Hi [[ session.user.profile.firstName ]]

Financial Quantification for Enterprise Cyber Risk

In order to bridge the gap between security and the business, you need a framework through which to assess your exposure to cyber risk and lead meaningful conversations on its business impact with the board and other stakeholders.
That’s where Financial Quantification for Enterprise Cyber Risk comes in — empowering you to provide the necessary business context through data-driven metrics that indicate your organization’s security program performance over time.
Recorded Apr 22 2021 2 mins
Your place is confirmed,
we'll send you email reminders
Presented by
BitSight
Presentation preview: Financial Quantification for Enterprise Cyber Risk

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Divide and Conquer - Efficiency in Third-Party Risk Management Nov 24 2021 12:00 pm UTC 30 mins
    Ronald Schmid - Consulting Engineer EMEA
    Organizations are increasingly reliant on third-party vendors, both in terms of their direct supply chain and their outsourced services and solutions. This business strategy often creates a silent threat, as it expands their attack surface while introducing more risk. Last but not least, this increased number of vendors creates an additional workload on the teams involved in their management.

    Scaling is an issue, and that is why some companies end up doing nothing about vendor risk and many others simply start collecting assessments. Meanwhile, they keep the door wide open for a security incident to happen.
    Whether you are planning, launching, growing or optimizing your third-party risk management journey, BitSight makes sure your program is efficient with the resources you have today, while boosting confidence in the risk management decisions you make.
    Join our webinar to learn more about:

    • Solving the riddle: increasing security while spending less time
    • Inventories: Because not all vendors are created equal
    • Assessments: Trust, but always verify
    • Teamwork: Improving risk through collaboration
  • What Metrics Does The Board Want To Hear From CISO’s? Oct 29 2021 9:00 am UTC 22 mins
    Alfonso Hermosillo - Consulting Engineer, EMEA, BitSight
    Not long ago, a board of directors would meet once or twice a year to be briefed on cybersecurity, check the box, and move on.
    Cybersecurity was little more than an afterthought, and mostly a box-checking exercise for compliance or to make sure the bases were covered in the wake of a newsworthy event.
    The single biggest responsibility of the board of directors is to protect the company and reduce risk. With little technical understanding at the board level, many were happy to simply throw money at the problem and leave it to IT professionals to handle.
    But the world has changed substantially in recent years, and some of the most dramatic changes have only come in 2020. Malicious actors are growing more sophisticated. The attack surface and vendor ecosystems have rapidly expanded, refocusing the security conversation towards digital risk and risk tolerance.
    Boards are increasingly looking at cybersecurity as a crucial part of the business. The problem is, the board doesn’t always know what to look for or how cybersecurity impacts the business.
  • Reinventing Cyber Risk Quantification - Financial Quantification for Enterprise Recorded: Oct 26 2021 33 mins
    Scott West - Principal Product Marketing manager BitSight; Tom Boltman - Director of Product Strategy Kovrr
    Digital Transformation and today’s sophisticated cyber attacks landscape, business leaders want to understand the financial ramification of this risks, and yet security leaders tend to have a more technical view.

    In this webinar, we will discuss on How financial quantified cyber risk to gain security outcomes.
    1. Cyber Risk
    2. Why Now?
    3. Financial Quantification
    4. Demo
    5. Q & A
  • Identify, measure and mitigate cyber risk with Security Ratings. Recorded: Sep 29 2021 32 mins
    Alfonso Hermosillo - Consulting Engineer, EMEA, BitSight
    Cyber risk management is key to help organizations identify possible cybersecurity risks not just internally, but also across their supply chain - and then proactively deciding how to approach and mitigate those risks. With the right strategy and tools in place they can significantly reduce cybersecurity risk, including their own cyber posture as well as their third and fourth parties.

    BitSight Security Ratings are a measurement of an organization’s security performance. Similarly to credit ratings, BitSight Security Ratings are generated through the analysis of externally observable data and offer a complete view of cybersecurity risk. This holistic approach offered by BitSight allows companies to uncover cyber risks that are otherwise unknown to all stakeholders.

    Join us in this webinar to learn more about:

    1 - What are Security Ratings?
    2 - How are Security Ratings calculated? - The Rating Process
    3 - How to use Security Ratings to help Identify & Remediate Cyber Risk
    4 - Correlation to a Breach
    5 - BitSight Security Ratings use cases
    6 - Q&A

    Armed with daily ratings, organizations can proactively identify, quantify and manage cyber security risk throughout their ecosystem.
  • The Road to DORA - Harmonize ICT Risk in the EU Financial Sector Recorded: Aug 24 2021 52 mins
    Nuno Almeida Silva - Consulting Engineer EMEA
    Announced in September 2020 as part of the new Digital Finance Strategy, the Digital Operational Resilience Act (DORA) is being carried out by the EU to harmonize Information and Communications Technology (ICT) risk requirements across Europe. This regulation specifically targets the banking and financial services industry, as well as the critical ICT service providers that are also found within the perimeter of their third-party business relations.

    The financial resilience of organizations in the European Union (EU) has been strengthened since 2008, following the European sovereign debt crisis that strongly affected some of the Eurozone countries. However, ICT risks have not been addressed in the same incisive and coordinated manner.

    With financial organizations’ increased reliance on technology firms, the EU is now suffering from a pervasive third-party risk management issue due to the lack of regulatory power to address associated security concerns. The risks arising from having those third parties in the supply chain ultimately puts these organizations on the radar of regulators. This urged the EU to start working on an oversight framework that could include all those firms deemed eligible, therefore bringing financial entities — as well as critical ICT third-party service providers and cloud service providers (CSPs) — into a regulatory perimeter. DORA will require organizations to implement secure technologies and processes to bring overall resilience into the global supply chain. This will involve taking their cyber risk strategies to the next level by implementing effective third-party risk management programs.

    Join our webinar to learn more about:
    1 - How DORA will consolidate ICT risk requirements in financial 
entities ;
    2 - The five pillars of the Digital Operational Resilience Act;
    3 - What DORA means for your organization — and when;
    4 - How BitSight can help your organization comply with DORA.
  • Ransomware Webinar - What data tells us about the Risk? Recorded: Jul 22 2021 50 mins
    Jacob Olcott | Vice President of Communications and Government Affairs for BitSight
    How can security professionals avoid joining the growing list of ransomware victims? In research published last week, BitSight found that poor patching performance is a strong indicator of increased risk to ransomware -- in fact, organizations with less mature patching programs are 7x more likely to experience a ransomware incident.

    BitSight research analyzed hundreds of ransomware incidents and billions of security performance observations, creating sector and industry-specific analysis along with security program recommendations that we want to share with you.

    In this webinar we will cover the following topics:
    1 - How Ransomware Cases Increasing Dramatically;
    2 - How Ransomware Demands are Evolving?;
    3 - Bitsight approach;
    4 - Examples of Sectors;
    5 - Relationship Between Specific Vulnerabilities and Ransomware.
  • Ethical Hackers: Redefining The Security Landscape Recorded: Jul 14 2021 61 mins
    Diana Kelley, SecurityCurve | Jim Richberg, Fortinet | Nuno Almeida, BitSight | Luke Tucker, HackerOne |
    As security breaches and attacks become more sophisticated and complex, managing your vulnerabilities and gaining a human perspective on your security gaps is an effective way to protect your attack surface.

    With 34% of ethical hackers and vulnerability researchers reporting that they have seen more bugs due to pandemic-driven Digital Transformation initiatives (HackerOne), now is the time to integrate a human element into your security controls.

    In this episode of The (Security) Balancing Act we’ll deep dive into the threat landscape, looking at why the insights of an outsider might be just what your organization needs.

    Join us as we discuss:

    - The value ethical hackers and vulnerability researchers can bring to your organization
    - Why ethical hackers and vulnerability researchers are more valuable now than ever before
    - Considerations for crowdsourcing ethical hacking and penetration testing
    - How bug bounty programs benefit companies and the research community
    - What to know if you are thinking of launching a bug bounty program
    - How ethical hackers and vulnerability researchers enhance vulnerability management
    - The 2021 threat landscape
  • Why managing Third Party Risk is a Vital Part of Your Security Strategy Recorded: Jun 24 2021 62 mins
    Nuno Almeida Silva - Consulting Engineer EMEA
    In this webinar we will discuss the following topics:

    1 - Why third-party risk management (TPRM) is necessary in today’s business world;
    2 - Why you should focus on vendor risk instead of vendor threats;
    3 - Why vendor assessments alone are not enough;
    4 - How to set up a best-in-class TPRM program;
  • The New Era of Digital Trust - Strategies to mitigate risk across the enterprise Recorded: Jun 17 2021 62 mins
    Chris Poulin - Director, Technology & Strategy/ Deputy CTO, BITSIGHT; Bruno Horta Soares - Leading Executive Advisor, IDC
    Ecosystems based on trust will ensure integrity in transactions among entities by proactively managing the collective risk of an ecosystem that spans partners, suppliers, customers, and internal employees. Trusted ecosystems deliver integrity by design in digital transactions between partner entities.  Building trusted ecosystems will depend on new “rules of engagement” and new procedures across functional domains such as marketing, finance, procurement, and even with customers. Given the need for speed and agility in the hyperconnected digital economy, organizations will also develop a “trust framework” that allows for assessing, managing, and measuring risk in the ecosystem. These frameworks will help accelerate the process of establishing relationships that drive trustworthiness within the ecosystem.

    The webinar will discuss some of the main topics related with IDC vision of the “trust framework” and how Bitsight solutions are helping enterprises around the world creating trust outcomes, by improving security performance measurement across the Organization and ecosystem.
    Some of the discussing topics:
    ● Understanding the ecosystem cyber risk in its entirety (meaning understanding risk should go beyond immediate partners and include partner’s partners).
    ● Understanding all the potential risks to the ecosystem and prioritize those risks based on the impact to the entire ecosystem (Vendor risk tiering);
    ● Understanding what measures Organizations are required to implement based on European regulations;
    ● Developing plans for continuous monitoring of risks and vulnerabilities and creating ways to measure the collective “security rating” of the entire ecosystem.
  • Improving and Speeding up the onBoarding Process Recorded: Jun 8 2021 57 mins
    Nuno Almeida Silva - Consulting Engineer EMEA
    Digital transformation is expanding your ecosystems - the business connections which are helping you scale, grow your business, and give you a leg up on the competition - everything is connected!
    However along with this expansion is also the expansion of cyber threats - which continue to change and grow in numbers - 83% is now the new statistic of how many organizations have had a “risk incident” caused by a 3rd party - one thing to remember is because of 3rd party we are ALL part of that 83% - strong as your weakest link.

    What we’ve seen is a hyperfocus on cybersecurity and cyber risk - how many of you are being asked about cyber risk at the BoD level? Executive level? - they are starting to lean in as they are responsible for accepting and setting the risk appetite for the organization...

    In this webinar we will cover the improving and Speeding up the onBoarding Process. Some of the topics are the following:

    1 - Introductions;
    2 - Challenges on Assessing ThirdParty Risk and New Vendors;
    2.1 - Visibility
    2.2 - Scale
    2.3 - Engagement
    3 - Traditional methods, and scaling visibility;
    3.1 - Prioritize Resources
    3.2 - Increase Speed and Scale
    4 - Trust... but Verify;
    4.1 - Data Conversations
    4.2 - Collaborating
    4.3 - Building a Baseline
    5 - Oversight and Re-assessment;
    5.1 - Manage by exception
    5.2 - Planning and assessing Risk over time
    5.3 - Leverage, influence, and cross functional teams
    6 - Q&A
  • Reinventing Cyber Risk Quantification Recorded: May 25 2021 58 mins
    Scott West - Principal Product Marketing BitSight; Stephen Boyer - Founder & CTO BitSight; Yakir Golan - CEO Kovrr
    Being exposed to cyber risk is an inevitable part of doing business in today’s world. But when security leaders engage in conversations about cyber risk, they find themselves at a disadvantage. For many non-technical people, cyber risk is seen as complex and too often discussed in technical terms or through the lens of remediation plans for security incidents. While risk management professionals discuss business risk in terms of its impact on financial targets, cyber risk is all too often a misunderstood topic for the non-security crowd.

    Join us for this informative webinar featuring BitSight’s pioneering new product for financially quantifying cyber risk. In this session you will learn:

    1 - How a turnkey solution for financially quantifying your exposure to cyber risk saves you time and money;
    2 - How an on-demand offering allows you to incorporate financial quantification of cyber risk more often into your key business decisions;
    3 - How proven models and technologies built for the cyber insurance industry can give you the financial analysis you need to bring about a more universal understanding of cyber risk to your organization.
  • Financial Quantification for Enterprise Cyber Risk Recorded: May 18 2021 2 mins
    BitSight
    In order to bridge the gap between security and the business, you need a framework through which to assess your exposure to cyber risk and lead meaningful conversations on its business impact with the board and other stakeholders.
    That’s where Financial Quantification for Enterprise Cyber Risk comes in — empowering you to provide the necessary business context through data-driven metrics that indicate your organization’s security program performance over time.
  • Supply Chain Risk Management: 4th Parties and Beyond Recorded: May 11 2021 16 mins
    Vanessa Jankowski - Director of Product Management
    In this webinar we will talk about the following topics:
    1 - How 4th parties impact the risk environment;
    2 - Approaches to get a better handle on this challenging extension of third party risk management;
    3 - How Cybersecurity is playing a role in business and national risk;
    4 - DORA - Harmonizing thrid party risk management;
    5 - Establishing resilience with a zero-trust approach;
    6 - Board Visibility & Ongoing Monitoring;
    7 - Takeaways.
  • The Path to Confidence: BitSight for Third-Party Risk Management Recorded: May 5 2021 2 mins
    BitSight
    Organizations are investing in digital technologies to drive business into the future. This also means they’re increasingly reliant on third-party vendors for outsourced services and solutions— expanding their attack surface and introducing more risk. While these relationships must be monitored, many businesses are still doing nothing— or have just started implementing assessments — which still leaves the door wide open for a security incident to occur.
    Using BitSight for Third-Party Risk Management, you can:
    * Immediately see & understand the cyber risk across your supply chain.
    * Target your resources to achieve significant, measurable cyber risk reduction.
    * Work with third parties to quickly and collectively reduce cyber risk.
    Whether you are launching, growing or optimizing your third-party risk management approach, BitSight puts you on the path to having confidence — the confidence you need to make faster, more strategic cyber risk management decisions with the resources you have today.
    Learn more about BitSight for Third-Party Risk Management.
  • BitSight Security Ratings for Benchmarking Recorded: May 4 2021 2 mins
    BitSight
    BitSight Security Ratings for Benchmarking enable organizations to quantify their cyber risk, measure the impact of risk mitigation efforts, benchmark their performance against industry peers, and report security progress and results to Boards of Directors more clearly and effectively.
    Learn more at: https://www.bitsighttech.com/security-ratings-for-benchmarking
  • Manage Cyber Risk Recorded: May 3 2021 3 mins
    BitSight
    Learn how BitSight helps you to identify, manage and reduce cyber risk.
    Pioneering security ratings in 2011, BitSight provides trusted, time-tested and actionable security ratings that enable organizations to effectively measure cyber risk.
    With BitSight Security Ratings, companies can:
    * Monitor and benchmark their cybersecurity performance against industry peers and competitors
    * Build and strengthen their vendor risk management program
    * Report cybersecurity program effectiveness to the Board of Directors and executives
    * Leverage ratings to underwrite cyber insurance policies
    * Evaluate merger and acquisition activities
  • BitSight Security Ratings for Vendor Risk Management Recorded: May 3 2021 2 mins
    BitSight
    BitSight Security Ratings continuously monitor and quantify the cyber risk of third parties, enabling organizations to efficiently scale their vendor risk management programs. Security ratings can be instantly shared with critical third parties fostering more effective collaboration around security.
    Find out why thousands of users in leading organizations around the globe trust BitSight Security Ratings to help drive and scale their vendor risk management programs.
  • Financial Quantification for Enterprise Cyber Risk Recorded: Apr 22 2021 2 mins
    BitSight
    In order to bridge the gap between security and the business, you need a framework through which to assess your exposure to cyber risk and lead meaningful conversations on its business impact with the board and other stakeholders.
    That’s where Financial Quantification for Enterprise Cyber Risk comes in — empowering you to provide the necessary business context through data-driven metrics that indicate your organization’s security program performance over time.
  • Cracking the Code:Communicating Cybersecurity Performance to Boards & Executives Recorded: Apr 20 2021 39 mins
    Brian Mulligan – Director of Product Management, SPM BitSight; Scott West - Principal Product Marketing Manager BitSight;
    Cybersecurity is a fundamental business risk. As a CISO, you are often asked by C-Suite executives, Boards of Directors, regulators, and your customers to demonstrate a high level of cybersecurity performance. This can be challenging given the highly technical nature of security data and lack of technical expertise in your audience. This talk will discuss how to bring the necessary context for productive conversations.

    Topics include:
    • Is the level of cybersecurity performance appropriate for the business?
    • How does cybersecurity performance vary by business unit or geography?
    • Is there a high level of consistency in performance?
    • How do you communicate cyber risk in a language non-technical people will understand?
  • What Does the Board Want From Your Next Cybersecurity Report Recorded: Apr 12 2021 58 mins
    Jeff Pollard, Forrester; Stephen Boyer, BitSight; Jake Olcott, BitSight
    In this webinar, we will focus on How Can CISO's better engaged with senior leaders and board members on Cyber Security.

    The expression " Never bring unsolved problems to the board" will be one of the topics that the experts will focus on, such as present a case study from Forrester regarding security to the board members and which date should be shared with them. 

    Panelist will share their experience in the following topics:

    1 - Metrics;
    2 - SolarWinds;
    3 - Benchmarking; 
    4 - Risk quantification;
    5 - How confident the board members are with reports and how data is important
;
    6 - Impact of SolarWinds on the organization;
    7 - The impact on the ecosystem;
    8 - Which is the right communication to the board members; 
    9 - How CISO’s managing the success of the program;
    10 - Q&A
Find Out How Security Ratings can Reduce Your Company's Risk.
BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Financial Quantification for Enterprise Cyber Risk
  • Live at: Apr 22 2021 7:36 am
  • Presented by: BitSight
  • From:
Your email has been sent.
or close