Hi [[ session.user.profile.firstName ]]

Enabling the First Line of Defence with Policy, Training & Issue Reporting

Front line employees are making risk and compliance decisions every day and can either protect or expose the organization to unwanted issues. Risk and compliance are not just about the back office of risk, compliance, and audit management but it is about the front office engagement and education of employees on what is acceptable and unacceptable and how to report issues. The Three Lines of Defence is a popular framework for managing Governance, Risk Management & Compliance (GRC). While a lot of attention has been given to effective management of the second (risk and compliance managers) and third line (internal audit) of defence, not a lot has focused on how to effectively engage the first line of defence: the employees and managers in the front line of the organizations.

This webinar focuses on how to engage and enable the front lines of your organization through effective communication and training on policies and how to report issues and incidents in the organization.

Attendees will learn:

• GRC in the context of the Three Lines of Defence Model
• How the second and third line of defense depend on the first line to protect the organization
• How to effectively communicate and train the first line of defence on policies
• Methods for first line employees to identify and report issues and incidents
• How technology can automate and enable the first line of defence
• Driving efficiency, effectiveness and agility into all three lines of defence
Recorded Sep 18 2018 41 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Michael Rasmussen
Presentation preview: Enabling the First Line of Defence with Policy, Training & Issue Reporting

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Data Breach Blame Game: Employees or Employers? May 27 2021 2:00 pm UTC 43 mins
    David McClelland, Technology Reporter, Robert O'Brien, Cyber Security Awareness for Dummies Author & MetaCompliance CEO
    With cyber security lawsuits on the rise, the probability and financial impact of cyber incidents are ever-growing for organisations. The aftermath of a data breach can have crippling consequences across all aspects of an organisation and there is inevitably a blame game that follows any cyber incident.

    Join us for our upcoming webcast titled, ‘The Data Breach Blame Game: Employees or Employers?’, to explore the increasingly complex question of liability and who should be accountable when a security lapse occurs.

    This 40 minute webinar will discuss:
    -The role of leadership and setting the tone from the top
    -Mitigating the risk of a data breach and limiting the damage if a data breach occurs
    -Why data breach prevention is the job of everyone and cyber security is more than an IT issue
    -Creating a culture of collective accountability and cyber security awareness
    -Finding innovative ways to keep cyber hygiene on the agenda
  • The Realities of Getting Staff Security Training Right Recorded: Apr 29 2021 37 mins
    David McClelland, Technology Reporter
    Despite the ongoing threat of cyber attacks, security awareness training remains a major challenge for management teams.

    Identifying what training needs to be delivered, who needs to be trained and a lack of employee engagement are all common obstacles that organisations face when it comes to implementing security awareness training.

    As every organisation knows, change management is notoriously difficult. The best security awareness programs approach the task in the same way as other organisational change projects. Change isn’t a given; it takes time and effort.

    The reality is cyber security can be a dry topic. As such, it’s vital you find ways to engage your staff if you want to positively impact behaviour within your organisation, raise awareness of cyber security threats, and embed a culture of compliance.

    This 40 minute webcast will explore:
    -How to implement staff security training that maintains momentum and encourages engagement
    -The importance of getting buy-in in the boardroom
    -Tailoring cyber security awareness training for your audience
    -Using storytelling to breathe life into your cyber security awareness campaign

    Special guest: Ravi Sankar, CISO, ItsDone
  • Key Steps to Implementing an Agile Policy Management Program Recorded: Mar 25 2021 40 mins
    David McClelland - Technology Reporter, Robert O'Brien - CEO MetaCompliance, Michael Rasmussen - GRC Expert
    In today’s complex business environment, organisations need to be able to respond rapidly to any changes and adapt policies where necessary. The only way to adapt to the dynamic, disrupted, and distributed nature of business is to be agile.

    This requires organisations to have an agile policy management program in place so they can react quickly to changes in risks, regulations, strategy, processes, roles, and responsibilities.

    An effective policy management program will provide a framework of governance, identify risks, define compliance, and play a crucial role in organisational success. It should also engage staff and clarify the standards of what is expected of them.

    The 40-minute webcast will explore:
    • How to monitor the internal and external environment for changes that impact policy.
    • Key steps to defining a policy management program that is agile and dynamic to the needs of the business.
    • Engaging employees on policies to ensure they know what is expected of them.
    • How to ensure policies are being followed and aligned with the needs of the business.
  • The Power of Company Personality in a Cyber Awareness Program Recorded: Feb 25 2021 29 mins
    Panelists: Robert O'Brien, MetaCompliance CEO, Robert Picket, Security Awareness Specialist and David McClelland, Technology
    User participation is one of the key measures of success in a cyber awareness program. All too often, organisations adopt a one size fits all solution that fails to resonate with the end-user.

    Incorporating company personality into your cyber awareness program is an effective way to tailor training to suit your audience and develop a campaign that engages employees.

    Join us at our upcoming webcast, titled The Power of Company Personality in a Cyber Awareness Program, 25th February at 15:00 GMT / 10:00 EST / 07:00 PST.

    This 30 minute webcast will explore:

    -The role of company personality in your cyber awareness program

    -Analysing your audience to create an awareness campaign that resonates

    -How to make your cyber awareness program relatable for your employees

    -Embedding storytelling to create a culture of cyber security awareness in your organisation

    -Localisation and other practical steps to engage users in cyber awareness activities
  • Cyber Security Awareness for Dummies Recorded: Jan 28 2021 27 mins
    Robert O'Brien, CEO MetaCompliance
    The coronavirus pandemic has triggered a new era that now sees organisations, employees and the public embracing information technology more than ever before. Technology has become an indispensable part of our lives, facilitating everything from the way business is conducted to staying in touch with friends and family.

    With entire workforces working from home (WFH) and supply chains morphing to accommodate the new situation, the uncertainty of the Covid-19 crisis has created a fertile environment for cybercriminals to inflict crippling consequences.

    Join award-winning Cyber Security thought leader and Cyber Security Awareness For Dummies author, Robert O’Brien as he offers a best practice approach to tackling staff awareness campaigns and improving employee security behaviours.

    To celebrate the launch of Cyber Security Awareness For Dummies, all webinar registrants will receive an exclusive hard copy of the book for free. This resource will act as an invaluable playbook for managing staff awareness programs within your organisation.

    In this webinar we will cover:
    • The modern Cyber Security landscape and secure working from home challenges
    • Determining what Cyber Security awareness means for your organisation
    • The challenges of changing organisational security culture
    • The importance of policies to establish safe baselines
    • How to set up a staff awareness program
    • Top 10 cyber awareness tips
  • Planning a Realistic Security Awareness Campaign in 2021 Recorded: Dec 14 2020 28 mins
    Robert O'Brien, CEO MetaCompliance / David McClelland, Technology Reporter
    Boy, did we need security awareness training in 2020! As we adapted to the new hybrid situation of staff working from home and from the office, it became clear how difficult it is to keep people safe online.

    Cybercriminals were quick to exploit any gaps in security, and since the start of the pandemic, there has been an 800% increase in ransomware attacks and a 600% increase in phishing attacks.

    Your staff need guidance to help increase their vigilance and protect your organisation from evolving cyber threats. We’ve put together some lessons learned to help you plan your 2021 security awareness campaign.

    Join us at this webinar to find out the key planning approaches to implementing an effective annual security awareness program.

    Attendees will learn:
    1. How little and often ensures consistency.
    2. Top tips to avoid end user fatigue.
    3. Approaches to bring the leadership function on board with the right security awareness communication strategy.
    4. The importance of treating people like adults when obtaining their buy in.
  • Policy Engagement in the COVID Environment and Beyond Recorded: Nov 19 2020 49 mins
    Michael Rasmussen
    As organizations transitioned to a working from home environment and adapted to changes in the risk, regulatory, business, and economic environment, one thing became apparent . . . policies were a mess.

    Organizations found that they had multiple policy portals across different departments, policies were written in different language styles, had different templates, and lacked consistency.

    This was counter-productive in organizations that needed to show strong corporate culture and consistency to engage employees and ensure control in a time of chaos.

    As organizations continue to adapt to the current crisis, recover from it, and prepare for what’s next, it’s clear that policy engagement is a critical foundation. Attendees of this webinar will learn how to:

    • Maintain a central library of all the organization’s policies
    • Write policies that are consistent in style, template, and tone to improve culture
    • Provide a single portal for employees to access policies and related training
    • Engage employees in activities and interactions that support policy understanding
    • Measure policy awareness, understanding, and conformance throughout the organization

    Presenter: Michael Rasmussen
    Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC). With over 25 years’ experience in the industry, Michael helps organizations improve GRC processes, design and implement GRC architecture, and select technologies that are effective, efficient, and agile.
  • Beware of the Walking Brain Dead Recorded: Oct 29 2020 22 mins
    David McClelland, Technology Reporter
    Could a lack of staff education lead to an information security nightmare?

    For many organisations, a data breach is their worst nightmare. In 2020, not only has COVID-19 led to a huge increase in cyber-attacks, it has also highlighted the ongoing need to demonstrate compliance to mitigate the risk of financial sanctions.

    Only by adopting a people based cyber security awareness program and educating staff on the importance of digital vigilance, can a suitable response to the regulatory environment be created. 

    At this webinar we will explore:
    -The changing landscape for employers and the challenge of preventing data breaches

    -The key areas of focus for organisations attempting to lower their cyber risk

    -What’s working and what’s not in Cyber Security awareness

    -Communicating to staff in a world of working from home

    Panelists: Robert O'Brien, MetaCompliance CEO / David McClelland, Technology Reporter / Luke Noonan, MetaCompliance Senior Information Security Consultant
  • COVID-19: Digital Transformation and Cyber Security Recorded: Sep 23 2020 21 mins
    Robert O'Brien, Cyber Security Thought Leader
    The coronavirus crisis has forced many organisations to change their business model, whether they wanted to or not. Working from home and Zoom based interactions are likely to be here for the foreseeable future. As part of our ‘new normal’, we have become increasingly reliant on technology to stay connected.

    Organisations have recognised the opportunity that this rapid digital evolution affords to implement new, modern business models. These digital transformations can also be implemented quicker than ever before, given the dramatic changes in the business environment.

    Join us at our webinar ‘COVID-19: Digital Transformation and Cyber Security’ as our resident Cyber Security thought leader, Robert O'Brien, explores the importance of approaching digital transformation with an information security and privacy mindset.

    At this webinar we will also explore:

    -Organisational transformation during Covid 19 and the impact on employee digital safety

    -Leveraging new and existing digital transformation projects to promote ‘Secure by Design’ strategies

    -Approaches to ensure that the leadership function places security at the centre of their digital transformation strategy
  • Don’t Rely on the Luck of the Irish for Cyber Security Recorded: Mar 17 2020 33 mins
    Suzie McDonald, James MacKay, Robert O'Brien
    In a nod to our Irish heritage, MetaCompliance is hosting a special St Patrick's Day themed webinar where we'll explore why you'll need more than the 'luck of the Irish' to mitigate against threats, breaches, and attacks. Someone somewhere is wanting to steal your pot of gold at the end of the rainbow. Don't let it be their lucky day.

    Join Robbie O'Brien, Cyber Security thought leader and author of the soon to be released Dummies Guide to Cyber Security, and CEO of MetaCompliance alongside James Mackay, Chief Revenue Officer and Suzie McDonald, Marketing Manager for this 20 minute webinar to explore:

    - The psychology of social engineering
    - The consequences of a data breach
    - Why data is the new pot of gold at the end of the rainbow
    - Common assumptions about Cyber Security
  • Why Hearts and Teddy Bears are the Ideal Vector for Ransomware – Valentine's Day Recorded: Feb 13 2020 14 mins
    Suzie McDonald, James MacKay, Robert Pickett
    With Valentine’s Day around the corner, we’re having a conversation about why Valentine’s Day is so important when it comes to Cyber Security.

    Today we’ll consider how certain times of the year expose vulnerabilities of both individuals and companies, thinking about how behaviour is impacted by calendar events, and how hackers and cyber criminals capitalise on this with bespoke tactics, and look at the real-life consequences and examples of an attack or breach.

    Today we will cover with James and Luke:

    - Why Hearts and Teddy Bears are the Ideal Vector for Ransomware

    -How cyber criminals will prey on your heart and purse strings through specific social engineering tactics - e-cards / dupe websites / sweetheart scams through dating apps etc.

    -Consequences of a Data Breach

    - Prevention – how to keep your heart in cyber security all year round
  • A New Strategy for Effective Cyber Security Awareness Campaigns Recorded: Jan 30 2020 44 mins
    Luke Noonan, Robert O'Brien
    MetaCompliance webinar: A new Strategy for Implementing Effective Cyber Security Awareness Campaigns

    The best way to change user behavior and create a culture of enhanced security awareness is through a comprehensive security program that leverages a wide variety of tools and techniques. At this webinar we’ll explore how organizations can develop a fit for purpose cyber awareness strategy that engages employees, reduces risk and ultimately helps create a culture of Cyber Security awareness.

    Key Takeaways

    1.How to identify the key aspects of a Cyber Security Awareness Campaign
    2.How to build momentum for an awareness campaign
    3.The importance of security frameworks and data protection
    4.What methods can be employed to engage Senior Executives and obtain support for awareness campaigns
  • A Nightmare on Breach Street II - A Hacker's Revenge Recorded: Oct 24 2019 48 mins
    James McKay, Robert O'Brien
    2019 is shaping up to be a record year for data breaches. The first six months of 2019 have seen more than 3,800 publicly disclosed breaches exposing a staggering 4.1 billion compromised records.

    The statistics are truly frightening and highlight the scale of the problem that organisations across the world are now facing. Cybercrime is a profitable business and hackers are becoming increasingly more advanced in their attack methods.

    To combat this growing threat, organisations must develop a robust and comprehensive security awareness campaign that will educate staff, protect sensitive data, reduce threats and protect brand reputation.

    At this webinar we’ll explore:

    · What has changed in the Information security space since last year
    · How to reduce cyber risk
    · What's working and what's not in Cyber Security awareness
    · How organisations can develop a fit for purpose cyber awareness campaign
    · What methods can be used to engage staff
  • Strategies for Integrated Policies and Training - Employee Engagement Recorded: Aug 28 2019 53 mins
    Michael Rasmussen
    Policies are only effective if they are clearly understood. Effectively communicating policies, directing corporate culture & behaviour, and measuring comprehension requires a communication and training plan.

    Organizations need to provide an integrated approach to policy and training management that delivers both contextually and supports each other. The overall employee experience and engagement on policies and training is critical, particularly for the millennial workforce. Haphazard approaches will lead to employees ignoring the training and will be ineffective.

    This webinar details strategies and best practices to effectively engage employees on an integrated approach to policy and training management, including:

    • Critical relationship of policies and training
    • How to build a policy communication and training plan
    • Defining employee audiences based on risk to determine who needs more detailed training/awareness
    • Role of technology in delivering an integrated policy and training employee experience
  • 5 practical steps to implement your GDPR project Recorded: May 23 2019 30 mins
    Robert O'Brien, CEO, MetaCompliance & Shane Fuller, Privacy Director & DPO, MetaCompliance
    There is so much material out there claiming to be the ultimate guide to your GDPR project, but a lot of this is complex jargon that doesn’t offer a pragmatic solution to the GDPR conundrum.

    Ensuring a successful GDPR project requires financial investment as well as time. With the May 2018 deadline getting closer, there is an increasing unease within organisations regarding their ability to mitigate the risk and demonstrate compliance.

    With this Webinar, we will provide you with 5 practical steps to implement your GDPR project. By the end of the Webinar you will be in possession of structured and practical solutions that lead to GDPR compliance.

    As a bonus for attending the Webinar, you will also receive a copy of the official GDPR for Dummies guide. We understand that GDPR is a complex issue, that’s why we worked with subject matter experts and the Wiley brand to create the official GDPR for Dummies guide that offers a practical approach to GDPR.
  • Enabling the Third Line of Defence through Policy Assurance Recorded: Apr 18 2019 45 mins
    Michael Rasmussen
    The Three Lines of Defence is a popular framework for managing Governance, Risk Management & Compliance (GRC).

    In our first webinar, we explored the policy implications of the first line of defence – the front-line employees, then we explored effective policy management and oversight in the second line of defence.

    In this webinar we now explore the third line of defence, audit and assurance professionals and their role in providing assurance and validation that policies are properly managed, communicated, and enforced in the organization.

    The third line of defence is key in providing validation and assurance that policies are properly managed and current by the second line of defence, and the third line provides assurance that the first line of defence is aware of policies and that they are lived by throughout the organization to maintain integrity, mitigate risk, and reliably achieve organization objectives.

    Join this session to learn:

    - How the third line interacts with the first and second lines of defence to provide assurance on policies
    - How to effectively audit and validate policies to ensure they are current and understood in the organization
    - Methods for third line employees to assure policies are managed by the second line
  • 5 Ways to Bake Privacy & Cyber Security Awareness into your Teams Recorded: Apr 4 2019 24 mins
    James MacKay, Luke Noonan, Robert Pickett
    Most companies have active digital transformation projects aimed at evolving the organisation into the new digital economy. Its also becoming important in commercial relationships to be able to demonstrate that your organization has adopted best practice Privacy and Information Security best practices. Often these have to be detailed in vendor risk assessments.
    The problem is that these are relatively new concepts and initiatives for the majority of staff members. Often Corporate Communications for Digital Transformation projects neglect to highlight Privacy and Cyber Security requirements. On top of that, this is an area that staff view as dull and boring.

    Getting your senior management and staff to engage in the necessary Privacy and Cyber Security awareness projects requires innovative thinking. Our philosophy is that it is the responsibility of the organisation to make these topics palatable for employees.

    At this webinar we will explore tried and tested approaches to obtaining staff participation, whilst at the same time delivering audit reporting to assist with Regulator relations.

    The webinar will explain:

    How to focus on the human aspect, including the difficulty for management to maintain these initiatives.
    How to approach user digestion of complex InfoSec and Privacy subjects.
    Using increased Privacy and InfoSec projects for competitive advantage
  • 2019 Cyber Security Challenges for Local Government Recorded: Feb 28 2019 25 mins
    Robert O'Brien, Peter Grogan
    Local Government has been managing the impact of both Privacy and Cyber Security risk for many years. However, with the implementation of GDPR and the adoption of digital transformation initiatives, there has been a significant increase in the information security risks for public sector organisations.

    Robert O'Brien, CEO of MetaCompliance, will be joined by Peter Grogan, former Information Governance Officer for Somerset Council, in an informal exploration of these issues and what the future of Cyber Security in local Government might look like.
  • It's Cyber Awareness Jim, But Not as We Know It Recorded: Jan 31 2019 29 mins
    Robert O'Brien, James Mackay, Robert Pickett
    As hackers hone their techniques and become more targeted in their attacks, it’s important to educate staff and provide them with role specific Cyber Security training that can equip them to deal with the most up to date Cyber Security threats.

    The problem with traditional Cyber Security training is it is bland, boring and leads to very low levels of staff participation which poses a huge risk to the security of an organisation.

    To be effective, Cyber Security awareness training needs to be specific to each organisation. It should be tailored to reflect the way people really work with security in an organisation and address the threats they face on a daily basis.

    MetaLearning is a brand-new way of engaging staff with Cyber Security awareness. It enables organisations to create customised training for their staff from an extensive library of short eLearning courses. The courses are easy to create and can be personalised and branded to make the content more relevant to staff.

    At this webinar, attendees will learn:
    - How to engage staff with Cyber Security training that is relevant to their role
    - How automation within your organisation can be used to improve Cyber Security
    - Key initiatives for Cyber Security awareness in 2019
  • Enabling the Second Line of Defence with Effective Policy Management & Oversight Recorded: Jan 23 2019 47 mins
    Michael Rasmussen
    The Three Lines of Defence is a popular framework for managing Governance, Risk Management & Compliance (GRC). In our first webinar on the Three Lines of Defence we explored the policy implications of the first line of defence – the front line employees. In this webinar we now explore the second line of defence, the risk, security, and policy owners and managers and their job in ensuring that policies are current and understood in the organization.

    Continual growth of regulatory requirements, complex business operations, and global expansion demand a well thought-out and implemented approach to policy management that is governed by the second line of defence. In order to achieve effectiveness, efficiency, and agility in policy management, organizations need to define a structured governance framework and process. However, effectively managing policies is easier said than done. To consistently manage and communicate policies, the second line of defence is turning toward defined processes and technologies to govern policies and implement an effective policy management lifecycle.

    This webinar focuses on how to effectively manage and govern policies and enable the second line of defense in your organization through effective policy oversight.
    Attendees will learn:
    • GRC and policy management in the context of the Three Lines of Defence Model
    • How the second interact with the first and third lines of defense to protect the organization
    • How to effectively manage and maintain polices in the organization
    • Methods for second line employees to ensure that first line of employees are aware of policies
    • How technology can automate and enable the second line of defence
    • Driving efficiency, effectiveness and agility into all three lines of defence

    Enabling the First Line of Defence Webinar: https://goo.gl/accjxb
Helping you to build a modern Cyber Security and Compliance Culture
MetaCompliance is a cyber security and compliance organisation that helps transform your company culture and safeguard your data and values. We create state-of-the art eLearning, GDPR, policy management, incident management and phishing solutions that our clients trust to help them create a better relationship with employees and regulators.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Enabling the First Line of Defence with Policy, Training & Issue Reporting
  • Live at: Sep 18 2018 2:00 pm
  • Presented by: Michael Rasmussen
  • From:
Your email has been sent.
or close