Hi [[ session.user.profile.firstName ]]

How 2020 Changed Cyber Risk Management

Almost overnight COVID-19 upended everyday life as we knew it. A risk that we didn’t even know we faced took center stage both personally and professionally. In this webinar, learn how businesses’ approach to cyber risk management changed in 2020, including:
- What’s driving cyber risk mitigation decisions today—and what’s very different than it was on January 1
- Important factors to consider when re-prioritizing your cyber mitigation initiatives
- Factoring in systemic or cascading risk to measure cyber risk across an entire company portfolio
- Innovative ways to manage and communicate risk
Recorded Jun 4 2020 44 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jerry Caponera, VP Cyber Risk Strategy
Presentation preview: How 2020 Changed Cyber Risk Management

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cybersecurity Career Focus – a presentation with the ISSA Education Foundation Aug 11 2020 5:00 pm UTC 60 mins
    Deidre Diamond,Nikki Hendricks, and Lorraine Frost
    "Thinking of retooling your career? Join the ISSA/ISSA Education Foundation's webinar in an

    interview of one of its recent scholarship awardee, Nikki Hendricks and technology and staffing Guru,

    Deirdre Diamond, Founder and CEO of CyberSN. Find out from Nikki what the challenges are in re-

    directing your career to get to the next level. Learn from Deirdre what skills and experience employers are

    looking for to protect their customer's NPI and intellectual property. Lorraine Frost, ISSAEF's Scholarship

    Committee Chair and International Board member will discuss the Foundation's many scholarship offerings, how to

    apply for a scholarship and how you can help tomorrow's cybersecurity professionals enter the field."
  • Purple Teaming / Red Teaming and Adversary Emulation Jul 28 2020 4:00 pm UTC 120 mins
    Dave Mayer Paul Williams Thomas Fischer
    Adversary Emulation is a type of ethical hacking engagement where the Red Team emulates how an adversary operates, leveraging the same tactics, techniques, and procedures (TTPs), against a target organization. The goal of these engagements is to train and improve people, process, and technology. This is in contrast to a penetration test that focuses on testing technology and preventive controls. Adversary emulations are performed using a structured approach following industry methodologies and frameworks (such as MITRE ATT&CK) and leverage Cyber Threat Intelligence to emulate a malicious actor that has the opportunity, intent, and capability to attack the target organization. Adversary Emulations may be performed in a blind manner (Red Team Engagement) or non-blind (Purple Team) with the Blue Team having full knowledge of the engagement.

    This webcast will teach you to plan and execute a high value adversary emulation in a blind red team engagement or as a purple team (in collaboration with the defenders/blue team).
  • TLS, Compliance and Zero Trust – Protecting Users from Themselves Jul 22 2020 5:00 pm UTC 60 mins
    ISSA International - Babur Nawaz Khan
    Modern cyberattacks are not limited to network intrusions from outside by hackers. “Internal threat actors” can often be found at the center of a complex mix of simple social engineering attacks and sophisticated, multi-staged infections and data breaches.

    The Zero Trust model, based on the simple principle of “trust nobody”, defines rules which enhance the security of networks against modern cyberattacks, whether they are initiated from the outside or within. However, with most of the internet traffic being encrypted, it is becoming increasingly difficult to implement the Zero Trust model in an effective way.

    In this webinar, we will look at:

    *The role of “internal threat actors” and TLS encryption in modern cyberattacks

    * How the Zero Trust model defines the future of cybersecurity

    * Why effective decryption is essential for a fool proof Zero Trust strategy.
  • Ransomware: Are Your Vulnerabilities Exposing You? Jul 22 2020 5:00 pm UTC 45 mins
    Troy Vennon, Director of Cybersecurity and Trustworthiness, Covail
    More mid-to-smaller companies are being targeted by cyber attackers with ransomware. According to a recent report, the average-sized company impacted has decreased from 2018 to about 650 employees in 2019. This trend will likely continue.

    Join Troy Vennon, who leads the Ohio security community of CISOs and security managers (ISAO), for a discussion about protecting your company with practical steps and tight budgets. Troy will discuss how knowing how vulnerable your company is to ransomware helps you better protect from it.
    You will learn from this discussion:
    + Top 3 steps your security team can take to protect your network on a budget
    + How to find, prioritize and close vulnerabilities that expose you to ransomware
    + What best practices other companies are deploying to defend their enterprise from attack
  • Top Reopening Considerations:Back to Business with a Privacy & Security Approach Jul 15 2020 5:00 pm UTC 60 mins
    Dan Clarke, President – IntraEdge, and Janalyn Schreiber Partner – DPS Advisors- IntraEdge
    Throughout the pandemic, technology will play a critical role as businesses adapt to this "new normal." One strategy industries will rely on to provide employees and consumers with peace of mind is the use of temperature screening technology. However, users are reluctant to hand over private health data to a business or employer without reassurances as to how the data will be managed. How can we ensure the privacy of this data, and what are some guidelines you can introduce to transition back to business seamlessly? In this webinar we'll walk through key privacy considerations as you work to help your company reopen.

    In this webinar you will learn:

    Key privacy and security considerations for your users and employees’ peace of mind
    Data management strategies for the enterprise
    Industry leader best practices for reopening
  • A discussion presented by the Women in Security Special Interest Group Jul 9 2020 5:00 pm UTC 60 mins
    Heather Ricciuto, BBA, PMP®
    Join this conversation with Heather Ricciuto as she shares lessons learned from her own career journey in the technology industry. Heather will provide insight on career growth strategies, such as staying relevant and building your personal brand, discuss the value of diversity in cybersecurity, and teach you how to use your passion to find your place in cybersecurity.
  • How Companies Are Using Data Analytics to Prioritize Cyber Spend Jul 8 2020 6:30 pm UTC 45 mins
    Jerry Caponera, VP of Products and Cyber Risk Management, Nehemiah Security
    Choosing which cybersecurity projects to implement is more challenging than ever. Cyber risk changes daily and budgets are changing too as the COVID-19 pandemic continues to unfold. Register to see why leading companies are using a data-driven approach to make better decisions about which projects to prioritize, and learn how modeling risk helps optimize cyber spend.

    Join us to learn:
    + What’s changed in how companies look at risk remediation and ROI pre- and post-COVID
    + Why the prioritization of cyber spend is more important than ever
    + How to take a data-driven approach and what data you need to get started
    + Why modeling is important and how you can do this easily (demo)
  • ISSA Thought Leadership Series: Reflections of a New CISO: 5 Lessons Learned. Jul 8 2020 5:00 pm UTC 60 mins
    ISSA International
    What's it like to be a new CISO? What challenges await you? How might you address them? Lenny Zeltser shares the lessons he learned after becoming the CISO of a fast-growing cybersecurity company. He's been discussing his journey in articles and talks, so that others can learn from his experience.
  • IT Manager's Series: Top 3 Ways to Protect from Ransomware Jul 8 2020 5:00 pm UTC 45 mins
    Troy Vennon, Director, Cybersecurity & Trustworthiness at Covail
    Join us for an informative webinar on how IT managers and small security teams can prevent ransomware from infecting their company’s networks. Ransomware on the rise and no longer focused only on large enterprise (average-sized company impacted in 2019 around 650 employees). Organizations with small security teams or that leverage their IT teams to manage security need help to protect from the growing wave of cybercrime. Here’s what to expect from our webinar on ransomware:
    - How to identify where you are exposed so you can fix your vulnerabilities
    - Why and how to segment your network and identity management programs
    - What kind of a response and recovery process you need in place
  • THREAT INTEL IN THE REAL WORLD: An Expert Roundtable Recorded: Jul 1 2020 54 mins
    Chase Cunningham, Kurtis Minder, Rick Holland, Chris Camacho, Allan Liska, John Grim
    Find out what happens…when intel analysts stop being polite…and start getting real.

    Today’s typical enterprise security team subscribes to at least four, often more, intelligence feeds, which analysts must comb through to find relevant information for operationalization. As a result, most threat intel has become “yet another tool to manage.” It’s simply not practical to expect every security organization to be able to hire threat intelligence analysts to make sense out of the feeds. Vendors need to deliver “threat-analyst-in-a-box” capabilities, so intelligence can be operationalized with minimal intervention.

    In this session, a blue-chip panel of cyber threat experts will discuss the state of current threat intel offerings, and dive into the future of this space to help you understand how it will evolve to meet the needs of enterprise security teams. They will discuss how the next generation of threat intelligence will conform to the conventions of government intelligence operations, where the right information goes to the right people and systems in the right form factor.

    Attendees will learn:

    ​Why general-purpose threat intelligence won’t cut it and how it needs to be customized to each organization’s risk profile.

    What enterprises need to do to make the market mature in this evolving industry.

    ​How to take the right approach to threat intelligence and big data.
  • Privacy and Security Considerations Post Public Health Emergency Recorded: Jun 25 2020 58 mins
    Beverly R. Allen, Vice President, Deputy General Counsel, Chief Compliance and Privacy Officer, Inovalon, Inc., Bowie, MD R
    Public health emergencies and crises such as the COVID-19 pandemic present unique security and privacy concerns for companies and other organizations. In fact, the related challenges CISOs and other security and privacy professionals have been confronted with as a result of the current COVID–19 crisis continues to rise.

    For example, to facilitate a surge in “work-from-home” demand, many companies have expedited IT infrastructure expansion and cloud capability resulting in shortened security vetting and testing processes. There has also been increased stress on existing systems and, for most companies, a significant increase in cybersecurity incidents. In addition to security concerns, companies are using personal data and analytics in new, previously unforeseen ways to safeguard their workforces, customers, and business operations, which present a myriad of privacy challenges. In addition, other privacy concerns and risks arise from the collection of new data, such as temperature results and COVID-19 tests.

    This webinar will examine risk considerations post-pandemic and address such questions as:

    What privacy challenges should I be thinking about and preparing for post-pandemic?
    Are digital health surveillance techniques in the workplace privacy infringing? Are there any unintended consequences for the workforce?
    What will “business as usual” look like post COVID - 19 from a privacy perspective and how does that impact the CISO role?
    Do CISOs need to take extra precautionary measures for any health data that is generated as the result of employee testing?
  • ISSA Thought Leadership Series: BEC Attacks - Who's Impersonating Whom? Recorded: Jun 17 2020 60 mins
    Effie Tsiopras Senior Information Security Engineer; Ryan Witt Managing Director, Healthcare Industry Practice
    The 2019 HMSS Cybersecurity Survey indicated that email is the initial point of compromise for healthcare cyber-attacks, with Business Email Compromise (BEC) becoming the favored tactic by cybercriminals. Because BEC emails do not carry malicious payload and are narrowly targeted, it’s difficult for health institutions to detect these attacks. With overall losses of more than $1.7 billion in 2019, BEC attacks are quickly becoming a significant headache for healthcare CISOs. Join us for a deep dive into the dos and don’ts when it comes to BEC, and best practices to mitigate against risk of this vital attack vector.
  • ISSA Thought Leadership Series: Preventing Burnout and Dealing with Adversity Recorded: Jun 11 2020 112 mins
    ISSA International
    We hear so much about "burnout" these days. A 2019 Blind survey from tens of thousands of Tech professional indicated that 57.1% of them self-identify as "burned out." As a former serial CISO for iconic companies including Microsoft, our speaker, Karen Worstell, did the burnout saga not once, but twice, even pushing to the limits where her stress-related illness caused the loss of the use of her left arm for a year. It was in her training for the chaplaincy fellowship in Palliative Care at the VA that she fully understood the dynamics behind chronic unmanaged stress and its manifestations. in this two hour webinar, she will educate, motivate and inspire you to understand how to flameproof your career and handle adversity like a boss with actionable strategies you can use for yourself, your team, and your loved ones. You can download a completely free version of the workbook for this seminar at https://BeAnAlly.today.
  • How the Next Normal will require an Updated Cyber Strategy Recorded: Jun 10 2020 51 mins
    ISSA International
    As organizations begin to embrace some degree of change coming out of recent global events, it is hard for business and security professionals to determine what the impact to their security strategy will be. Leaders also have to evaluate which “quick-fixes” came with too much risk, and what changes to the strategy to secure internet-facing perimeter are required. In this talk, Advisory CISO at Akamai, Steve Winterfeld and Director of Technology & Security Strategy, also at Akamai, Tony Lauro will review some of the issues that need to be addressed as we establish a new baseline for both our employees and customers that will protect operations based on new business models.
  • ISSA Thought Leadership Series: Women in Security Special Interest Group Recorded: Jun 4 2020 61 mins
    ISSA International
    Jari will share her professional and personal experience to help you at any stage of your career in cyber security. She will share her own standouts, how those apply to her hiring and to her own career success—and yours.

    •You will gain insights and best practice in this series on how you can build new skills, while staying engaged for the long haul in our current global turmoil. We’ll bring to the table with our Guest Expert Speakers, successful strategies and approaches to security today and going forward, for women—and anyone—globally

    •You will be able to apply these to your current and future career in our field, to sustain or grow, at entry, mid-career, senior and executive level, or in transition, whether you hold a senior role, or aspire to something different than where you are today.

    •Think Big! And yet, at the smallest detail, what can you do to improve your opportunities at any stage? Our executive women will help you become more conscious of where opportunities best exist today for any of us, as an employee, executive, consultant, business owner, entrepreneur, or hiring manager. We will help you sustain for today, and build for your future.
  • How 2020 Changed Cyber Risk Management Recorded: Jun 4 2020 44 mins
    Jerry Caponera, VP Cyber Risk Strategy
    Almost overnight COVID-19 upended everyday life as we knew it. A risk that we didn’t even know we faced took center stage both personally and professionally. In this webinar, learn how businesses’ approach to cyber risk management changed in 2020, including:
    - What’s driving cyber risk mitigation decisions today—and what’s very different than it was on January 1
    - Important factors to consider when re-prioritizing your cyber mitigation initiatives
    - Factoring in systemic or cascading risk to measure cyber risk across an entire company portfolio
    - Innovative ways to manage and communicate risk
  • ISSA Thought Leadership Series: CCPA Enforcement: What to Expect after July 1st Recorded: Jun 3 2020 61 mins
    ISSA International
    Signed into law on June 28, 2018, the California Consumer Privacy Act (CCPA) became effective on January 1, 2020. The next milestone will be on July 1, 2020, when the California Attorney General will begin enforcement for the CCPA. Non-compliance can result in the maximum fine of $7,500 per violation. When you consider how many consumer records you hold, the potential fines could stack up quickly if you don't take CCPA seriously. Since July 1st has yet to come, we still don’t know how enforcement will play out for companies, but the Attorney General has established a firm stance on compliance, and there are several indicators of his intent to firmly enforce. In this webinar we’ll cover the key indicators of enforcement and what you can do to prepare. We’ll also review the final version of the modified CCPA regulations.

    Speaker: Dan Clarke, President – IntraEdge

    Speaker: Dominique Shelton Leipzig, Partner Privacy & Security- Perkins Coie LLP
  • Continuous Audit - Achieve More Through Analytics Recorded: May 29 2020 51 mins
    Greg Jordan (Nationwide), Pat Shanahan (Nationwide), Emigdio Zambada (Nationwide), and Brian Sampsel (Covail)
    In honor of International Internal Audit Awareness Month (May 2020), come hear from Greg Jordan, Nationwide's Senior Vice President and Chief Audit Executive, Pat Shanahan, AVP Information Technology Audit Office, Internal Audit and Emigdio Zambada, Nationwide's IA Data Analytics Director, discuss how their department expanded the use of data & analytics by building a continuous auditing program in the cloud. Partnering with Covail, they leveraged advanced analytics like AI and have provided education and resources to all of their auditors to enhance their data analytics skill set.
  • Forecasting Cyber Threats Post Pandemic Recorded: May 27 2020 45 mins
    Richard Stiennon, Kurtis Minder, Jessica Gulick
    The world has changed, and so has your threat landscape. Join us for a discussion on how cyber attacks have pivoted their tactics and targets. From the latest on phishing kits to video threats, our experts will explore how changes in motives and targets is disrupting and increasing our threat landscape. Learn how to reframe your understanding of your threat profile and better defend and respond to these attacks.

    Our featured experts for this webinar include Richard Stiennon, chief research analyst at IT-Harvest and Kurtis Minder, CEO of GroupSense, GroupSense is a digital risk management company that delivers customer-specific intelligence.
    Here’s What Will Be Discussed:

    1) Threat actors are adapting their tactics and targets
    2) Changes in motives and targets are disrupting and expanding the threat landscape
    3) Understanding your threat profile to create a better cyber defense strategy.
  • ISSA Thought Leadership Series: Threat Reports Undone Recorded: May 26 2020 116 mins
    ISSA International
    It's everyone's favorite time of year. What will we learn from this year's breach reports? Join us as we review the latest data, look for lessons and trends, and help you understand what it all means. Our panel of experts will focus on how security professionals can learn from the data, and hopefully avoid becoming a statistic for next year's report.
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How 2020 Changed Cyber Risk Management
  • Live at: Jun 4 2020 3:30 pm
  • Presented by: Jerry Caponera, VP Cyber Risk Strategy
  • From:
Your email has been sent.
or close