhan Gorman, Director at Brunswick Group, and John Fiore, Former CIO of BNY Mellon as they discuss:

    - How to mitigate reputational risk through cybersecurity risk management
    - Ways in which reputational risk can affect your company's bottom line
    - What executive leaders and board members care most about in regard to reputational risk
    - Examples of successful and unsuccessful reputational risk management
    - How security officials should be thinking about reputational risk management in their data security initiatives
  • Are Common Business Partners Putting You At Risk? Recorded: Apr 18 2017 28 mins
    Jay Jacobs, Senior Data Scientist, BitSight Technologies
    BitSight researchers recently studied the security performance of Fortune 1000 companies alongside a random sample of companies with a similar industry breakdown. How did they compare, and what should organizations take away from the study?

    Join Jay Jacobs, Senior Data Scientist at BitSight to learn about the security strengths and weaknesses found within Fortune 1000 companies. In this webinar, you’ll learn:

    - How the security hygiene of Fortune 1000 companies compare to similar counterparts
    - Why Fortune 1000 companies disclose nearly twice the amount of data breaches as other companies
    - Common machine comprises found in Fortune 1000 companies
    - What all businesses can take away as a result

    Register today and get a copy of the report upon attending the webinar!
  • How to Approach Portfolio Risk Aggregation Recorded: Mar 29 2017 38 mins
    Samit Shah
    Join us on Wednesday, March 29th has Samit Shah, BitSight's Insurance Solutions Manager discusses how cyber insurers should approach portfolio risk aggregation and how other businesses can use this mindset to decrease risk across their portfolio of vendors.
  • 3 Ways to Improve Your Security Performance This Year Recorded: Mar 9 2017 24 mins
    Julia Grunewald, Senior Customer Success Manager, BitSight Technologies
    With new cyber attacks and data breaches emerging on a daily basis, today’s organizations need a deeper understanding of the security performance of their programs, policies, and third parties. That’s why many companies use security ratings to help measure and mitigate cyber risk across their business ecosystems.

    Join this talk to learn how you can improve your organization’s security rating by improving your overall security posture.

    In this webinar, you’ll learn:

    - Three ways to improve your security performance in 2017
    - What impact these changes could have on your Security Rating
    - How to use BitSight Security Ratings to prioritize the remediation of security events and issues
  • How to Mitigate Cyber Risk with Efficient Vendor Risk Management Recorded: Feb 22 2017 42 mins
    Kevin Roden and Julia Grunewald
    Over the past few years, outsourcing business functions to vendors has been on the rise. In fact, there are more third-party relationships today than ever before. However, as the number of supplier relationships grows, so grows the amount of risk those suppliers pose. And in today’s hyper-connected landscape, cyber risk has taken center stage when it comes to vendor risk.

    Join former CIO, Kevin Roden, and BitSight’s Senior Customer Success Manager, Julia Grunewald, on Wednesday, February 22nd at 1pm ET, as they discuss traditional and emerging vendor risk management (VRM) tactics.

    In this webinar you’ll learn:
    - How VRM has traditionally been handled
    - Why traditional strategies alone aren’t enough
    - Advice on how to effectively and efficiently mitigate cyber risk
  • A CIO's Guide to Benchmarking Cybersecurity Performance Recorded: Feb 9 2017 61 mins
    Jake Olcott, VP of Business Development, BitSight, Tom Stumpek, Technology Advisor and former CIO of GE
    In order for a business to be competitive, it must be continuously improving. This is something the modern chief information officer (CIO) knows all too well. Further, technological advances and greater outsourcing in business have made cyber risk a key area that requires a great deal of thought from the CIO. So, how can CIOs know how their security programs are performing in order to make decisions on allocating funding, headcount, and policies?

    Join Jake Olcott. VP of Business Development at BitSight and Tom Stumpek, a Technology Advisor and former CIO for GE. Attendees will learn:

    - Why cybersecurity benchmarking is difficult for the modern CIO
    - Different methods of benchmarking you may be involved in (or want to consider)
    - How Security Ratings may solve many benchmarking challenges
  • Presenting Cybersecurity to the Board: Your How-to for Success Recorded: Jan 25 2017 62 mins
    Richard Clarke, Jasper Osstenjuk, Jake Olcott
    Today, cybersecurity is a #1 concern for board members. But what do they need to know? And how should it be presented?

    Richard Clarke has a pretty good idea. As a senior White House advisor to four U.S. Presidents, a member of three corporate boards, and CEO of Good Harbor Security Risk Management, he’s talked cybersecurity in both the Situation Room and the boardroom.

    Jasper Ossentjuk also knows how to present cybersecurity in the boardroom. As SVP and CISO for TransUnion, Jasper regularly presents information to his Board about his organization's security posture.

    On January 25th at 1:00PM ET, join Richard and Jasper for a discussion of:

    - What cybersecurity metrics and measurements are most important for the board
    - Methods for security leaders to communicate security issues across the enterprise
    - How to graphically represent your cybersecurity program
  • Exploring the Current State of Cybersecurity in the Legal Sector Recorded: Jan 19 2017 45 mins
    Jake Olcott, VP of Business Development at BitSight Technologies and Jay Jacobs, Sr. Data Scientist at BitSight Technologies
    Despite the fact that third party breaches have been on the rise, organizations may not be doing enough to manage the cybersecurity of all of their critical vendors. Law firms, in particular, are one of the most widely used third parties, yet the Legal sector may be getting overlooked in vendor security discussions.

    In fact, the latest BitSight Insights Industry Index report revealed that although companies in the Legal sector have high security ratings and low rates of vulnerabilities, the industry remains a key target for cyber criminals. Therefore, it’s crucial for organizations in this space to understand their cybersecurity posture and improve their vendor risk management techniques.

    Join Jake Olcott, VP at BitSight, and Jay Jacobs, Sr. Data Scientist at BitSight as they discuss data security in the Legal sector and beyond. In this webinar, you’ll learn:

    - How the cybersecurity posture of the Legal sector has changed over time
    - How the Legal sector stacks up against six other industries
    - The importance of cybersecurity in the Legal sector
Find Out How Security Ratings can Reduce Your Company's Risk.
The BitSight Security Rating Platform gathers terabytes of data on daily security outcomes from hundreds of sensors deployed across the globe.

All of the data is externally available and collected without any intrusive testing. Data is classified into several risk categories, including botnets, spam, malware, unsolicited communication, DDoS, and system configuration, and then mapped to an organization's known networks.

BitSight’s sophisticated algorithms analyze the data for severity, frequency, duration, and confidence to create an overall rating of that organization’s security performance.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Uncovering Security Performance Myths & Realities
  • Live at: Jul 28 2015 6:00 pm
  • Presented by: Tom Turner, EVP, BitSight
  • From:
Your email has been sent.
or close