Inform Your Risk Management Strategy for the Rest of 2020
The recent COVID-19 pandemic clearly shows us that risk management must be a clear priority from now through the end of 2020. While most organizations focus on managing compliance, some organizations have identified ways to promote continuous compliance within their organizations, making compliance more achievable and making way for a risk-based approach. To go beyond static risk assessments, there are a few key actions that security leaders can take today that promote a continuously risk-aware culture and program. Our Principal Solutions Architect, Steve Torino, will discuss these helpful strategies that transform compliance programs to risk-based programs including: How risks have changed and what risks have emerged as priorities with the rise of COVID-19, the shift to remote work, and more How to prioritize remediation activities across people, process and technology controls How these trends should inform your risk management strategy for the remainder of 2020.
RecordedNov 11 202023 mins
Your place is confirmed, we'll send you email reminders
In this talk, we dive into the process of "eating our own dogfood" and how the CyberSaint team used the CyberStrong Platform to become SOC 2 certified. We sit down with Steve Torino to hear about his experiences with SOC 2 audits and the differences he saw when using the CyberStrong platform rather than spreadsheets or another solution.
In part two of our series on being a CISO in 2021, we look at the other side of the coin: being the technical leader your teams need you to be. While it may seem like CISOs are keener to the technical side, it can often be challenging translating the business-side discussions CISOs are having into tactical guidance and strategy for their teams.
In this talk, we dive into the process by which information security leaders can translate business decisions made in the Boardroom into tactical plans for their teams.
What is being asked of CISOs in 2021 is rapidly changing. Once CISOs were seen as purely technical leaders responsible for keeping the organization secure and reporting annually, in the face and wake of digital transformation efforts, CISOs are being forced to evolve into business leaders.
In this discussion, we will examine the top skills that CISOs must develop to succeed as business leaders and embrace their evolving role within the enterprise.
For many large organizations, balancing the beleaguering process of managing a heavy GRC platform with the past investments in time and money made to stand it up can be challenging. As CISOs of global organizations are finding, these systems are falling short in the slew of new functionality that information security organizations require in today's business environment.
In this talk, CyberSaint Principal Solutions Architect Steve Torino dives into the stories of those who have come to terms with the need to augment their legacy systems, what they were looking for, the process they took for finding something new, and how they stood the new solution up alongside their existing GRC stack.
In the second half of our series on optimizing your information security budget, CyberSaint Principal Solutions Architect Steve Torino explores the top priority investments security leaders should be making to maximize ROI in the wake of budget cuts seen during the COVID-19 pandemic.
During the conversation, we will discuss specific categories of investments and look to the future and what investments you can make today to prepare your organization for the future.
As more and more Boards become cyber aware, CISOs and information security leaders are being required to present cyber and IT risk metrics in a clear and transparent fashion. Not only to understand where the organization sits, but also for executive leadership to know where to divert resources and how various initiatives are impacting the organization's risk profile.
In this talk, we will dive in from both the perspective of the CFO as well as the infosec leader to understand what the CFO needs to hear and understand to make informed decisions as well as how the CISO or infosec leader can present that data in the most compelling way.
The cybersecurity skills gap is nothing new to veterans of the industry. Yet, in the face of downsized budgets and the challenges brought on by the COVID-19 pandemic, information security teams are finding themselves spread more thin than ever.
Concurrently, we have seen the rise of artificial intelligence in almost every business area that has augmented existing teams' abilities. Information security is no different. As organizations continue to embrace cyber risk transformation and seek new technologies to augment existing teams, AI has proved to be a valuable asset.
In this talk, we will dive into the various use cases that AI can have in the security space and how organizations can leverage it to their advantage to supplement a reduced headcount.
Padraic O'Reilly, Chief Product Officer and Co-Founder
Catalyzed by the COVID-19 pandemic, many industries previously holding back on shifting to the cloud have begun the transition. For many, a great concern has been the implications of moving to the cloud has on risk management and compliance.
In this talk, CyberSaint Chief Product Officer Padraic O'Reilly dives in to walk through how organizations, even in the most highly regulated industries, can embrace cloud technology and the positive effects while also mitigating risk and maintaining compliance. Hear case studies as to how organizations from the Fortune 500 and beyond are making the shift and staying compliant.
Digital transformation is a top-of-mind initiative for many organizations. While such initiatives can have vastly positive impacts, new problems can arise without a strong cyber risk program capable of addressing an expanding risk landscape within the organization. Organizations must ensure that they are embracing secure digital transformation.
In this talk, we will dive into the top five steps that businesses can take to ensure their keeping security top of mind as they approach a digital transformation project - from cloud to IoT.
Following the host of changes and disruptions brought by 2020, information security programs have been forced to evolve. In preparation or in the wake of digital transformation efforts, IT and cyber risk management must embrace digitalization and reimagine their role within the organization to support the future of cyber, IT, and digital risk.
In this talk, CyberSaint Principal Solutions Architect Steve Torino explores how cyber risk transformation supports greater digital transformation efforts, increases understanding and communication up and down the chain of command, and prepares the enterprise for the digital age.
How mature is your cybersecurity program? Are you measuring practice and process maturity? Compliance and risk programs demand up-to-date practices, and diligent processes, to lay a strong foundation for success. Learn how to measure and manage both towards the ultimate program in this webinar!
Meeting compliance against regulations such as NIST, NERC, ISO27001 and ISO27002, DFARS (NIST SP 800-171), and others are critical to the success of your program. The key to compliance is implementing a continuous compliance program that is improved in real-time, meeting compliance, and enabling trust between CISOs, compliance, and risk teams.
When it comes to risk management programs, your program must support risk quantification and report across technology, operations, and organizational strategy that aligns with organizational objectives. Leveraging dynamic risk identification, prioritization, and reporting can certainly help to strengthen your program more than before.
What tactics can you use to facilitate this trajectory? Tune in to learn some of the most valuable recommendations from our information security experts.
CyberSaint’s CyberStrong platform is disrupting the legacy GRC market with unprecedented assessment automation and agility as the only purpose-built integrated risk management platform for cybersecurity programs. CyberStrong’s patented natural language processing and machine learning technology are factors for the company's recent Gartner Cool Vendor designation, among others. At an industry level, there is currently a lack of best practice for mapping real-time telemetry into control environments, but CyberSaint is making progress in this area, making it accessible to customers from fortune 50 titans to mid-sized companies across the globe. Customers use CyberStrong to manage, measure and communicate their cybersecurity program performance in line with risk, compliance, and organizational objectives.
CyberSaint’s mission is to empower all organizations to build a cybersecurity program that is as clear, actionable, and measurable as any other business function. Teams and executives across information security and beyond use CyberSaint’s CyberStrong platform to build cybersecurity resilience across risk and compliance programs with agility and alignment. Customers communicate cybersecurity program posture, value, and return on security investment from a trusted single system of record that adds advanced automation to risk and compliance assessments and programs. Organizations across the Fortune 500 and high-growth startups alike are empowered to simplify even the most extensive continuous compliance and risk projects and achieve remarkable results.
Steve Torino, Principal Solutions Architect at CyberSaint; Shauntinez Jakab, Senior Director at Virsec
While regulations the standards are prevalent in the healthcare sector, plenty of security risks remain as organizations aim to safeguard the privacy of medical records and patient data. With global healthcare organizations struggling to meet compliance mandates at the minimum, how can they foster a risk-aware culture that strengthens cyber resilience? To start, by assessing where they stand and determine where to intelligently and strategically improve.
Padraic O'Reilly, Chief Product Officer and Co-Founder
In this webinar, our experts explore the cyber risk landscape, anticipated regulatory changes, and pervasive attacks that we predict will shake up 2021. Further, we look at the unprecedented events of 2020 and discuss how these global shifts may affect the coming year.
According to Cybersecurity Ventues, Cybercrime damage costs are predicted to hit $6 trillion annually by 2021. Cyber crime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. It is no question that the events of 2020 and our increasingly digitized world are propelling us into a new wave of cyber attacks, cyber risks, and regulatory change in the coming years. Watch the webinar to hear predictions for 2021 directly from our cyber risk and regulatory compliance experts.
This webinar focused on helping defense Primes, Contractors, and Subcontractors understand the DFARS Interim Rule and its implications for their Cybersecurity Maturity Model Certification (CMMC) strategy.
The webinar features Bernhard Bock, CISO, who just finished his Provisional Assessor training and was able to explain to viewers what the Interim Rule requires of contractors. Padraic O’Reilly, technology innovator and frameworks expert, also presents and discussed how defense companies can determine, remediate, and maintain their NIST and CMMC compliance scores. We close out the webinar by providing attendees a look at how the choice of the right technology, presented by Sanjeev Verma, Co-Founder, is critical to demonstrating the maturity required by the Interim Rule as well as enabling CMMC compliance.
Bernhard Bock- CISO @ SysArc
Padraic O’Reilly- Co-founder @ CyberSaint
Sanjeev Verma – Co-founder @PreVeil
Stuart Itkin – CEO @Cycurity Advisors
2020 has been a year full of change, and we've gone through digital transformation initiatives in the span of a single year that probably would have taken us many years otherwise. As COVID-19 has been pervasive across global headlines, cybercriminals have taken advantage of the chaos leading to an increase in cyber attacks seen in 80% of firms 2020. Cloud-based attacks rose 630% between January and April, phishing attempts rose 600% since February, and ransomware attacks rose 148% in March, according to FinTech News.
In this webinar, we delve into detail on the most newsworthy attacks of 2020, the most pervasive cyber trends, and postulate whether cyber risk could have been mitigated to help organizations avoid these events.
In this talk, CyberSaint Principal Solutions Architect Steve Torino dives into the NIST CSF Implementation Tiers and explains how to use them to bridge the gap between business and technical leadership, how to choose what tier is right for your organization or asset, and walks viewers through each tier in detail.
Alison Furneaux, VP of Marketing and Padraic O'Reilly, Co-Founder & Chief Product Officer
We’re excited to be named in the 2020 Gartner Cool Vendors in Cyber & IT Risk Management report!
What makes the CyberStrong platform new, innovative, and impactful? We believe in solving enterprise cybersecurity and IT risk management challenges with breakthrough innovations that enable agile digital transformation for cyber risk and compliance teams. Learn more about why CyberSaint is being recognized.
Gartner, Cool Vendors in Cyber and IT Risk Management
The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc.
and/or its affiliates and is used herein with permission. All rights reserved. Gartner does
not endorse any vendor, product or service depicted in its research publications and
does not advise technology users to select only those vendors with the highest ratings or
other designation. Gartner research publications consist of the opinions of Gartner’s
Research & Advisory organization and should not be construed as statements of fact.
Gartner disclaims all warranties, expressed or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purpose
As of 2020, 68% of business leaders feel their cybersecurity risks are increasing, yet only 16% of executives say their organizations are well prepared to deal with cyber risk. 2020 has been a year full of change, and we've gone through digital transformation initiatives in the span of a single year that probably would have taken us many years otherwise.
Organizations' approach to cyber risk management must change to facilitate security in this digital era, but this is no easy task. Many leading organizations are including cyber risk transformation projects within their overall digital transformation initiatives to support this shift. Cyber risk transformation requires a collaborative effort across the CISO group, IT compliance, other facets of information security and technology, and risk management teams. These improvements across cyber risk should align with business needs, hit on key security challenges, and help to automate compliance requirements.
Through integrations and powerful patented automation, businesses can leverage data coming from disparate applications in the information technology and security tech stack to enable compliance automation, dynamic risk management, and data-driven decision-making.
What is Natural Language Processing, and how can security professionals use it to make the most of all the valuable data coming out of their tech stack? In this webinar, CyberSaint's Principal Security Architect Steve Torino will cover how organizations can leverage NLP in two ways: Mapping data from Vulnerability Management tools, SIEM, SOAR, and other solutions to compliance controls and meet NIST requirements in real-time. Harmonizing controls frameworks thereby meeting compliance across standards such as CIS, HIPAA, ISO, NERC, PCI, and many more. Learn how organizations are using CyberSaint's patented technology to automate compliance, optimize resources, and dramatically reduce manual intervention.