Cloud computing offers massive scalability, availability and low-cost services as major benefits, but as with most new technologies, it introduces new risks. Because there is so much opportunity in the cloud, the cloud service provider network is continuously growing. Service providers are using different technologies, different standards, and like all companies have different competency levels.
A couple of the major challenges organizations have when using cloud computing is managing these third-party operational and security risks. As more technology is moved from your company’s infrastructure to cloud, understanding and management of these risks often overwhelms technology and procurement teams.
This can be managed if an effective third-party framework is put into place, appropriately managed and cross-organizational guidelines are being followed.
RecordedFeb 28 201953 mins
Your place is confirmed, we'll send you email reminders
Laura Fey, Fey LLC; Linda Chapman, Ontala; Stacy Scott, Kroll; Tony Rock, Lockpath
Data privacy and security is one of the most prominent challenges affecting how businesses gather, store and process data. In this exclusive webinar, our panel of industry experts will share their perspectives of the current data privacy and security landscape and where it's headed. As an attendee you’ll learn the latest trends and top predictions in data privacy and security for 2020 and beyond.
Many organizations have difficulty leveraging information in their cybersecurity and business operations to make the right risk decisions, establish the right risk priorities and appropriately allocate budget to best achieve their risk management goals.
Many believe that NIST CSF is another standalone methodology instead of a tool designed to help your organization understand and build a roadmap to achieve the right level of cybersecurity. Successful NIST CSF programs help integrate, message and prioritize cybersecurity efforts not only within IT but across the entire business.
In this live webinar, Lockpath’s Sam Abadir will share what implementing a NIST CSF solution entails, including:
• Framework support
• Budget expectations vs. reality
• Correctly assessing an organization’s needs to implement NIST CSF
• Proper management and management skills
• Prioritizing cybersecurity within an organization
Find out what you need to know to implement a NIST CSF solution by attending this educational webinar. Register now!
Vendors are essential to your company's success; most organizations can’t operate without them. However, vendors require a different approach to risk management.
Outsourcing your activities does not mean you outsourced managing the risk of those activities. The public, the regulators and the courts still hold you responsible. Without a considered approach to third-party risk management, the risk management of vendors and suppliers can easily get out of your control.
In this live webinar, Lockpath’s Sam Abadir will share what vendor risk management for 2020 and beyond looks like, including:
• What vendor risk management encompasses
• How your organization can gain efficiency from proper vendor risk management
• Advantages of managing vendors on an Integrated Risk Management or Governance Risk and Compliance platform
• Creating strategies for sustained growth in 2020 and beyond
Find out what you need to know to manage vendor risk in 2020 and beyond by attending this educational webinar. Register now!
In today’s environment of evolving regulatory regimes and societal norms, more attention than ever is paid to how and with whom companies do business. As a result, effective reputational risk management is increasingly important for today’s compliance and ethics professionals. This webcast, “Seven Steps to Effective Reputational Due Diligence” discusses what organizations can do to protect and preserve its most important asset – its reputation.
Topics covered include:
• Creating a culture of compliance and accountability
• Instituting and updating the code of conduct
• Establishing a risk assessment methodology
• Building a framework of communication and training related to reputation management
• Crafting a third-party management strategy
• Improving the Investigation and Reporting process
• Instilling an Environment of Continuous Improvement
Iliana Peters, who is a Shareholder at Polsinelli, and a former Acting Deputy Director for HIPAA at the Department of Health and Human Services (HHS), will discuss emerging issues in data security, including major areas of information security risk, new threats to data security, helpful guidance and resources, and enforcement by HHS, the State Attorneys General, and the Federal Trade Commission.
Panelists: Sam Abadir, Lockpath; James Rice, Greenlight Technologies; Ilia Sotnikov,Netwrix; and Jason Bonds, Ping Identity.
Today’s increasing organizational complexity and evolving threat environment have made it more critical than ever for organizations to clearly identify their exposures, measure vulnerability risk, and quickly prioritize remediation efforts. Cyberattacks are often hidden from view under a mountain of alerts generated by security systems, giving attackers time to gain access to systems and seize valuable data.
To ensure their companies don't end up in the headlines for the wrong reasons, corporate governance, risk management, compliance management and other “lines of defense” functions need to rethink their security strategy and take an approach that looks at behavior and attack patterns. By conecting cybersecurity attack analytics with risk programs and GRC work streams, executives can increase visibility into the overall security risk of the organization which makes the investigation of application security events easy, and enables teams to mitigate and respond to real security threats quickly and decisively.
Join this CPE panel webinar for insights on achieving smarter GRC with CAA. We will share:
- Why traditional endpoint security is failing to see and stop attacks.
- How using attack analytics can stop cyberattacks now and in the future.
- Efficient ways to analyze events and prevent threats.
- How to move from looking back to real-time and forward-looking GRC monitoring.
The California Consumer Privacy Act (CCPA) is the first major U.S. privacy law to unfold. This law has interested other states in following suit, which may soon call for a national U.S. Privacy Law. Organizations are uncertain how to comply with CCPA, which takes effect January 1, 2020.
In this live webinar, Lockpath’s Sam Abadir will share what preparation for CCPA compliance entails, including:
• Protecting consumer data
• Applying technology to processes
• Managing multiple channels for consumers exercising their rights
• Ensuring a fast response to breaches
• Requirements of CCPA
• Strategic approach to CCPA
• Best practices for managing CCPA
• Best practices for responding to privacy incidents
As an attendee you’ll learn how to approach CCPA to prepare yourself for the new law in 2020 and set the foundation for other privacy laws as they impact your organization. Register now!
Does your organization successfully communicate risk across departments? Or does essential information get lost in translation? Effective communication is the ‘glue’ for a successful risk management program. Making sure every part of an organization is on the same page can be challenging when language changes from department to department.
In this can’t miss webinar, Lockpath’s, Dennis Keglovits will share his experience with communicating risk successfully across an organization, from the IT department to the executive suite.
As an attendee you’ll learn:
• Key concepts for standardizing your risk language
• Options for establishing better lines of communications
• Better communication leads to better collaboration
As business risks and compliance mandates keep changing, audit teams are having a tougher time prioritizing audits, collecting information and performing analysis required to strengthen the business.
Businesses are facing more regulations and competitive pressures which increase the need for internal audit teams to provide an orderly approach for evaluating and improving the effectiveness of risk management, internal control, and governance processes to improve the organization.
Audit teams are being challenged by legacy audit processes that do not evolve at the same speed as business and regulations. These legacy audit processes include the use of spreadsheets, manual evidence requests, share drives and manual reports that often take weeks or months to complete.
In this live webinar, Lockpath’s Sam Abadir will share what audit management for 2020 and beyond looks like, including:
• What audit management encompasses
• How your organization can gain efficiency from proper audit management
• Advantages of managing audits and risk management efforts on an Integrated Risk Management or Governance Risk and Compliance platform
• Creating strategies for sustained growth in 2020 and beyond
Find out what you need to know to manage audit risk in 2020 and beyond by attending this educational webinar. Register now!
Payment Card Industry Data Security Standard (PCI DSS) pushes organizations to achieve six distinct goals in the aim of protecting payment systems from breaches and theft of cardholder data. The requirements supporting the goals force organizations to manage, govern and integrate different departments within the business including IT, security, compliance, risk, incident response, and policy management.
Those managing this effort quickly realize that the effort to achieve the goals effectively and in a timely manner requires PCI DSS to be a day-to-day part of your business executed with purposeful coordination and immediate access to information to continuously assess the PCI DSS environment, remediate vulnerabilities and report required information.
In this live webinar, Lockpath’s Sam Abadir will share what a PCI DSS solution looks like, including:
• Best practices for effectively managing PCI DSS
• How your organization can gain efficiency from proper a PCI DSS solution
• Maintaining a strong vulnerability management program with PCI DSS
• Advantages of managing PCI DSS solutions efforts on a Governance, Risk and Compliance or Integrated Risk Management platform
Find out what you need to know to better manage your PCI DSS solution by attending this educational webinar. Register now!
More than 80 percent of hacking-related breaches leverage stolen, default, or weak passwords, and compromising user credentials remains the easiest way for hackers to gain access to your systems and networks. The potential harm is even greater if those credentials belong to a privileged user.
So, what are leading organizations doing to manage this identity-related risk? The answer is Identity Risk Management – the process of integrating an IAM system with an Integrated Risk Management or GRC program. Identity Risk Management, when executed properly, allows for improved risk visibility, better risk-based decision making, and reduces enterprise risk management siloes.
In this 60-minute webinar, look into the future as leading identity and risk management experts explore how companies are utilizing this game-changing approach to manage critical identity risks. Our expert panel will outline the best practices for identity risk management, give you a behind-the-scenes look at how it works in the real world, and discuss strategies for overcoming some of the most common hurdles.
In this webinar, attendees will learn:
• The benefits of applying an integrated approach to identity risk
• The key strategies for overcoming common identity risk management
• How to integrate enterprise systems to more effectively manage identity risk
Interaction between the financial industry and third-parties has become more complicated due to the combined risk of the financial industry's rapid growth and an increase in third-party relationships.
In this exclusive webinar, Bob Maley, Chief Security Officer of Normshield, Inc., who designed information security programs from the ground up for major financial services organizations, will share his perspective of third-party risk in the financial services industry. He’ll discuss common financial third-party risk challenges and trends in the market, best practices and challenging scenarios from his career and how he resolved them.
As an attendee you’ll learn how his real-world third-party risk examples, best practices and recommendations can apply to your organization’s unique needs. Discover how to build and mature a successful third-party risk program in financial services by attending this educational webinar.
Complying with regulations, managing policies and controls demand that organizations be flexible to meet any requirement thrown at them. It’s imperative that organizations plan to advance compliance and policy management so it can adapt as requirements change. If they’re using manual office tools, like spreadsheets and email this can slow down the advancement process, causing unnecessary risk. In this live webinar, Lockpath’s, Sam Abadir will share what compliance and policy management for 2020 and beyond entails, including:
• How your organization can gain efficiency from compliance and policy management
• Strategies for collaborating across departments
• How streamlining processes can boost productivity
• Planning ahead for sustained growth
Discover the future for compliance and policy management by attending this educational webinar. Register now!
Lockpath, a leader in integrated risk management solutions, helps companies understand and manage risk. Subscribe to the Lockpath channel for educational webinars exploring a wide range of topics such as risk management strategies, information security best practices, industry and regulation insights, and more.