Name: Top Risk Management Lessons from the SolarWinds Hack
Start: 2021-03-24T17:00:00Z
End: 2021-03-24T17:00:59.000Z
Location: BrightTALK
Rating: 4.3

NAVEX is the worldwide leader in integrated risk and compliance management software and services. Our solutions are informed, driven and refined by direct feedback from our customers, the industry’s largest community of risk and compliance technology users.

Integrity - It's at the core of what all information security and cybersecurity professionals do. This is especially true when it comes the issue of third-party risk management. But what can organizations do to ensure the integrity of their vendors' data storage, operations, IOT, and more? 

Join our speakers as they discuss how to mitigate third-party information and cybersecurity risk by picking the right partners, hiring the right specialists, and making the right investments.

Security Through Integrity: How to Effectively Manage Third-Party Information

Identifying and managing risk at your company is an ever-increasing challenge. But what would happen if your risk management, information security, privacy, and third-party management teams aligned their programs to work together and share information more effectively? Your company’s risk management program might improve to a level you never imagined possible.

To help risk leaders navigate a complex landscape and improve program maturity, Crowe is collaborating with NAVEX to host a live webinar that will demonstrate how new collaborative approaches and risk monitoring techniques can be incorporated into your organization.

After the webinar, attendees should be able to:

Describe current risk management approaches in 2022, including how
risk management is evolving
Recognize how new collaborative approaches can be employed
across cybersecurity, privacy, and third-party management teams
to share information
Explain how a centralized risk register and key risk indicators can help organizations monitor risk more effectively
If you want to learn how to build a more collaborative risk management culture and leverage new monitoring techniques, be sure to attend our webinar.

How to Align Risk Management Strategies Across Critical Teams

Operational efficiency and customer demand increase reliance on information technologies and external product/service providers. This requires organizations to understand, implement, and optimize IT and Third-Party Risk Management. Successfully managing these risks requires a systematic approach encompassing the entire risk management lifecycle.

Our work at NAVEX reveals a few key initiatives that can help quickly mature an organization’s capability and culture in managing IT and third-party risks – unlocking a path toward a truly optimized program while rapidly demonstrating tangible business value.

Whether just getting started, or looking to take ITRM and TPRM programs to the next level, this webinar and accompanying materials will inform and strengthen your efforts. 

What you can expect to take away from the discussion: 
- Roadmap for getting started with IT Risk and Third-Party Risk Management 
- Risk initiatives to put in place to mature your organization’s programs 
- Questions to review with your team to assess gaps in your current systems

How to Get Started with IT & Third - Party Risk Management

About this Webinar:
Creating an integrated, mature, and sustainable TPRM and ITRM program requires strategic planning, understanding of assessments, multiple stakeholders, gaining leadership buy-in, and integration of the program into the overall risk management strategy.

Intended audience:
IT Risk and/or Third-Party Risk Managers

What you'll learn:
- How to assess program maturity
- Tactical steps to mature IT and third-party risk management programs
- The components of a cohesive TPRM and ITRM program

Assessing and Maturing Third - Party and IT Risk Management Programs

Global disruptions over the last two years have been unprecedented, our observations and predictions for 2022 reflect trends that have been years in the making.

So, how can you help your stakeholders stay ahead of the curve with Risk Management?

Join us on March 29th for our Fireside Chat as we take a closer look at specific Risk Management trends from our 2022 Top Trends Report. You’ll hear guidance from experts that will unpack some of the essential issues currently impacting IRM and emphasize important areas of focus for the year ahead.

Topics include:

Holistic Approaches to Third Party Risk Management
Privacy and Data Protection
Impact of IT Risk on Business Continuity

Fireside Chat - 3 IRM Trends & Predictions for 2022

Today, businesses are more reliant on third parties than ever before. External vendors are critical to your organization’s success, but they also increase vulnerability to ransomware attacks.

Ransomware attacks are more prevalent than in years past – increasing as much as four times over the last year. Organizations in sectors such as energy and utilities, healthcare, government agencies, and education are a leading target, but they are not alone. Manufacturing companies, financial services, retailers, and others are also vulnerable to the growing ransomware threat. Ransomware attacks on third parties come with high financial and reputational costs and often severe disruptions to your supply chain.

Join us as we share step-by-step practices to develop a better approach to mitigating cyber threats – for both your business and third party vendors.

Vendor Risk 2022: How to Boost Cyber Resilience in Your Supply Chain

According to FBI Director Christopher Wray, reports of ransomware attacks have tripled over the past year. The increased frequency and scope of these attacks present not only a business risk for a company, but legal and compliance risks as well. 

Is your compliance team prepared? 

Even if your organization is operating in full compliance with all laws and regulations, paying a ransom to a sanctioned cybercriminal in response to an attack is prohibited.

Join us for an expert discussion as we discuss best practices for your risk-based compliance program to be better prepared for escalating cybersecurity threats.

Ransomware Attacks: Compliance Lessons Learned in 2021

As recent events have taught us, successful businesses must have comprehensive plans and strategies in place to ensure both continuity and resiliency. But how do these goals differ, and what can organizations do to bring them into closer alignment? 

Join our panel of experts as they elucidate the differences between planning for unanticipated crises and adapting to long-term changes, as well as what businesses can do to effectively manage both types of risk.

Aligning Business Continuity to Business Resilience

The past 18 months have completely altered the way we work. Remote and hybrid workspaces aren’t just reactions to past crises, but an increasingly certain part of our future. But what does “remote work” really mean, and what can (and should) hybrid work environments look like? Join Julia Lamm of PwC as she shares the results of PwC’s latest Remote Work Survey and its implications for the future of work.

Remote Work Re-Imagined: Analysis from PwC’s US Remote Work Survey

Distributed and hybrid work environments create extra complexity in maintaining compliance – for corporate and IT business units. Both must be managed, and to do so effectively, collaboration is necessary between security and compliance leaders. 

This session will discuss unique challenges of corporate and IT compliance, the overlap between the two, and how teams can work together to holistically manage compliance.

IT and Corporate Compliance: Bridging the Gap in the Era of Hybrid Work

Third-party risks arise from a variety of sources: Political, legal, logistical, environmental, and economic (to name a few). A holistic approach to risk management considers all these, weighing factors such as comparative impact, likelihood, resources, metrics and more to develop a comprehensive and cohesive model to effectively minimize and mitigate the risks third parties pose. Join this session to learn how a holistic approach can benefit your third-party risk management program.

Holistic Third-Party Management

The data privacy landscape is growing more complex by the day. As state, national and multi-national agencies advance their own privacy standards, what can risk and compliance functions do to avoid being overwhelmed by competing obligations? 

Join our panel of distinguished speakers as they discuss how to choose and properly implement privacy frameworks to overcome these challenges and put an end to “privacy regulation overload.”

Leveraging Frameworks for a Disciplined Approach to Data Privacy

Over the last year risk and compliance leaders were forced into many hurry-up decisions to try and maintain compliance. As companies scrambled to address the many issues introduced by COVID-19, it increased risks such as rogue policies and outdated controls increased. Enforcing compliance with privacy regulations like GDPR, CCPA or HIPAA also became much more challenging with employees working from home. 

How do you effectively mitigate these new and evolving risks to protect your business? 

Register to attend our upcoming webinar for an insight- packed session where Michael Rasmussen - an internationally recognized pundit on GRC - will share learnings from the pandemic and how to implement a sustainable and agile governance, risk and compliance program.  

Join us to learn: 
• How to measure the effectiveness of your compliance program with a distributed workforce
• How to better assess existing and conflicting polices to enforce compliance
•	Ways to think more strategically about risk and compliance for a more resilient business

3 Keys to Successful Hybrid Risk and Compliance Programs

The NAVEX Global 2021 Definitive Risk & Compliance Benchmark Report provides a unique and comprehensive look at the state of risk and compliance (R&C) industry practices. Based on in-depth surveys of over 1,000 risk and compliance professionals, this year’s benchmarks will provide new insights into a series of R&C topics including:
•	Understanding and utilizing core drivers of R&C program maturity and performance
•	The impact of the COVID-19 pandemic on R&C programs, and what it means for compliance moving forward
•	R&C program priorities (and how they vary by industry and size)
•	The reasons for – and role of – R&C technology adoption
During this webinar, we will also take an in-depth look at multiple risk and compliance areas, including corporate compliance, risk management, and environmental, social and governance (ESG). You will hear a comprehensive analysis combining a detailed view of program design, support, and integration with unique perspectives and official guidance from our experts.

Risk & Compliance in 2021: How to Benchmark Your Program to Cultivate Success

Over the past year, employers have largely answered the call to reexamine their pursuit of diversity, equity, and inclusion and embraced the introspection that is necessary for meaningful change. In the coming year, we anticipate an upward trend around:
•	Increased Transparency in Workforce Demographics
•	Leader Buy-in and Employee Engagement
•	Increased Accountability for Employees & Managers
Join this webinar to learn from Emily Cuneo DeSmedt, Associate at Morgan, Lewis, & Blockius LLP, who co-authored this presentation with former EEOC commissioner Chai Feldblum.

Diversity, Equity, and Inclusion: More Transparency and Accountability

Organizations with new and mature programs alike need to answer: how do we efficiently report on ESG progress to meet customer and investor requirements, new standards, and evolving regulations? Get guidance on how to simplify this strategically important business initiative based on how others successfully tackle ESG reporting.

ESG Reporting: Is There a Better Way?

In December of last year there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to a third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds believes 18,000 customers may have been affected by the attack, including multiple U.S. government agencies and prominent technology vendors and service providers.

This attack is a stark reminder of the third and fourth-party vulnerabilities that lurk in the supply chain. Join this session to hear experts deconstruct the SolarWinds hack and learn ways to proactively mitigate and manage similar risks facing your organization.

What you’ll learn:
•Better tactics to evaluate third-party risk across your compliance and IT functions 
•How to map and monitor the entire third-party supply chain ecosystem to protect your company
•How to use compliance as a business strategy, not insurance policy

Top Risk Management Lessons from the SolarWinds Hack

Cyber Security

Cyber Attacks

Risk Management

Risk Assessment

Risk Framework

Risk Mitigation

IT Compliance

Compliance

Vulnerability Management

Business Strategy

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

Healthcare

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Top Risk Management Lessons from the SolarWinds Hack

Presented by

About this talk

More from this channel