Guidance for Third Parties in Business Continuity Plans
Vendors and third parties are extensions of an organization and thus, business continuity and third-party risk management are intertwined. Companies of all sizes need to ensure their essential business functions remain available during disruptive events, especially when those functions depend on vendors and third parties. Furthermore, an organization’s business continuity plan must include scenarios when crisis events may impact its ability to exchange information or provide services to third parties.
In this 60 minute webinar, Tom Garrubba, Senior Director, Shared Assessments, and Lockpath’s Sam Abadir provide an overview of why vendors pose a business continuity risk. The session will include strategies and best practices for including vendors in business continuity plans and questions organizations should be asking third parties to prepare their BC plans.
RecordedFeb 13 201854 mins
Your place is confirmed, we'll send you email reminders
Jake Olcott, BitSight; Michael Marriot, Digital Shadows; Jannie Wentzel, Focal Point Data Risk; Sam Abadir, Lockpath
What a year 2018 has been, from indictments and data breaches to an increasing regulatory landscape and a greater focus on integrated risk management. What were the major risk trends in 2018 and what predictions can we make for 2019? In this can’t miss webinar, our panel of industry experts will recap 2018 and offer their views on what to expect in 2019 and beyond.
As an attendee, you’ll learn:
• The shift to a more integrated risk management
• The growing emphasis on supply chain cybersecurity
• The rise in data privacy and its impact on information security
Plan now to attend this special webinar on 2018 highlights and trends and predictions for 2019.
We talk a lot about risk management as part of an overall GRC security strategy, but today we'll focus on one specific area: configuration risk. Of all the types of security risks companies face, configuration risk is one of the most prevalent; it touches all company assets and affects all parts of the business, however, managing these risks is often deprioritized or overlooked. There are three main challenges organizations face when evaluating and managing misconfigurations: how to obtain a holistic and accurate view of company assets, how much risk does each misconfiguration pose to the company, and how to communicate these risks to other parts of the business for remediation escalation. Today’s 20/20 webcast explores these challenges in-depth and discusses how organizations can leverage existing GRC security strategies to address and reduce configuration risk.
There’s no question about it, risk and compliance management are complex. Requirements are always changing, there’s always something to review, and some item is inevitably overlooked creating new risks you don’t know about. When it’s time for an audit, it’s anyone’s guess where the information you need is stored, and if it’s the latest version. It requires a lot of time, resources, and effort to make sure responses are accurate.
Safety is job number one in many organizations and employee health is an ongoing concern for firms. Both highlight the vital importance of health and safety management and its impact on operational risk. If workers are injured, are exposed to dangers, or are absent, they can't do their jobs and it impacts margins and goals. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter health and safety, including:
• Critical capabilities required for health and safety management
• Strategies for streamlining OSHA compliance and reporting
• Approaches for increasing accountability
• Ideas for leveraging data for operational risk management
Making health and safety management a higher priority at your company is possible. Discover the road to smarter health and safety by attending this educational webinar. Register now!
Operational risks are on the rise due to companies increasingly relying on digital processes and third parties. The issue is compounded by the fact that products and services are growing in number and complexity. Traditional operational risk management can't keep up. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter operational risk management, including:
• Critical capabilities for managing digital process and third-party risks
• Strategies for tying operational risks to business objectives
• Advantages of managing operational risk using a GRC platform
• Leveraging the value chain for integrated risk management
Bring efficiency, effectiveness and agility to operational risk management. Discover the road to smarter operational risk management by attending this educational webinar. Register now!
Blacklight is a configuration analysis and asset discovery solution that surfaces and provides context to unseen risks. It consists of a cloud-based management portal, and on-premise agents that analyzes asset configuration states, reports how configurations differ from established benchmarks, and provides misconfiguration risk scores in real-time.
What insights can be gleaned from third-party risk management today? What are the top trends to watch out for in 2020? Get guidance from our panel of thought leaders on the leading edge of third-party risk management. Each panelist will answer a series of questions and share their viewpoints on a variety of topics, including:
•Top trends in third-party risk management
•Third-party risk ownership in an organization
•How privacy is affecting third-party relationships
•Role of continuous monitoring in business resiliency
•Top predictions for 2020
Plan now to attend this exclusive webinar. Or forward to risk management professionals tasked with managing third-party risk.
Audits provide a vital checks and balances function in an organization. But what if audit's role as the third line of defense was more efficient and strategic? Doing so would enhance the role of the internal auditor. In this live webinar, Lockpath's Sam Abadir will share the roadmap to smarter audits, including:
• Critical capabilities required for the audit process
• Importance of customizing messaging to stakeholder audiences
• The pros and cons of current audit management strategies
• Strategic, effective audits that can scale with future growth
More strategic and effective audits won't come from current processes. Discover the road to smarter audits by attending this educational webinar. Register now!
Organizations with mature, enterprise-wide information security risk management programs enjoy a competitive advantage, thanks to ISO 27001 certification that signifies an international standard for safeguarding information. In this webinar, Lockpath's Jason Eubanks, a governance, risk management, and compliance (GRC) consultant and former ISO auditor, will share the business case for earning ISO 27001 certification and the critical role of a GRC platform in implementing a successful information security management system (ISMS).
• Challenges and pitfalls with ISO 27001 certification
• Tips on establishing and maturing an ISMS
• Strategies for preparing and passing ISO audits
• Technology's role in earning and maintaining certification
Learn how ISO 27001 can give you a competitive advantage and strategies for earning certification. Register now to attend this educational webinar.
General Communication Inc. (GCI), a telecommunications company based in Alaska, spent a year building its security compliance program from the ground up. In this webinar, you'll see how GCI did it, starting with one person using the Keylight Platform, through challenges like creating new process and tearing down silos, to where they are by year-end: a fully engaged team leveraging Keylight to manage security compliance.
As a webinar attendee, you'll learn GCI's secret to:
* Finding and training IT and security professionals
* Developing new or streamlining existing processes
* Scaling Keylight to address security compliance requirements.
Regardless of your program's status, hearing GCI's lessons learned can inspire and guide you in building or improving your company's security compliance program. Register for this educational webinar today.
In this session, OCEG President Carole Switzer addressed how such cross-functional consideration is an essential aspect of effective GRC, and building it into the GRC change process will enhance the outcome of the project and contribute to a stronger corporate culture for years to come.
To ascend a mountain safely takes proper planning and equipment. Yes, you can go solo without equipment, but disaster awaits you. The same is true for GRC implementations, a cavalier approach is likely to lead to failure. To achieve progress and maturity in GRC requires careful planning and execution that is supported by the right technology choices. Like climbing a mountain, this should be done in stages with critical points to review progress and look at the path ahead of us. This keynote session took lessons from mountaineering and applied them to GRC process improvement through the appropriate use of technology.
Lockpath, a leader in integrated risk management solutions, helps companies understand and manage risk. Subscribe to the Lockpath channel for educational webinars exploring a wide range of topics such as risk management strategies, information security best practices, industry and regulation insights, and more.