Name: How to Use NIST SP 800-53 to Protect Your Information Systems and Resist Attacks
Start: 2020-11-06T22:35:00Z
End: 2020-11-06T22:35:57.000Z
Location: BrightTALK
Rating: 4

We seek to empower compliance officers and everyone who participates with compliance efforts. With our content, we aim to help these professionals guide organizations toward correct actions, a more ethical culture, fairness and greater transparency. 

Headquartered in Bellevue, WA, Hyperproof serves as a system of record for an organization’s compliance data and gives teams involved the tools they need to collaborate with stakeholders in and outside of their organization. With this innovative approach, we’re able to help organizations meet their highest aspirations and demonstrate their commitment to protecting their customers, shareholders, partners and suppliers along with the greater community.

Check it out for yourself at hyperproof.io.

Enterprise GRC professionals are often pressured to minimize spend on risk and compliance initiatives while still maximizing their efficiency and keeping their organizations secure and compliant. Fortunately, there's a growing realization that the right GRC solution, traditionally seen as a cost center, holds untapped potential for better decision-making, unlocking a significant competitive advantage. As a result, they need to break down the data silos between risk and compliance activities to get a transparent, holistic view of their compliance and risk postures, but they aren’t always sure where to start.  

Join our experts Cheri Hotman, Partner, vCISO, Hotman Group and Kayne McGladrey, Field CISO from Hyperproof to learn more about:

- The drivers creating a growing need for transition from viewing GRC as a compliance obligation to operationalizing it as a strategic solution
- Practical strategies for transforming GRC operations, with a focus on breaking down silos
- Best practices for unifying risk and compliance data
- How to best prioritize GRC initiatives

From Cost Center to Competitive Edge: Operationalizing GRC

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels. 

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Dustin Lehr, Sr Dir Platform Security, Deputy CISO at Fivetran, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Dustin will share insights into his current work and past experiences in the field. Register now for your chance to learn from one of today’s top InfoSec pros.

Topics covered include:
- Deputy CISOs
- Security Champions
- Security Culture Change
- White House Memo on Memory-Safe Apps

Infosec Pros: Dustin Lehr, Deputy CISO at Fivetran (Recording)

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels. 

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Sue Bergamo, CIO and CISO at BTE Partners, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Sue will share insights into her current work and past experiences in the field. Register now for your chance to learn from one of today’s top InfoSec pros. 

Topics covered include:
- CISOs
- 10Ks
- The Tim Brown Amicus Brief
- 2024 IT Risk and Compliance Survey
- AppSec

Infosec Pros: Sue Bergamo, CIO and CISO at BTE Partners (Recording)

It’s that time again! Hyperproof’s fifth annual benchmark survey is here. Each year, we ask over 1,000 GRC professionals about their pain points, IT risk and compliance budgets, staffing, risk management best practices, and much more to compare results from the previous year, provide an in-depth view of the market’s current state, and prepare for this year and into the future. Our results were fascinating: point solutions are no longer fulfilling the needs of GRC professionals, and internal audit, risk, IT, and compliance teams are looking for a single solution. The question is: which team’s priorities will take precedence?

Join us for our webinar to learn about:

The top findings from the survey (hint: trust and transparency are top-of-mind for GRC professionals in 2024)
Why GRC professionals are searching for a single, holistic solution that can solve the challenges of multiple teams
How data silos between risk and compliance are affecting respondents’ ability to address their GRC challenges
How the market has responded to AI risks in 2023 and how GRC professionals plan on leveraging AI in 2024
How decision-making around GRC has shifted toward a more collaborative approach

2024 IT Risk and Compliance Benchmark Report Findings

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels. 

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Jeff Warren, Owner & Principal Consultant at South Lake Cyber Risk, LLC, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Jeff will share insights into his current work and past experiences in the field. Register now for your chance to learn from one of today’s top infosec pros.

Topics covered include:
- CISOs
- Cybersecurity Program Effectiveness
- Labor Shortage
- AI and Machine Learning

Infosec Pros: Jeff Warren, Owner at South Lake Cyber Risk (Recording)

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels. 

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Ryan Niemes, Head of Security at Helix, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Ryan will share insights into his current work and past experiences in the field. Register now for your chance to learn from one of today’s top infosec pros. 

Topics covered include:
- Cloud
- Incident Response
- HIPAA & Genetic Data
- IoT and labs and HIPAA
- Asset Visibility

Infosec Pros: Ryan Niemes, Head of Security at Helix (Recording)

CIS Critical Security controls are a prescriptive, prioritized, and simplified set of best practices that can strengthen your cybersecurity posture. The CIS Controls include foundational security measures that you can use to achieve essential hygiene and protect yourself against a cyber attack. Are you curious whether CIS Critical Security Controls is the right choice for your organization? Or are you currently using CIS Critical Security Controls and wondering how to maximize your experience? Join Charity Otwell, Director at Critical Security Controls - CIS, and Kayne McGladrey, Field CISO at Hyperproof, to discuss areas of focus for CIS controls and how they can best apply to organizational security. 

Participants will:
- Learn the basic foundation of CIS Controls
- Understand how to assess applicability for their organization
- Learn how to adopt best practices around CIS Controls
- Learn the upcoming changes that will be made to the CIS Controls

Elevating Security: The Power of CIS Critical Security Controls

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels. 

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Ali Khan, Field CISO at ReversingLabs, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Ali will share insights into his current work and past experiences in the field. Register now for your chance to learn from one of today’s top infosec pros. 

Topics covered include:
- Supply Chain Security
- Application security and API security
- Software assurance
- SBOMs

Infosec Pros: Ali Khan, Field CISO at ReversingLabs (Recording)

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels. 

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Nigel Sampson, Global Director of Cybersecurity at IDG, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Nigel will share insights into his current work and past experiences in the field. Topics covered include:
- How to build strong cybersecurity programs
- Challenges CISOs are currently facing
- How AI is affecting the cybersecurity landscape
- Live audience questions

Infosec Pros: Nigel Sampson, Global Director of Cybersecurity at IDG (Recording)

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels. 

In Hyperproof’s newest live-streaming series, leaders in information security will shed light on crucial topics that shape the modern cybersecurity landscape.

We’ll kick things off with Joseph Evangelisto, CISO at Tango Analytics, and our host, Kayne McGladrey, Field CISO at Hyperproof. Kayne will interview and chat with Joe as he shares insight from his personal experiences such as:

- The comparison of the days of an SMB CISO and the days of CISOs in larger businesses
- Retaining your InfoSec workforce and vendors
- How you can maintain a proper work-life balance
- Limiting your personal liability if you don’t have D&O insurance

Infosec Pros: CISO Joe Evangelisto (Recording)

Selecting the right cyber insurance program can be an arduous process, and with the rapid rise of increased rates in the last two years, it’s only become more difficult. Compliance professionals around the world are wondering whether to buy or not to buy. That is the question, right?

Additionally, they’re thinking about what type of cyber insurance to get, what it actually covers, and what to do if they decide to get it. We’ll answer all of these questions and in our upcoming webinar.

Join us for this enlightening webinar about the current state of cyber insurance and how to decide on self-insuring certain categories of risks. We’ll discuss:

The current state of cyber insurance (and wow, it’s a doozy)
The business argument for why you should or should not get cyber insurance
How to demonstrate control implementation and efficacy if you do purchase cyber insurance

To Buy or Not to Buy: When Is Cyber Insurance Worth It?

As generative AI tools like ChatGPT continue to evolve and impact various industries, compliance experts are left wondering about the potential security implications for their businesses. Join us for this enlightening webinar as we discuss the dos and don'ts of working with ChatGPT and similar technologies to equip compliance experts with the knowledge to navigate the security challenges presented by generative AI. We’ll also explore how you can ensure the safe and secure implementation of AI technologies within your organization and what security threats to anticipate.

Join speakers Kayne McGladrey, Field CISO at Hyperproof, and Dr. Rebecca Wynn, Global Chief Security Strategist & CISO at Click Solutions group, as they discuss:

Valid use cases for using generative AI tools like ChatGPT in your business practices
How to teach your organization to responsibly use AI tools how they can negatively impact enterprise risk and liability
Security policy considerations that organizations should examine before incorporating ChatGPT or similar AI technologies
Insights into enterprise risk management frameworks that can help manage this new risk

Working with ChatGPT: The Dos and Don’ts for Your Organization’s Security

Achieving and maintaining compliance with many regulatory frameworks over time is no easy task. Many stakeholders and contributors are involved in collecting evidence, testing controls, preparing for audits, and overseeing a business’ compliance and risk posture. The complexity involved in this work can easily overwhelm even the most seasoned professionals.

IT compliance professionals are finding that purpose-built GRC platforms that streamline workflows across departments and individuals are the best way to simplify what has traditionally been repetitive and convoluted processes. Join us for an exploration of today’s best practices to optimize your compliance operations processes to reduce risk and make continuous compliance a reality.

In this session, we’ll address:

- How today’s landscape makes achieving and maintaining compliance more complex.
- Optimizing stakeholder visibility and communication.
- Using GRC tools to scale your business.
- What to consider when evaluating GRC tools.

How to Build Scalable Compliance and Risk Management Programs

2022 brought a number of high-profile data breaches, an increased focus on the ever-expanding cloud landscape, and a renewed consciousness of the cost of compliance – or lack thereof. As a result, organizations will be faced with the challenge of increased regulatory scrutiny and higher penalties for non-compliance in 2023. While this could start to feel like an impossible battle to fight, organizations that lean into the strategy of optimizing their workflows for compliance and risk management will come out on top.

While there’s no avoiding the likely increase in regulatory scrutiny, there is plenty to be done to make sure that your organization is well-prepared for responses to the change. In this webinar, Thomas Wilcox, Sr. Director, Security & Compliance at Hyperproof, and his guest will discuss how stakeholders’ focus on security, risk, and compliance has shifted and how security and compliance professionals can put in place streamlined workflows to operationalize communicating with them. In this session they’ll cover:

- What regulatory obligations are expected to change or evolve
- The costs of not optimizing compliance and risk workflows
- What practices will best prepare teams of any size to respond to regulatory changes and communicate with stakeholders

Ready for More Regulatory Scrutiny? Start Thinking About Compliance Workflows

Maintaining cybersecurity compliance and building reliable risk management practices isn’t a simple to-do item you check off anymore. The livelihood (and ultimately the growth) of your business depends on resilient security and compliance programs. Add in changing regulatory requirements, and the challenge becomes exponentially more complex. 

Join Hyperproof and (ISC)2 on April 11, 2023  at 1:00 p.m. Eastern/10:00 a.m. Pacific to hear more about: 
• The value of connecting compliance and risk 
• Optimizing stakeholder visibility and communication 
• Using GRC tools to scale your business
• Long-term impacts of streamlining compliance, security, and risk management workflows

Level Up Your Cybersecurity Scalability

Cybersecurity breaches have been a hot topic lately, with several high-profile cases making national news. One lesson carries across these stories: the importance of effective internal assessments, as they are critical tools to find weaknesses in your security program and assuring that those weaknesses are fixed. 

But how do you prepare for a sharp increase in investigations with adversarial discovery in 2023? Join our experts in security compliance as they discuss:

- The current state of risk, and what exactly happened at Uber, Drizly, and Twitter
- Why so many security breaches have hit the news recently
- How to prepare for the inevitable increase of internal assessments as a result of these breaches
- How to operationalize your risk management workflows to make these assessments as easy as possible

Cybersecurity Breaches: How Internal Assessments Can Help You Avoid One

Are you wondering about the ever-changing landscape of IT compliance and risk management? Are you looking to level-up your compliance management operations? We’re here to help.

Hyperproof conducts an annual survey to uncover the top challenges IT compliance professionals face and what hot topics they’re focused on in the coming year. We’ve asked over 1,000 survey respondents about their pain points, IT risk and compliance budgets, staffing, risk management best practices, and much more to provide an in-depth view of the market’s current state and what to prepare for this year.

Sign up for this webinar to get an overview of the reports findings and learn how your industry peers are managing IT risk and compliance programs within their organizations. 

We’ll cover:

The top five findings from the survey
How your peers are planning to handle compliance, audit management, and risk management in the midst of a volatile economy
What companies are doing differently in response to recent and highly publicized security breaches to avoid security lapses and compliance violations
Leading practices for ensuring security, compliance, and risk management today

Register today for these invaluable market insights. All registrants will also receive a copy of the 2023 IT Compliance Benchmark Report, which will be released February 23, the same day as the webinar.

2023 IT Compliance and Risk Benchmark Report Findings: The Top 5 Game-Changers

Are you using spreadsheets to manage your IT compliance or risk programs? You might not know it yet, but your spreadsheets are holding you back. 

From clunky and disorganized workflows to manual evidence collection and control monitoring, you’re spending hours of time on menial tasks instead of strategic initiatives. 

The solution is clear: it’s time for a modern GRC tool. But how does one best prepare for the move? What can be expected in the transition? How long will it take? 

While each IT and compliance professional's transition out of spreadsheets can vary, those who have gone through it can share their experiences — and why it was worth it.

Join experts in the security compliance industry as they discuss:
- 3 important things to understand about moving from spreadsheets to a GRC tool to manage compliance and risk
- How to know when you should consider upgrading to a GRC tool
- How you can best prepare for a smooth transition with your team
- Unexpected blockers to look out for while transitioning

Spreadsheets and Modern GRC Tools: 3 Things to Know

In this webinar, we will discuss why IT risk management frameworks like NIST SP 800-53 are particularly relevant now, key security control families within NIST SP 800-53 that need to be operational to ensure secure remote work, what's new in the latest version of NIST SP 800-53, and ways to save time and avoid duplicative effort when adhering to multiple IT compliance standards.

How to Use NIST SP 800-53 to Protect Your Information Systems and Resist Attacks

Information Security

IT Governance

Compliance

Cyber Attacks

Cyber Security

Risk Management

Cloud Security

IT Security

Security

NIST

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

How to Use NIST SP 800-53 to Protect Your Information Systems and Resist Attacks

Presented by

About this talk

More from this channel