Hi [[ session.user.profile.firstName ]]

Security Ratings by the Numbers: Taking Mountains of Data to Create Risk Metrics

Every day BitSight processes and synthesizes tens of billions of events into easy-to-understand, high-quality security ratings. These ratings empower organizations to confidently assess and manage their security performance and that of peers, vendors, insureds, and acquisition targets.

Join Mike Woodward, BitSight’s Program Director of Data, to learn how the data scientists and researchers at BitSight collect, analyze, and process all of this data to produce actionable and insightful Security Ratings.

Attendees will also learn:

How BitSight calculates ratings using a wide variety of risk vectors including security events, diligence factors and user behaviors

The importance of comprehensive network footprint maps in producing industry standard security ratings

Why monitoring performance over time can be beneficial for identifying trends and new risk indicators

The ways customers are using Security Ratings to manage third party risk, benchmark security performance, assess and negotiate cyber insurance premiums, and remediate security risk involved in mergers and acquisitions.
Recorded May 13 2015 38 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Mike Woodward, Program Director of Data, BitSight
Presentation preview: Security Ratings by the Numbers: Taking Mountains of Data to Create Risk Metrics

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • CPE Webinar: GDPR Compliance MasterClass Apr 24 2018 5:00 pm UTC 75 mins
    Rebecca Herold, the Privacy Professor, AlienVault, Absolute Software, OneTrust, and BitSight
    The GDPR is the most significant change in data privacy regulation in more than 20 years. It comes into force on 25 May 2018 and will impact all businesses that process personal data or businesses that process personal data of EU citizens even if they are not in the EU. Obligations for compliance will affect both controller and processors and regulators will get increased enforcement powers and the right to impose fines of up to 4% of global turnover for both data breaches and infringements of the law.

    Attend this CPE accredited educational webinar with our panel of experts to learn what you need to know about the GDPR and how to remain compliant.

    Learning Objectives:

    - Learn how to prepare for GDPR implementation
    - Identify the real life challenges of compliance
    - Learn about prioritizing plans and actions to effectively prepare for data protection
    - Discover some of the benefits, approaches, and tools to comply with the GDPR
  • Enabling Cybersecurity: Ignite Your ERM Program Mar 22 2018 5:00 pm UTC 75 mins
    Moderated by Colin Whittaker. Panelists: Tim White, Qualys, Barracuda, and Cameron Jackson, Riskonnect.
    Effective risk management is critical for every organization, especially in the current era of increasingly frequent and complex cyber threats. Organizations with the ability to detect changes across global IT environments in real time can better prevent and respond to malicious acts such as ransomware/malware attacks and configuration tampering.

    Join our panel of InfoSec experts on this CPE accredited webinar to learn how your organization can take command of risk to proactively prioritize and address the risks that matter most, and ignite your risk management program to enable cybersecurity.

    Qualifying participants will earn 1 CPE credit.

    Learning Objectives:

    - Discover how to identify, catalog, and prioritize risks across the enterprise
    - Find out how to quickly measure critical activities and address inherited risk
    - Learn how to gain efficiency and effectiveness of current risk-management approaches
  • GDPR: Brace for Impact or Not? Recorded: Feb 22 2018 64 mins
    Lance James | Mark Rasch | Martyn Hope | David Morris
    The GDPR compliance date is fastly approaching and many companies will not be compliant. What will this mean for them, what can they do over the remaining time left and what will the impact mean?

    Join this panel of world-class experts:

    Lance James: Chief Scientist at Flashpoint, internationally renowned Cybersecurity Specialist who has advised Boards and CISO’s at a wide range of government and F-500 organizations. Frequent lecturer and speaker.

    Mark Rasch: Chief Legal and Compliance Partner for Digital Risk Management & GDPR. Former Chief Security Evangelist for Verizon Enterprise Solutions, Chief Privacy Officer at SAIC and Led U.S. Department of Justice’s Cyber Crime Unit.

    Martyn Hope: Founder of the EU-GDPR Institute.

    In this session you will learn:
    - What will happen if I'm not Compliant by May 25, 2018
    - Where do I Begin to start my compliance effort
    - Who should I trust to advise me through my compliance program

    If you are a CISO, Board Member, Compliance Officer, Data Privacy Officer or anyone tasked with GDPR , this is a must see discussion of world-class panelists who are experts and have first hand knowledge and expereince.
  • Creating a Single Data Security Classification Policy for GDPR & Everything Else Recorded: Feb 22 2018 48 mins
    Greg Forest, CTO of Contoural
    In order to properly control privacy data under GDPR, you need a plan for both classifying and understanding where that info is kept. Regulation-specific standards are often insufficient, and trying to apply multiple standards is difficult and confusing to employees. In this webcast. Greg Forest from Contoural will discuss how to create a single comprehensive yet workable data security classification standard that both ensures compliance and is intuitive and easier for employees to follow. Topics include:
    • An overview of key data classification frameworks including HIPAA, ISO, FIPS and others, their strengths and their weaknesses
    • Key attributes that should go into your standard including privacy, confidentiality, IP and other types of sensitive information
    • How to create a hybrid standard
    • Sampling your standard with content, and using this to drive adjustments and fine tuning
    • How to integrate data classification with record retention
  • Practical Approach to GDPR Recorded: Feb 22 2018 51 mins
    Tarun Samtani, Group GDPR Lead for Vectura Group Plc, & SkyePharma
    We all know that the EU General Data Protection Regulation (GDPR) will bring a massive change in the way businesses operate and handle personal data. This short discussion will give you to tips to jumpstart your GDPR programme and some easy approaches to take to achieve success in a short space of time.

    1) GDPR short summary
    2) Focus on the goals not vendors
    3) ICO & Data subject expectations - May 2018 onwards
    4) GDPR practical approach
    5) Takeaways

    About the Presenter:
    Tarun Samtani is the Group GDPR Lead for Vectura Group Plc, & SkyePharma. Tarun holds over 18+ years of experience across various sectors like Telecommunications, ISP's, Financial Services, Gambling, Retail and most recently Pharmaceuticals. Tarun has worked across UK, Europe, Asia & Middle East on different assignments. He has a wealth of experience in Cyber security & Data privacy and is passionate about securing business information landscape. During the course of his career Tarun has been involved in the strategy & planning, design, architecture and implementation of a significant number of information security programmes.
  • GDPR's influence on security Recorded: Feb 22 2018 43 mins
    Rob Shapland
    Will GDPR have the desired effect? Will it increase security, or see companies regularly hit with catastrophic fines for poor compliance.
  • Becoming Compliant – Finding GDPR Data in the Wild Recorded: Feb 21 2018 56 mins
    Tom Mighell, Esq., VP of Delivery Services and Greg Forest, CTO, Contoural
    In many ways, creating your GDPR Data Protection Policy is the easy part. As the May deadline approaches, the real work begins on finding all your Privacy Data not only in databases but also GDPR content scattered across file shares, desktops and other storage repositories around the world.

    In this Webcast, Contoural experts Greg Forest and Tom Mighell will discuss:
    • Real-world strategies and processes for identifying, classifying and securing large amounts of not only unstructured GDPR data
    • Addressing semi-structured content
    • Applying automation
    • Creating an ongoing process
  • GDPR Is Coming - Is Your Organization Ready? Key Steps to Help You Prepare Recorded: Feb 21 2018 60 mins
    Amar Singh, Guy Cohen, Punit Bhatia, Mark Leiser, Dr. Rula Sayaf
    On May 25 the long-awaited General Data Protection Regulation (GDPR) will go into effect across Europe. GDPR is the biggest overhaul of data protection laws in more than two decades. How prepared is your organization for GDPR?

    Join this interactive panel of experts as they discuss:
    - What is GDPR?
    - Why should you be GDPR-compliant?
    - How to achieve compliance?
    - Steps your organization should take today to prepare for GDPR
    - Other GDPR considerations

    Panelists

    Amar Singh - CEO, Cyber Management Alliance Ltd
    Dr Rula Sayaf - PhD in privacy, security, and data science, GDPR Expert
    Punit Bhatia, DPO and author - be ready for GDPR.
    Guy Cohen, Strategy and Policy Lead, Privitar
    Mark Leiser - Lecturer in Law, University of Leicester
  • GDPR - Security at the Service of Privacy Recorded: Feb 20 2018 62 mins
    Michelle Dennedy (Cisco) | Ariel Silverstone (Data Protectors) | Paul Rosenzweig (Red Branch Consulting)
    The General Data Protection Regulation (GDPR), a key legislation covering privacy rights, data security, data control, and governance, is going into effect in May 2018. As organizations are scrambling to achieve GDPR compliance before the May 25th deadline, some are still not clear on the exact GDPR requirements.

    Join this panel of experts as they discuss:
    - The regulatory landscape in 2018
    - What GDPR means for you and your organization
    - GDPR requirements around data collection and governance, exposure and breach disclosure, identity and privacy
    - Evaluating your cyber risk
    - Last minute changes your organization needs to make
    - Failure to comply & fines
    - Recommendations for achieving compliance and other regulation on the horizon.

    Speakers:
    - Michelle Dennedy, VP & Chief Privacy Officer at Cisco
    - Ariel Silverstone, Managing Partner, Data Protectors
    - Paul Rosenzweig, Principal at Red Branch Consulting
  • You've Got Your GDPR Policy, Now What? Recorded: Feb 20 2018 60 mins
    Tom Mighell, Esq., VP of Delivery Services, Contoural
    In many ways, having your Data Protection Policy in place is not necessarily the last mile, but the first. In order to be fully GDPR-compliant, you need to understand where all of your information is, where your privacy data lives and how it’s being secured.

    Join Tom Mighell, VP of Delivery Services at Contoural as he discusses the roadmap you need to follow to achieve full compliance before the May 25th deadline.

    Topics will include:
    • Strategies to execute your policy
    • How to train everyone in your organization to be aware of privacy requirements
    • Appointing a Data Protection Officer to manage your privacy program for your organization
    • Steps your organization needs to take now to be ready
  • IT Legislation and Policies in 2018 Recorded: Feb 9 2018 56 mins
    Julie Chenadec, Project Manager, Green IT Amsterdam
    This webinar covers the various legislation and policies, at a European level as well as their application in four different countries, namely: United Kingdom, Netherlands, Germany and France. Legislation and Policies have an important role to play to steer, stimulate and support new products and services but also new business models.

    *Please note: this webinar will be presented in French.
  • Data Centre Innovation Procurement Recorded: Feb 9 2018 60 mins
    Dr. Marc-Andree Wolf, CEO, maki Consulting GmbH
    This webinar introduces the basics of Procurement for Innovation (PPI) to public sector procurers, ICT managers and other public sector professionals supporting data centre-related procurement.

    *Please note: this webinar will be presented in German.
  • CPE Webinar: Critical Actions to Finalize Your GDPR Compliance Program: Part 2 Recorded: Jan 30 2018 78 mins
    Dr. Branden Williams, with Timothy Yim, Imperva; Barbara Cosgrove, Workday; Sue Habas, ASG; and Naheed Bleecker, TrustArc.
    The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

    In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.
  • Are You Ready for PCI D-Day? January 31, 2018 Is But 2 Weeks Away Recorded: Jan 16 2018 64 mins
    Ben Rothke (Nettitude) | David Mundhenk (Herjavec Group) | Jeff Hall (Optiv)
    One of the big priorities for companies in 2018 is to achieve compliance. GDPR is going into effect in May, but even before that new new PCI DSS 3.2 requirements are set to become operational in February. According to the PCI SSC, these requirements were previously considered to be 'best practices' until January 31, 2018, after which compliance with them becomes mandatory. Although this is not connected to GDPR, companies that implement this standard will be some way to becoming GDPR compliant, at least as far as payments are concerned. E.g. In PCI DSS 3.2., multi-factor authentication (MFA) becomes mandatory, offering retailers and other companies a way of protecting customer personal details.

    Join the PCI Dream Team as they discuss:
    - What are the new PCI DSS 3.2 requirements?
    - Who needs to be PCI DSS 3.2 compliant?
    - What is the impact on data protection and cyber security?

    Speakers:
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Principal Security Consultant at Optiv Security
    - Ben Rothke, Principal Security Consultant at Nettitude Group
  • 5 Digital Asset Security Risks Someone Should Have Warned Me About Recorded: Dec 26 2017 40 mins
    Todd DeCapua
    Todd will walk you through the 5 digital asset security risks someone should have warned him about. You will enjoy the stories, see the key learnings, and know what you need to do as you are likely headed down this path.

    With examples in the media, at least on a weekly basis, where realities of risks to Revenue, Brand, Customer and Competitive are all too real. Join the leading expert in Digital Asset Security and Performance Engineering, ensuring you will know where to focus first; enabling you to mitigate some of the higher profile risks, which you and your team may not be aware of yet.

    You will hear about:

    •Domain Management and Strategy
    •Online Brand Protection
    •DNS Services and Analytics
    •SSL Certificates
    •Social Media Username Registration and Management
  • Managing compliance and risk with Data Center Automation Recorded: Dec 13 2017 37 mins
    Megan Glick, Darren Blumenthal, Joe deBalquiere
    It’s no secret that IT compliance management requirements are on an upward spiral. From growing and ever-changing external regulatory policies to tightening internal requirements, getting a complete view across the infrastructure is a major challenge, let alone proving it’s in a compliant state. Micro Focus Data Center Automation addresses these obstacles, providing a single solution for internal and regulatory compliance across heterogeneous servers, database, and middleware.

    Join us to see:

    Product in action including the new simplified portal for compliance use cases
    New risk and security dashboards that give you ultimate visibility into the state of compliance across the entire data center
  • Creating an Information Governance Roadmap Recorded: Dec 1 2017 54 mins
    Mark Diamond, CEO, Contoural
    A well-designed Information Governance roadmap with appropriate milestones and metrics can drive a successful program forward. Join this webcast to learn more about:
    • Key elements for launching an Information Governance Program
    • How to incorporate these elements to meet your organization’s specific needs
    • Creating a team to help you launch your program
  • Digital GRC: Innovations for Early Identification and Management of Risk Recorded: Nov 16 2017 62 mins
    Moderated by Colin Whittaker; Yo Delmar, MetricStream; Jason Ford, Contegix; and Cameron Jackson, Riskonnect
    Attendees can earn 1 CPE credit on this session.

    Digitization has become deeply embedded in enterprise strategy, as nearly all businesses and activities have been slated for digital transformations. The significant advantages of digitization, with respect to customer experience, revenue, and cost, have become increasingly compelling, and we are starting to see digital transformations in risk create real business value by improving efficiency and the quality of risk decisions.

    The state of risk management at most global, multiregional, and regional banks is abundant with opportunity. Current processes are resource intensive and insufficiently effective, as indicated by average annual fines above $400 million for compliance risk activities alone. By improving the efficiency and effectiveness of current risk-management approaches, digital risk initiatives can reduce operating costs for risk activities by up to 30 percent, and a digitized risk function can provide better monitoring and control and more effective regulatory compliance. On this webinar our panel of experts will discuss digital innovations for risk management success.
  • CPE Webinar: A Data Security Survival Guide in an Interconnected World Recorded: Oct 25 2017 66 mins
    Rebecca Herold, The Privacy Professor; M P. Suby, Frost & Sullivan; Deral Heiland, Rapid7; Bharath Vasudevan, ForcePoint
    Attendees can earn 1 CPE credit on this session.

    As the number of internet-connected devices skyrockets into the billions, a data security strategy is an increasingly important part of any organization’s ability to manage and protect critical information. Enterprises are migrating to the cloud in droves, however, protecting data in the cloud remains a challenge as employees push to access cloud apps from any device, anywhere. In the last year alone, 1 in 3 organizations were hacked more than 5 times, and with the increased number of attacks the financial cost of security incidents is also rising.

    In many cases, breaches are caused by a combination of benevolent insiders, targeted attacks, and malicious insiders. For example, targeted attacks are often enabled inadvertently by well-meaning insiders who fail to comply with data or security policies, which can lead to a data breach. In this webinar, our panel will discuss major trends impacting cyber security – from the rising frequency of attacks and types of threats that organizations should be concerned about the most, and they will adress the risks, priorities, and capabilities that are top of mind for enterprises as they migrate to the cloud.
  • A Tactical Guide to Reducing Your Data Breach Risk Recorded: Aug 29 2017 71 mins
    Dr. Branden Williams; Farshad Ghazi, HPE; Yo Delmar, MetricStream; Jordan Rogers, Rapid7; and Billy Sokol, MarkLogic
    Over 90% of the world’s data has been generated in the last few years. Accompanying this rapid growth in data comes exponential risks, as witnessed by the spike in cyber attacks of which no organization seems immune. The financial rewards gained by the perpetuators of cyber attacks is blatant, and this is driving continued attacks on companies containing massive amounts of consumer data. For these companies securing data is only half the battle. The risks can be greater when data is transmitted externally, hence it is critical that organizations know where sensitive data is going, how it is being transmitted, and how it is being handled and stored.

    On this webinar our panel of experts will discuss some of the best practices organizations can consider to reduce the risk of suffering from a data breach, and to proactively prepare for any subsequent breach that could happen.
trends, developments, and technology
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Security Ratings by the Numbers: Taking Mountains of Data to Create Risk Metrics
  • Live at: May 13 2015 5:00 pm
  • Presented by: Mike Woodward, Program Director of Data, BitSight
  • From:
Your email has been sent.
or close