Hi [[ session.user.profile.firstName ]]

Addressing the Challenge of Third-Party Vendor Risk: Securing Your Supply Chain

Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your business. Maintaining control of that data, especially with third-party services, can be extremely challenging and requires that you ask the right questions and enforce stringent security policies.

In an environment of increased outsourcing, cloud computing adoption, and regulatory requirements, how do you manage vendor risk and ensure you have a consistent evaluation life cycle

Join James McQuiggan, KnowBe4's Security Awareness Advocate, to get actionable steps you can use now to better manage your third-party vendor risk. You'll learn:

The importance of securing your organization's critical data
How to determine Supplier Security Proficiency
Why it’s important to understand the source of third-party products
The impact Vendor Questionnaires have on your Security Posture
How leveraging a GRC platform can ease the burden of risk assessments and audits
Recorded Sep 24 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
James McQuiggan
Presentation preview: Addressing the Challenge of Third-Party Vendor Risk: Securing Your Supply Chain

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Top 5 IT Security Myths Your CISO Believes Are True… BUSTED! Recorded: Nov 24 2020 59 mins
    Roger Grimes (KnowBe4), Erich Kron (KnowBe4), David Littman (TruthInIT)
    That got us thinking… what if we whip out our magnifying glasses, pull out the trench coats and use our research skills to differentiate fact from fiction? Join us for this interactive webinar where we’ll help you decide how to invest your time and money wisely, how to implement worthwhile defenses, and what holes to plug so your organization gets the best bang for your security budget buck.

    Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and Erich Kron, KnowBe4’s Security Awareness Advocate, along with TruthInIT's David Littman as they uncover the truth behind these 5 top IT security myths. They state facts and sling stats!

    - Good data backups will save you from ransomware
    - Long passwords are safer than short passwords
    - Running an obscure OS keeps your network safe
    - Every organization needs antivirus and firewalls on endpoints
    - End users can’t be trained; technology is your only defense
  • The Pesky Password Problem: Policies That Help You Gain the Upper Hand Recorded: Nov 24 2020 60 mins
    Roger Grimes (KnowBe4), David Littman (TruthInIT)
    What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?

    For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries’ inability to engineer secure systems. Password complexity, length, and rotation requirements are the bane of your end-user experience and literally the cause of thousands of data breaches. But it doesn't have to be that way!

    Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, and TruthInIT's David Littman to find out what your password policy should be and learn about the common mistakes organizations make when creating password policy.

    In this webinar you'll learn:

    - Why passwords are so easy to hack and how the bad guys do it
    - How to craft a secure, risk-focused password security policy
    - The truth about password managers and multi-factor authentication and how they impact your risk
    - How to empower your end users to become your best last line of defense
  • Hackers Exposed: Kevin Mitnick Shares His Tradecraft and Tools Recorded: Nov 23 2020 64 mins
    Kevin Mitnick, Perry Carpenter
    Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the bad guys are preying on those vulnerabilities more savagely than ever.

    Join us for this exclusive webinar where Kevin Mitnick, KnowBe4’s Chief Hacking Officer and Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer dive deep into the strategies cybercriminals are using to raise the stakes.

    In this webinar you’ll hear about:

    - Router configurations that put WFH and hybrid home/office endpoints in danger
    - New browser exploits that are making your employees more vulnerable
    - Why you can’t trust your trusted senders (supply chain attacks)
    - The ominous effects of several real-life ransomware attacks
  • Your Ultimate Guide to Phishing Mitigation Recorded: Nov 12 2020 62 mins
    Roger Grimes
    Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don’t have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don’t get caught in a phishing net! Learn how to avoid having your end users take the bait.

    This webinar, hosted by Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, covers a number of techniques you can implement now to minimize cybersecurity risk due to phishing and social engineering attacks. We didn't just cover one angle. We’ll came at it from all angles!

    Join Roger as he dives deep to teach you how to develop a comprehensive, defense-in-depth plan, introduces technical controls all organizations should consider, covers the benefits of new-school security awareness training, and goes over the best practices for creating and implementing security policies, all while staying phish-free!
  • 2020 Phishing By Industry Benchmarking Report Recorded: Nov 12 2020 64 mins
    Perry Carpenter, Joanna Huisman
    As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the bad guys. However, there’s an often-overlooked security layer that can significantly reduce your organization’s attack surface: New-school security awareness training.

    Join Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, and Joanna Huisman, KnowBe4's Senior Vice President of Strategic Insights and Research, for a review of our 2020 Phishing By Industry Benchmarking Report, a data set of nearly four million users across 17,000 organizations.

    You will learn more about:

    - New phishing benchmark data for 19 industries
    - Understanding who’s at risk and what you can do about it
    - Actionable tips to create your “human firewall”
    - The value of new-school security awareness training

    Do you know how your organization compares to your peers? Watch this webinar to find out!
  • Top 5 IT Security Myths Your CISO Believes Are True… BUSTED! Recorded: Nov 12 2020 62 mins
    Erich Kron, Roger Grimes
    Facts are facts, but what happens when IT security pros take myths at face value?

    That got us thinking… what if we whip out our magnifying glasses, pull out the trench coats and use our research skills to differentiate fact from fiction? Join us for this interactive webinar where we’ll help you decide how to invest your time and money wisely, how to implement worthwhile defenses, and what holes to plug so your organization gets the best bang for your security budget buck.

    Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and Erich Kron, KnowBe4’s Security Awareness Advocate, as they uncover the truth behind these 5 top IT security myths. They state facts and sling stats!

    - Good data backups will save you from ransomware
    - Long passwords are safer than short passwords
    - Running an obscure OS keeps your network safe
    - Every organization needs antivirus and firewalls on endpoints
    - End users can’t be trained; technology is your only defense
  • Addressing the Challenge of Third-Party Vendor Risk: Securing Your Supply Chain Recorded: Nov 10 2020 59 mins
    James McQuiggan
    Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your business. Maintaining control of that data, especially with third-party services, can be extremely challenging and requires that you ask the right questions and enforce stringent security policies.

    In an environment of increased outsourcing, cloud computing adoption, and regulatory requirements, how do you manage vendor risk and ensure you have a consistent evaluation life cycle

    Join James McQuiggan, KnowBe4's Security Awareness Advocate, to get actionable steps you can use now to better manage your third-party vendor risk. You'll learn:

    - The importance of securing your organization's critical data
    - How to determine Supplier Security Proficiency
    - Why it’s important to understand the source of third-party products
    - The impact Vendor Questionnaires have on your Security Posture
    - How leveraging a GRC platform can ease the burden of risk assessments and audits
  • Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim Recorded: Nov 9 2020 53 mins
    Roger Grimes
    There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

    After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

    Join us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

    - Why data backups (even offline backups) won’t save you
    - Evolved threats from data-theft, credential leaks, and corporate impersonation
    - Why ransomware isn’t your real problem
    - How your end users can become your best, last line of defense
  • Ransomware Hostage Rescue Manual 2020 Recorded: Nov 9 2020 61 mins
    Erich Kron
    Ransomware attacks are on the rise — and they’re estimated to cost global organizations $20 billion by 2021 with government agencies, healthcare providers, and educational institutions in the U.S. impacted by ransomware attacks at a cost of more than $7.5 billion in 2019 alone. As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks.

    So, how can your organization avoid getting held hostage? Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware.

    In this webcast we will cover:
    · What new scary ransomware strains are in the wild
    · Am I infected?
    · I’m infected, now what?
    · Proven methods of protecting your organization?
    · How to create a “human firewall”

    Don’t get held hostage and become a statistic! Join us to learn how to avoid these scary attacks.
  • Lessons Learned: An IT Pro’s Experience Building his Last Line of Defense Recorded: Nov 3 2020 60 mins
    Erich Kron, Tory Dombrowski
    This is the true story of an IT Manager who was tired of his users clicking everything and wanted to teach them a lesson… in a good way.

    Join us as we talk with Tory Dombrowski, IT Manager at Takeform about his experiences and lessons learned while delivering a security awareness training program for his users.  See how he has fun with phishing, how he creates allies in the fight against careless clicking, and why security awareness training is his organization’s best, last line of defense.

    Tory and Erich Kron, KnowBe4's Security Awareness Advocate will dive deep to share best practices and creative ideas to inspire you and your own security awareness program.

    In this webinar you'll hear:

    - Why it's so important to empower your users to become a "human firewall"
    - Ideas for gaining and maintaining executive support
    - The good, the bad, and the truly hilarious results of training and testing your users
    - Tips for success when implementing your own security awareness strategy
  • Lower Your Business Risk with Best Practice Data Privacy Impact Assessments Recorded: Oct 29 2020 45 mins
    Lecio DePaula Jr.
    Whether you're creating a new product, going through a merger & acquisitions, or significantly changing a process in your organization, new processing activities can present high risk to your organization. As we can see from Marriott’s acquisition of Starwood, not undergoing a full security and privacy assessment can present huge problems for your organization and now Marriott faces a $123.6 million dollar fine due to lack of due diligence.

    One way to reduce risks and identify security/privacy risk is to conduct a data protection impact assessment. Not only will this assessment help you reduce business risk, but it also helps identify new processes in your organization to maintain compliance with GDPR, LGPD, CCPA and other global privacy laws.

    Join Lecio DePaula Jr., KnowBe4’s Data Privacy Director, for this webinar to hear about creating a robust data protection impact assessment to analyze new processes, workflows, and products to identify problems before they happen.

    In this webinar you’ll learn:

    - Best practices for conducting a robust DPIA
    - The privacy and security risks of M&A, creating new software products, other initiatives
    - How conducting a DPIA aligns with global privacy requirements
    - Common DPIA mistakes and how to avoid them
    - Tools that help manage and streamline your DPIA process
  • Dissecting Disinformation: How the Next Wave of Technology Will Break the Truth Recorded: Oct 29 2020 59 mins
    Perry Carpenter, Rosa Smothers, Samuel Woolley
    It is harder than ever to discern what is real and what is fake when you’re hit with so much information on a daily basis. It’s not just nation states, governments, or extremists who make use of social media and AI to manipulate information: it’s regular people who have learned how to control the flow of information. Find out how you can use data to analyze what you’re seeing and dissect disinformation.

    Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer and Rosa Smothers, former CIA Cyber Threat Analyst recently sat down with disinformation and propaganda researcher Samuel Woolley to explore the themes in Samuel’s book The Reality Game: How The Next Wave of Technology Will Break the Truth.

    They discuss:

    - Why and how propaganda is created and used to manipulate you
    - The real people behind disinformation campaigns and their motivations
    - The role of culture and how it can change the way people are influenced
    - How technology plays a role in aiding manipulation
    - How you can use evidence, facts and data to expose the truth and protect yourself and your organization from falsehood
  • Insights from Former CIA Analysts: Spotting Fake News to Protect Your Org Recorded: Oct 29 2020 61 mins
    Perry Carpenter, Rosa Smothers, Cindy Otis
    Fake news and disinformation have become an unfortunate part of our everyday lives. And the bad guys are using it to influence you and affect your organization. To help you interpret the barrage of confusing and oftentimes conflicting information, we have turned to the experts including former CIA Analysts, Rosa Smothers and Cindy Otis.

    Join Perry Carpenter, Chief Evangelist and Strategy Office at KnowBe4, along with Rosa, now KnowBe4’s SVP of Cyber Operations and Cindy, author of True or False: A CIA Analyst’s Guide to Identifying and Fighting Fake News, as they take on all things fake news.

    In this webinar you'll learn:
    - The different kinds of disinformation that bad actors use to trick you
    - How nation states use fake news to infiltrate your organization
    - Why disinformation is so dangerous
    - How to spot and avoid disinformation campaigns
    - Ways you can train your users to spot disinformation and keep your organization safe
  • The Distorted Truth: How Not to Fall Victim in Today's Messy Information Climate Recorded: Oct 28 2020 48 mins
    Perry Carpenter, Rosa Smothers, Theresa Payton
    The use of disinformation and misinformation has emerged as a defining problem in our digital age. With so much noise and conflicting information flooding our feeds, how do we know what’s the truth? Listen in as three cybersecurity experts analyze the distortion of truth in today’s messy information climate and provide steps you can take to find the truth for yourself.

    In this webinar Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer, Rosa Smothers, former CIA Cyber Threat Analyst, and Theresa Payton, author and first female White House Chief Information Officer, to explore the themes in Theresa’s book Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth.

    These three experts analyze and unpack issues including:

    - The real reasons nation states interfere to spread disinformation
    - How social media hyperconnectivity is being used against you
    - Combatting your “confirmation bias”
    - Sourcing and identifying your information and why it's important
    - How you can use these techniques to protect yourself and your organization from these threats
  • 10 Incredible Ways You Can Be Hacked Through Email & How To Stop The Bad Guys Recorded: Oct 26 2020 68 mins
    Roger Grimes
    Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!

    Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, as he joins for this webinar where he will explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. Plus, he'll share a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick.

    Roger will teach you:

    •How silent malware launches, remote password hash capture, and how rogue rules work
    •Why rogue documents, establishing fake relationships and getting you to compromise your ethics are so effective
    •Details behind clickjacking and web beacons
    •Actionable steps on how to defend against them all

    If all you were worried about were phishing attempts, think again!
  • The Many Ways to Hack Multi-Factor Authentication Recorded: Oct 21 2020 62 mins
    Roger Grimes
    Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!

    Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, a security expert with over 30-years experience, and David Littman of TruthInIT for this video webinar where they will explore 12 ways hackers can and do get around your favorite MFA solution.

    The on-demand webinar includes a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.

    You'll learn about the good and bad of MFA, and become a better computer security defender in the process, including:

    - 12 ways hackers get around multi-factor authentication
    - How to defend your multi-factor authentication solution
    - The role humans play in a blended-defense strategy
  • Open Sesame! And Other Passwords Challenges Recorded: Oct 21 2020 52 mins
    Roger Grimes (KnowBe4), Tom Bechtold (SecureWorld)
    The password has been around a LONG time. It’ll probably always live on in some form. For InfoSec professionals it is a source of contention. Companies already have enough to worry about with the day in and day out business. Getting hacked because your employees utilize weak passwords isn’t part of the plan.

    In this session we are going to have a candid discussion with Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, on:

    - What challenges lay beyond weak passwords
    - Unpack browser password hacking
    - Breached passwords (think PasteBin)
    - Multi-Factor Authentication

    And a few others that will likely surprise you!
  • Critical Considerations When Choosing Your Security Awareness Vendor Recorded: Oct 20 2020 58 mins
    Perry Carpenter
    It’s become more and more evident to organizations that new-school security awareness training is an absolute requirement for managing the ongoing problem of social engineering. But how do you develop a program that will deliver the goods without doubling your workload or costing an arm and a leg?

    In this on-demand webinar Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer and former Gartner Analyst, steps you through key measures that will help you make an informed security awareness decision for your organization.

    You’ll gain insight into:

    - Critical components to make your program successful from the start
    - Features to look for that will ease implementation and ongoing management
    - How to create a process to demonstrate measurable success

    Find out now how you can not only check the box on security awareness training, but develop sustainable, meaningful change in your organization's security posture.
  • The Pesky Password Problem: Policies That Help You Gain the Upper Hand Recorded: Oct 20 2020 63 mins
    Roger Grimes
    What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?

    For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries’ inability to engineer secure systems. Password complexity, length, and rotation requirements are the bane of your end-user experience and literally the cause of thousands of data breaches. But it doesn't have to be that way!

    Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, to find out what your password policy should be and learn about the common mistakes organizations make when creating password policy.

    In this webinar you'll learn:

    - Why passwords are so easy to hack and how the bad guys do it
    - How to craft a secure, risk-focused password security policy
    - The truth about password managers and multi-factor authentication and how they impact your risk
    - How to empower your end users to become your best last line of defense
  • One Size Does Not Fit All: Reshaping SAT Programming to Change Behavior Recorded: Oct 15 2020 38 mins
    Joanna Huisman
    When designing and implementing employee cybersecurity awareness programs, how do you take the complexity of human behavior into account? Current best practices go beyond PowerPoint & include collaborative, creative, and data-driven approaches that actually change behavior. Experts will share emerging trends and innovative approaches to designing effective enterprise security awareness programs.
Security Awareness Training
KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was being seriously neglected, KnowBe4 was created to help organizations manage the problem of social engineering, spear phishing, and ransomware attacks, through a comprehensive new-school awareness training approach. KnowBe4 trains employees to make smarter security decisions.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Addressing the Challenge of Third-Party Vendor Risk: Securing Your Supply Chain
  • Live at: Sep 24 2020 4:00 pm
  • Presented by: James McQuiggan
  • From:
Your email has been sent.
or close