Name: 3D Vendor Risk @ Scale(℠) using the power of MITRE, FAIR & Shared Assessments
Start: 2019-09-12T14:15:00Z
End: 2019-09-12T14:15:41.000Z
Location: BrightTALK
Rating: 0

Developed for professionals looking to quantify and maintain visibility of their cyber risk exposure, Black Kite offers expert insight that covers the entirety of the third party risk management lifecycle. 

Follow along as we discuss everything from cyber risk quantification and the importance of standards-based methodologies, to the Open FAIR™ model and calculating the potential financial impact of a cyber breach.

Alpa Inamdar and Bob Maley will discuss the state of third party risk management best practices and why they think third party breaches are still on the rise.

Transforming Best Practices to Reduce Risk in the Supply Chain

Modern businesses rely on numerous third parties and their supply chains to keep their businesses running. But many lack robust processes to assess and understand how these supply chains can pose additional risks. Understanding these risks to the supply chain enables businesses to take advantage of tried-and-true strategies that mitigate risk.

This session will feature third-party risk leaders to discuss trends in the supply chain.

Topics to be discussed include:
-Techniques for addressing supply chain risks
-Challenges – global footprint, supply chain complexity, cyber-attacks, regulations…
-Environmental, Social and Governance (ESG) – collaboration opportunities ,etc.
-Integrating and leveraging IT/OT processes, technologies and solutions
-Standardizing due diligence, risk assessments, standards (ISO, ISA 62443, …)
-Improving efficiencies and reducing costs
-Addressing organizational silos, process / technology solution integration, risk mitigation, and communication challenges

Managing Your Supply Chain Risk

The COVID-19 pandemic and increased geopolitical uncertainty has placed new priorities and responsibilities on the shoulders of risk and compliance professionals. Executives have realized that stronger ERM programs are required to remain competitive in this new era. Risk leaders, in turn, are looking beyond the urgent ERM measures required to handle the pandemic to how an effective enterprise risk management program can be a competitive differentiator for their companies.

 Join us our panel of experts as they identify the top regulatory and compliance trends impacting risk management, and learn how to:

- Implement an enterprise risk management framework
- Integrate risk management with digital transformation
- Develop a more comprehensive risk technology stack and broker C-level ERM buy-in
- Connect the dots between enterprise risk and environmental, social and governance (ESG) agendas
- Plan and demonstrate agility in your risk management program

Top Regulatory & Compliance Trends Impacting Risk Management

Join the expert insight contributors to our 2022 Federal Report as they discuss the government's role in centralizing supply chain cybersecurity and what the future holds for the federal cyber perspective and regulations.

U.S. Federal Government Risk in 2022: Expert Insights Discussion

What's New for 2022?

How has the regulatory landscape changed in the last 3 years for third-party risk management? Hear from Linnea Solem and Bob Maley as they chat through the history of security regulations led by the GLBA, and how an update to a 20-year-old regulation impacts banking and other related organizations (including higher education.) 

How does the application of these standards add complexity to the programs of non-banks? Join us to find out.

Regulatory Spotlight on Strengthening Information Security & Privacy

The manufacturing industry transformed to digital more rapidly than any other industry during the global Covid-19 pandemic. Learn key indicators for ransomware susceptibility, and clear steps to better secure your digital supply chain against ransomware attacks.

Discover the Unknown Knowns: Ransomware in Manufacturing Supply Chains

Volatility and complexity have toppled the cyber insurance landscape, forcing the industry to reassess cyber risk overall. By 2026, the global cyber insurance market is forecasted to grow at a compounded average of 25% yearly, while simultaneously pricing out insureds and establishing an extremely stringent criteria for coverage. 

Join Mike Wilkinson, Director Digital Forensics and Incident Response (Avertium) and Chuck Schauber, VP of Product & Strategy (Black Kite) in a frank discussion of how threat actors are exploiting third-party risks and how insurance carriers can quantify those risks to write more comprehensive cyber policies. 

Meet the Panelists:
[Moderator] Danielle Lewan | Vice President Marketing at Black Kite
Mike Wilkinson | Director of Digital Forensics and Incident Response at Avertium
Chuck Schauber | VP of Product & Strategy at Black Kite

How Your Third Parties are Making You Uninsurable

Join Bob Maley and Jeffrey Wheatman, new addition to the Black Kite team, as they discuss their perspectives of both cascading risk and concentration risk in the context of Digital Supply Chain.

About the Hosts:

With decades of security experience under his belt, Bob Maley currently serves as the Chief Security Officer at Black Kite—a technology startup that enables risk professionals to quantify and maintain visibility of their cyber risk exposure. Formerly known for building PayPal’s state-of-the-art Global Third-Party Security and Inspections risk management team from the ground up, Bob’s broad range of experience has earned him a noteworthy reputation in the cybersecurity industry.

Cascading and Concentration Risk In the Digital Supply Chain

Zero Trust, at face value, is a wonderful concept. If it were 100% possible, it is a concept that is extremely necessary and needed in the current cyber environment. But is it truly attainable? 

Join Bob Maley, Chief Security Officer at Black Kite, and Tom Garrubba, VP of Shared Assessments, as they dive into the nitty gritty of Zero Trust. 

They will answer and discuss many of the circling opinions surrounding this hot topic, including these and more. 

- What does it mean to successfully implement a Zero Trust methodology?
- What standards need to be established in this space?
- What will it truly take for everyone to fully buy into this idea?
- What types of controls are in place- what do they mean for everyone?

About the Hosts:

With decades of security experience under his belt, Bob Maley currently serves as the Chief Security Officer at Black Kite—a technology startup that enables risk professionals to quantify and maintain visibility of their cyber risk exposure. Formerly known for building PayPal’s state-of-the-art Global Third-Party Security and Inspections risk management team from the ground up, Bob’s broad range of experience has earned him a noteworthy reputation in the cybersecurity industry. 

Tom Garrubba, is an internationally recognized subject matter expert, lecturer, author, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. Previously, Tom was the Senior Privacy Manager at a Fortune 10 healthcare company where he established policies and procedures governing their vendor assessment program. Tom has over 20 years of experience in IT security and privacy controls, as well as audit and compliance in both private industry and public consulting.

Controls without Enforcement: Is Zero Trust Truly Attainable?

The conventional risk management approach lacks accuracy and often doesn't include strategies that provide quantitative information. When it comes to third party risk management, those strategic challenges become even more apparent. 

From one CISO to another, hear about the first 6 steps you can scale your third-party risk program in a meaningful, productive way.

Risk Management in 2022: Take it Up a Notch

Nine out of 10 cyber breaches are caused by human error–making cybersecurity awareness throughout the organization a necessity for today's organizations. Join Chief Security Officer Bob Maley and Netflix's Monique Head as they answer the most pressing questions facing cybersecurity teams, including:
- How can we prioritize forward-thinking problem solving across the organization? 
- What intelligence and resources should I trust?
- What should I include in my cybersecurity awareness program?
- How can my team build a strong program, despite limited resources?

About the Hosts:
With decades of security experience under his belt, Bob Maley currently serves as the Chief Security Officer at Black Kite—a technology startup that enables risk professionals to quantify and maintain visibility of their cyber risk exposure. Formerly known for building PayPal’s state-of-the-art Global Third-Party Security and Inspections risk management team from the ground up, Bob’s broad range of experience has earned him a noteworthy reputation in the cybersecurity industry. 


Monique Head is an active member of the cybersecurity community having worked in cyber security education, awareness and communications for over 10 years with companies like Netflix, Palo Alto Networks, PayPal, HP Enterprise Security, and Visa. She launched her 1st  start-up company in Atlanta, GA and re-launched it in France for an international footprint after relocating to the region. She volunteers to support, educate and mentor young adults on careers in technology and cybersecurity with non-profit organizations like Cyversity and Black Girls code. She recently founded the non-profit CyberTorial to help educate young girls of color from diverse backgrounds about cybersecurity, career options in the industry and how to stay safe online using animation. Addressing methods to practice secure behaviors is her passion.

Multi-Level Education as a Proactive Defense Strategy

A hard look at cybersecurity risk measurement, and how a quantitative analysis can automate and improve risk management for your organization as a whole.

Forward-Thinking Cybersecurity: Measuring Cyber Risk Responsibly

The Federal government is at a crossroads. Both public and private sector companies are susceptible to cyber attacks but with limited information sharing, it's almost impossible to paint a comprehensive picture of the threat landscape. 

Join Black Kite's CSO Bob Maley and Rear Admiral Mike Brown, USN, Retired as they discuss the tools and tactics the Federal government should implement to protect US infrastructure and enable companies of all sizes to better protect their supply chains.

The Government Called: Are You Ready to Answer?

In honor of Cyber Security Awareness Month, we’re joining forces with H.I.G Capital to share how a unified approach to reducing modern third-party risks is equipping organizations across the globe to #BeCyberSmart.

Explore ways to build confidence across your digital supply chain, including:
- Benefits of monitoring your cyber ecosystem from a hacker’s perspective
- Critical signals to reduce cyber risk
- How to communicate risk across the organization with transparent grading and standards-based quantification

Experts Talk: Risk Management in the Digital Supply Chain

Build an effective and scalable channel strategy with mission critical partners. Understand common pitfalls and keys to success.

Sharing the Runway: Partnership for a Well-Rounded Cyber Strategy

We constantly hear: How are you different than the competition? You asked, we're here to answer. Join us for a full competitive analysis and guide to choosing the right SRS tool.

Raw & Real: Black Kite vs. Competitors

Learn how to use the quantitative risk assessment process (FAIR) and scale it in your third party risk management program.  The multi-dimensions of TPR will be discussed.

3D Vendor Risk @ Scale(℠) using the power of MITRE, FAIR & Shared Assessments

TPRM

Third Party Risk

Risk Assessment

FAIR

3D Vendor Risk @ Scale(℠)

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful manufacturing insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on strategies and techniques to accelerate production cycles while increasing efficiencies and improving profitability.

Manufacturing

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Research and Development

Get powerful banking and treasury insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge on hot topics such as digital banking, payments disruption and non-bank competition. Learn how the latest treasury management strategies are helping to mitigate operational, financial and reputational risk.

Banking and Treasury

Get powerful market trends insights that are shaping the M

Mergers and Acquisitions

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finance

Get powerful distribution and logistics insights. Connect with experts and colleagues to get the most up-to-date knowledge on design, planning, execution, control, and monitoring of supply chain activities to build your competitive infrastructure, leverage worldwide logistics and create value.

Distribution and Logistics

Get powerful procurement and sourcing insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge on which strategies are proving to be the most effective for managing vendors, improving performance and reducing cost.

Procurement and Sourcing

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

3D Vendor Risk @ Scale(℠) using the power of MITRE, FAIR & Shared Assessments

Presented by

About this talk

More from this channel