There’s no question about it, risk and compliance management are complex. Requirements are always changing, there’s always something to review, and some item is inevitably overlooked creating new risks you don’t know about. When it’s time for an audit, it’s anyone’s guess where the information you need is stored, and if it’s the latest version. It requires a lot of time, resources, and effort to make sure responses are accurate.
RecordedNov 5 20185 mins
Your place is confirmed, we'll send you email reminders
Many organizations have difficulty leveraging information in their cybersecurity and business operations to make the right risk decisions, establish the right risk priorities and appropriately allocate budget to best achieve their risk management goals.
Many believe that NIST CSF is another standalone methodology instead of a tool designed to help your organization understand and build a roadmap to achieve the right level of cybersecurity. Successful NIST CSF programs help integrate, message and prioritize cybersecurity efforts not only within IT but across the entire business.
In this live webinar, Lockpath’s Sam Abadir will share what implementing a NIST CSF solution entails, including:
• Framework support
• Budget expectations vs. reality
• Correctly assessing an organization’s needs to implement NIST CSF
• Proper management and management skills
• Prioritizing cybersecurity within an organization
Find out what you need to know to implement a NIST CSF solution by attending this educational webinar. Register now!
Vendors are essential to your company's success; most organizations can’t operate without them. However, vendors require a different approach to risk management.
Outsourcing your activities does not mean you outsourced managing the risk of those activities. The public, the regulators and the courts still hold you responsible. Without a considered approach to third-party risk management, the risk management of vendors and suppliers can easily get out of your control.
In this live webinar, Lockpath’s Sam Abadir will share what vendor risk management for 2020 and beyond looks like, including:
• What vendor risk management encompasses
• How your organization can gain efficiency from proper vendor risk management
• Advantages of managing vendors on an Integrated Risk Management or Governance Risk and Compliance platform
• Creating strategies for sustained growth in 2020 and beyond
Find out what you need to know to manage vendor risk in 2020 and beyond by attending this educational webinar. Register now!
In today’s environment of evolving regulatory regimes and societal norms, more attention than ever is paid to how and with whom companies do business. As a result, effective reputational risk management is increasingly important for today’s compliance and ethics professionals. This webcast, “Seven Steps to Effective Reputational Due Diligence” discusses what organizations can do to protect and preserve its most important asset – its reputation.
Topics covered include:
• Creating a culture of compliance and accountability
• Instituting and updating the code of conduct
• Establishing a risk assessment methodology
• Building a framework of communication and training related to reputation management
• Crafting a third-party management strategy
• Improving the Investigation and Reporting process
• Instilling an Environment of Continuous Improvement
Iliana Peters, who is a Shareholder at Polsinelli, and a former Acting Deputy Director for HIPAA at the Department of Health and Human Services (HHS), will discuss emerging issues in data security, including major areas of information security risk, new threats to data security, helpful guidance and resources, and enforcement by HHS, the State Attorneys General, and the Federal Trade Commission.
The California Consumer Privacy Act (CCPA) is the first major U.S. privacy law to unfold. This law has interested other states in following suit, which may soon call for a national U.S. Privacy Law. Organizations are uncertain how to comply with CCPA, which takes effect January 1, 2020.
In this live webinar, Lockpath’s Sam Abadir will share what preparation for CCPA compliance entails, including:
• Protecting consumer data
• Applying technology to processes
• Managing multiple channels for consumers exercising their rights
• Ensuring a fast response to breaches
• Requirements of CCPA
• Strategic approach to CCPA
• Best practices for managing CCPA
• Best practices for responding to privacy incidents
As an attendee you’ll learn how to approach CCPA to prepare yourself for the new law in 2020 and set the foundation for other privacy laws as they impact your organization. Register now!
Does your organization successfully communicate risk across departments? Or does essential information get lost in translation? Effective communication is the ‘glue’ for a successful risk management program. Making sure every part of an organization is on the same page can be challenging when language changes from department to department.
In this can’t miss webinar, Lockpath’s, Dennis Keglovits will share his experience with communicating risk successfully across an organization, from the IT department to the executive suite.
As an attendee you’ll learn:
• Key concepts for standardizing your risk language
• Options for establishing better lines of communications
• Better communication leads to better collaboration
As business risks and compliance mandates keep changing, audit teams are having a tougher time prioritizing audits, collecting information and performing analysis required to strengthen the business.
Businesses are facing more regulations and competitive pressures which increase the need for internal audit teams to provide an orderly approach for evaluating and improving the effectiveness of risk management, internal control, and governance processes to improve the organization.
Audit teams are being challenged by legacy audit processes that do not evolve at the same speed as business and regulations. These legacy audit processes include the use of spreadsheets, manual evidence requests, share drives and manual reports that often take weeks or months to complete.
In this live webinar, Lockpath’s Sam Abadir will share what audit management for 2020 and beyond looks like, including:
• What audit management encompasses
• How your organization can gain efficiency from proper audit management
• Advantages of managing audits and risk management efforts on an Integrated Risk Management or Governance Risk and Compliance platform
• Creating strategies for sustained growth in 2020 and beyond
Find out what you need to know to manage audit risk in 2020 and beyond by attending this educational webinar. Register now!
Payment Card Industry Data Security Standard (PCI DSS) pushes organizations to achieve six distinct goals in the aim of protecting payment systems from breaches and theft of cardholder data. The requirements supporting the goals force organizations to manage, govern and integrate different departments within the business including IT, security, compliance, risk, incident response, and policy management.
Those managing this effort quickly realize that the effort to achieve the goals effectively and in a timely manner requires PCI DSS to be a day-to-day part of your business executed with purposeful coordination and immediate access to information to continuously assess the PCI DSS environment, remediate vulnerabilities and report required information.
In this live webinar, Lockpath’s Sam Abadir will share what a PCI DSS solution looks like, including:
• Best practices for effectively managing PCI DSS
• How your organization can gain efficiency from proper a PCI DSS solution
• Maintaining a strong vulnerability management program with PCI DSS
• Advantages of managing PCI DSS solutions efforts on a Governance, Risk and Compliance or Integrated Risk Management platform
Find out what you need to know to better manage your PCI DSS solution by attending this educational webinar. Register now!
More than 80 percent of hacking-related breaches leverage stolen, default, or weak passwords, and compromising user credentials remains the easiest way for hackers to gain access to your systems and networks. The potential harm is even greater if those credentials belong to a privileged user.
So, what are leading organizations doing to manage this identity-related risk? The answer is Identity Risk Management – the process of integrating an IAM system with an Integrated Risk Management or GRC program. Identity Risk Management, when executed properly, allows for improved risk visibility, better risk-based decision making, and reduces enterprise risk management siloes.
In this 60-minute webinar, look into the future as leading identity and risk management experts explore how companies are utilizing this game-changing approach to manage critical identity risks. Our expert panel will outline the best practices for identity risk management, give you a behind-the-scenes look at how it works in the real world, and discuss strategies for overcoming some of the most common hurdles.
In this webinar, attendees will learn:
• The benefits of applying an integrated approach to identity risk
• The key strategies for overcoming common identity risk management
• How to integrate enterprise systems to more effectively manage identity risk
Interaction between the financial industry and third-parties has become more complicated due to the combined risk of the financial industry's rapid growth and an increase in third-party relationships.
In this exclusive webinar, Bob Maley, Chief Security Officer of Normshield, Inc., who designed information security programs from the ground up for major financial services organizations, will share his perspective of third-party risk in the financial services industry. He’ll discuss common financial third-party risk challenges and trends in the market, best practices and challenging scenarios from his career and how he resolved them.
As an attendee you’ll learn how his real-world third-party risk examples, best practices and recommendations can apply to your organization’s unique needs. Discover how to build and mature a successful third-party risk program in financial services by attending this educational webinar.
Complying with regulations, managing policies and controls demand that organizations be flexible to meet any requirement thrown at them. It’s imperative that organizations plan to advance compliance and policy management so it can adapt as requirements change. If they’re using manual office tools, like spreadsheets and email this can slow down the advancement process, causing unnecessary risk. In this live webinar, Lockpath’s, Sam Abadir will share what compliance and policy management for 2020 and beyond entails, including:
• How your organization can gain efficiency from compliance and policy management
• Strategies for collaborating across departments
• How streamlining processes can boost productivity
• Planning ahead for sustained growth
Discover the future for compliance and policy management by attending this educational webinar. Register now!
Shawn Malone, Linda Tuck Chapman, Kelly White, Shane Deay
Managing vendors, third parties and business associates is one of the most challenging aspects of business. In this exclusive webinar, our panel of industry experts will share their perspectives of the current third-party risk management landscape and where it's headed. As an attendee you’ll learn the latest trends in third-party risk and top predictions in 2020. Discover the future of third-party risk management in this can't miss webinar.
Colin Whittaker, with Sam Abadir, Lockpath; Allan Liska, Recorded Future; and Gina Mahin, Lynx TP; David McNeely, Centrify
In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of adaptive cyber security strategies is becoming inevitable to achieve that goal.
Adaptive cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. The NIST Cybersecurity Framework enables organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:
- Getting a clear picture of the current health of your organizations' defenses
- Defining your security road map using NIST CSF as a framework
- Conducting gap analysis and executing remediation actions
- Mapping the NIST CSF with security controls and built-in reporting templates that align with the framework.
Planning and managing for hardened, secure assets is a key requirement for managing IT Risk and is mandated by many compliance sources such as PCI, NIST, FISMA and HIPAA – yet many organizations are not fully assessing their IT hosts and applications for secure configuration. In this live webinar, Lockpath’s Sam Abadir will share what configuration compliance management for 2020 and beyond looks like, including:
•What configuration compliance management encompasses
•Who should care about secure configuration management
•Why organizations are not doing this today and how this impacts the business beyond IT
Discover the future for configuration compliance management by attending this educational webinar. Register now!
Sam Abadir, Vice President of Industry Solutions, Lockpath
Cloud computing offers massive scalability, availability and low-cost services as major benefits, but as with most new technologies, it introduces new risks. Because there is so much opportunity in the cloud, the cloud service provider network is continuously growing. Service providers are using different technologies, different standards, and like all companies have different competency levels.
A couple of the major challenges organizations have when using cloud computing is managing these third-party operational and security risks. As more technology is moved from your company’s infrastructure to cloud, understanding and management of these risks often overwhelms technology and procurement teams.
This can be managed if an effective third-party framework is put into place, appropriately managed and cross-organizational guidelines are being followed.
Lockpath, a leader in integrated risk management solutions, helps companies understand and manage risk. Subscribe to the Lockpath channel for educational webinars exploring a wide range of topics such as risk management strategies, information security best practices, industry and regulation insights, and more.