Hi [[ session.user.profile.firstName ]]

The OCEG GRC Capability Model

A framework of standard practices to help your organization achieve Principled Performance.
Recorded Jul 7 2009 44 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Carole Switzer, President, Open Compliance & Ethics Group (OCEG)
Presentation preview: The OCEG GRC Capability Model

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [Earn CPE] Executive's Guide to Smarter GRC with Cybersecurity Attack Analytics Jun 27 2019 5:00 pm UTC 75 mins
    Moderated by Colin Whittaker. Panelists from Lockpath, Ping Identity, Greenlight Technologies, and Netwrix.
    Today’s increasing organizational complexity and evolving threat environment have made it more critical than ever for organizations to clearly identify their exposures, measure vulnerability risk, and quickly prioritize remediation efforts. Cyberattacks are often hidden from view under a mountain of alerts generated by security systems, giving attackers time to gain access to systems and seize valuable data.

    To ensure their companies don't end up in the headlines for the wrong reasons, corporate governance, risk management, compliance management and other “lines of defense” functions need to rethink their security strategy and take an approach that looks at behavior and attack patterns. By conecting cybersecurity attack analytics with risk programs and GRC work streams, executives can increase visibility into the overall security risk of the organization which makes the investigation of application security events easy, and enables teams to mitigate and respond to real security threats quickly and decisively.

    Join this CPE panel webinar for insights on achieving smarter GRC with CAA. We will share:

    - Why traditional endpoint security is failing to see and stop attacks.
    - How using attack analytics can stop cyberattacks now and in the future.
    - Efficient ways to analyze events and prevent threats.
    - How to move from looking back to real-time and forward-looking GRC monitoring.
  • Panel Discussion: Proactive Privacy and Data Security Jun 6 2019 1:00 pm UTC 45 mins
    Allan Boardman, ISACA
    How can enterprises shift from a reactive approach to privacy and data security to being proactive and closer to privacy-and-security-by-design? Join this panel of experts to get the answer to all of your privacy, security and compliance questions.

    Viewers can learn more about:
    - Effect of GDPR: One year later
    - How are enterprises instituting changes to achieve and maintain compliance
    - Challenges to achieving compliance in an IoT world
    - How to bake privacy and security into your processes
    - Best practices for data protection and privacy from the ground up

    Panellists tbc

    Moderated by Allan Boardman, CGEIT Certification Committee Member, ISACA
  • Panel Discussion - Application Security in a DevOps World Jun 6 2019 10:30 am UTC 45 mins
    Moshe Lerner (Checkmarx), Paul Farrington (Veracode)
    With today's enterprises leveraging around 1000 applications and multiple clouds, application security is becoming a key area of focus. Application security testing is being integrated into the DevOps process early on, while automation, speed and coverage and becoming critical to the success of DevSecOps programs.

    Join this interactive panel of industry experts to learn more about:
    - Why application security is critical
    - Key principles for building application security into DevOps
    - Best practices for leveraging automation
    - Speed vs Security: Where do you draw the line?
    - Recommendations for improving security in 2019

    Panellists
    Paul Farrington, EMEA CTO, Veracode
    Moshe Lerner, SVP Product Strategy & Corporate Development, Checkmarx
  • Ask the Security Expert: How to Protect your Business in the Cloud Jun 5 2019 2:30 pm UTC 30 mins
    Carl Leonard, Principal Security Analyst, Forcepoint
    Cloud security is a key challenge for today's data-driven businesses.

    Join this interactive 1-2-1 discussion where Principal Security Analyst, Carl Leonard will share insights on;

    - What are the top cyber threats and trends to look out for in 2019?
    - Why are businesses continuing to suffer data breaches?
    - How are businesses securing themselves as they embrace digital transformation?
    - What is secure SD-WAN? Why is it increasingly important to businesses with distributed office locations?
    - What are the most important security solutions for businesses wishing to safely adopt cloud services?
  • Panel Discussion - Protecting Against Phishing, Ransomware & Social Engineering Jun 5 2019 1:00 pm UTC 45 mins
    Raef Meeuwisse, ISACA | Carl Leonard, Forcepoint | John Scott, Bank of England
    External and internal threats continue to pose a challenge for security professionals worldwide. How are businesses preparing against attacks like phishing, ransomware, and social engineering?

    Join security experts from the industry to learn more about:
    - The most prevailing cyber threats businesses face in 2019
    - Lessons from cyber attacks and strategies for protecting against them
    - Solutions for faster breach detection and response
    - Why network visibility is key
    - Recommendations for improving enterprise security

    Panellists
    Carl Leonard, Principal Security Analyst, Forcepoint
    John Scott, Head of Information Security, Bank of England

    Moderated by Raef Meeuwisse, ISACA Expert Speaker and co-author of "How to Hack a Human: Cybersecurity for the Mind"
  • Panel Discussion: CISO Challenges and How to Solve Them Jun 5 2019 10:30 am UTC 45 mins
    Yotam Gutman | David Boda, Camelot Group | George Patsis, Obrela Security Industries |
    Today's CISO faces a myriad of challenges when it comes to securing the enterprise. From budgetary concerns and vendor confusion to dealing with the chronic lack of cyber talent, to addressing the disappearing security perimeter, CISOs are looking for ways to automate security operations and leverage AI to do more with existing teams and fewer tools.

    Join security experts across the industry for an interactive discussion on:
    - What keeps CISOs up at night
    - Strategies for breach prevention
    - Strategies for making the most of AI technology and human talent
    - Coping with analyst fatigue
    - Threats on the horizon
    - Recommendations for strengthening security

    Panellists
    David Boda, CISO, Camelot Group
    George Patsis, CEO, Obrela Security Industries

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Panel Discussion - Securing the IoT in the Age of Threats Jun 4 2019 1:00 pm UTC 45 mins
    Yotam Gutman | Nigel Stanley, TÜV Rheinland Group |
    The ever-growing Internet of Things continues to pose security and privacy threats. How are businesses managing the risks associated with IoT devices on their networks? What are the best strategies for achieving basic security and cyber hygiene?

    Join this interactive panel with IoT and security experts to learn more about:
    - Impact of IoT on enterprise security
    - How to assess the IoT risk
    - Most common IoT vulnerabilities and how to address them
    - Recommendations for improving IoT security

    Panellists
    Nigel Stanley, CTO - Global OT & Industrial Cyber Security CoE, TÜV Rheinland Group

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Panel Discussion - Multi-Cloud Security and Compliance Jun 4 2019 10:30 am UTC 45 mins
    Alex Hilton, Cloud Industry Forum | John Meakin, GSK | Patrick Grillo, Fortinet | Dave Barnett, Forcepoint EMEA
    The cloud strategy of today's enterprise spans across multiple clouds and hundreds of applications. Point security solutions no longer work, so enterprises are turning toward a more orchestrated approach to achieving security and compliance in the cloud.

    Join cloud and security leaders in an interactive discussion to learn about:
    - Key security and compliance challenges associated with a multi-cloud strategy
    - Recommendations for managing and automating security across multiple clouds and applications
    - The future of cloud
    - Improving enterprise security in an ever-changing threat landscape

    Panellists
    Dave Barnett, Head of CASB, Forcepoint EMEA
    Patrick Grillo, Senior Director - Security Solutions, Fortinet
    John Meakin, Group Chief Information Security Officer, GlaxoSmithKline (GSK)

    Moderated by Alex Hilton, Chief Executive, Cloud Industry Forum
  • Identity Verification and Authentication: Balancing Compliance and Convenience Jun 3 2019 11:00 am UTC 75 mins
    Melisande Mual | The Paypers, Berit Svendsen, Vipps | Onfido (panelist to be announced
    Organisations are often challenged with finding the right balance between innovating and staying secure. How are cutting-edge advancements revolutionising the way we look at identity and authentication?

    Join the panel to hear about:

    -Understanding the digital identity landscape
    -How to avoid drop-off during the verification process
    -How developments like biometrics, AI, blockchain can impact identity and data management
    -How to adapt and respond to new regulations like PSD2, Open Banking, and GDPR

    Panel moderated by: Melisande Mual, Founder at The Paypers,
    Berit Svendsen, EVP International Business at Vipps
    Onfido (panelist to be announced)
  • [Earn CPE] Enabling GRC with Secure Authentication across the Digital Ecosystem May 30 2019 5:00 pm UTC 75 mins
    Colin Whittaker, IRD; Richard Bird, Ping Identity; Teju Shyamsundar, Okta, Jerrod Chong, Yubico; and Andy Smith, Centrify.
    The days of securing a well-defined perimeter around your organization are gone. The cloud, mobile technologies, the internet of things (IoT) and diverse user groups freely exchange data across digital ecosystems, network and economies. This fluidity, however, means that organizations must secure access at multiple points throughout the organization, or risk letting in intruders seeking to hijack data.

    To manage the increasingly diverse digital landscape, IT and security managers need to move beyond usernames and passwords, and expand their use of multi-factor authentication (MFA) to help provide secure and convenient access to the critical data and systems users need. On this webinar our panel of experts will address how secure authentication can help enable GRC across the digital ecosystem, and they will share tips on:

    - Securing access at all points across applications, devices, users and environments.
    - Sharing insights across security systems to strengthen security.
    - Collecting and analyzing information to stop attacks.
    - How MFA can transform secure access—to any application, from any device, anywhere, at any time.
    - Strengthening identity assurance with privileged users.
  • [Earn 1 CPE] Key Steps to Identify Risk and Master Vendor Risk Management Apr 25 2019 5:00 pm UTC 75 mins
    Colin Whittaker, IRD; Jake Olcott, BitSight; Blake Brannon, OneTrust; Kelly White, RiskRecon; and Todd Boehler, ProcessUnity.
    In today’s interconnected technology ecosystem, companies increasingly rely on third party vendors to meet their operational needs. However, the current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

    Understanding and managing cyber risk posed by vendors, suppliers, and third parties has proven to be a difficult task. The right mix of people, processes, and technology result in the most effective and comprehensive program. Join this CPE accredited panel webinar as our expert panel address some key steps to master VRM, including:

    - Implementing a scalable VRM program from the ground up,
    - Tips on managing vendor data and mapping the digital supply chain,
    - Assessing third, fourth, and fifth-party risk,
    - Performing quantifiable vendor security analyses,
    - Establishing pre-procurement standards.
  • Riding New Data Regulation Waves: Intro to CCPA Apr 23 2019 4:00 pm UTC 60 mins
    Victoria McIntosh, Information & Privacy Professional
    Surf's up! Coming into force in 2020 is the California Consumer Privacy Law. As a new privacy law in the United States, the CCPL breaks significant ground. Following international trends, those living in California will soon have stronger privacy rights.

    If you do business in the state or process data on California residents, time to pay attention. Get amped with Privacy Technologist Victoria McIntosh, breaking down what you need to know about the new regulation.
  • [Earn 1 CPE] Implementing a NIST Framework for Adaptive Cybersecurity Recorded: Mar 21 2019 79 mins
    Colin Whittaker, with Sam Abadir, Lockpath; Allan Liska, Recorded Future; and Gina Mahin, Lynx TP; David McNeely, Centrify
    In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of adaptive cyber security strategies is becoming inevitable to achieve that goal.

    Adaptive cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. The NIST Cybersecurity Framework enables organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

    - Getting a clear picture of the current health of your organizations' defenses
    - Defining your security road map using NIST CSF as a framework
    - Conducting gap analysis and executing remediation actions
    - Mapping the NIST CSF with security controls and built-in reporting templates that align with the framework.
  • Demystifying Cyber for the Board and Beyond Recorded: Mar 19 2019 40 mins
    Griff James, Director, Damrod Analysis Ltd
    Successful security programs explain the situation, the risks, and the options available in a way that is both simple and true. Damrod draws on military analytical frameworks to develop map models that accurately depict the cyber terrain and guide the generation of a series of overlays. These build to create an Effects based plan suitable for Governance, Risk, and Compliance needs.

    Join this webinar for an introduction to the cyber-as-conflict model developed by Damrod.
  • [Earn 1 CPE] Revitalizing Access Control Programs: Intelligent Automation Recorded: Mar 7 2019 64 mins
    Colin Whitaker, Informed Risk Decisions; Phil Shomura, Senior Product Manager, ACL
    Access control, a critical component of IT security compliance programs, ensures that organizations protect confidential information, like intellectual property and customer data. But your access management program can easily become outdated and static—especially if you rely on manual control testing and user access administration tasks.

    By using robotics and process automation, or RPA, you can tackle some of the common challenges associated with access control programs. RPA works 24/7, reduces human error, and saves employees from manual, repetitive tasks. RPA might be the key to advancing your access control program.

    Join this CPE webinar for insights into how you can reduce costs, increase efficiency and improve the effectiveness of your access control program with RPA. We will share:

    - How to get started with an access control program.
    - Ways to evaluate the right tools to automate processes at a task level, and align to your process automation strategy.
    - Practical steps you can take to see value from advanced analytics in risk management, compliance, and continuous monitoring programs.
    - How to embed governance, risk management, and controls into your enterprise’s mobilization and deployment of RPA, so you can catch issues before they arise.
  • Critical Actions to Prevent a Data Breach in 2019 and Beyond [Recording] Recorded: Feb 20 2019 76 mins
    Panelists: Nick Hayes, Forrester; Idan Shoham, Hitachi-ID; Jason Bonds, Ping Identity; Perry Carpenter, KnowBe4
    * This is a recording so CPE credit is unavailable.

    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • Favorite Talks, Topic Trends…The Inside Scoop on RSA Conference 2019 Recorded: Feb 7 2019 46 mins
    Britta Glade, Wendy Nather, Rich Mogull, Diana Kelley, Ryan Berg
    Join RSA Conference Director of Content Curation and four Program Committee Members for a panel discussion about the topics they’re most excited about at RSA Conference 2019. Plus, some hints at the big discussions to take place in areas like Blockchain, security strategy and more:

    * Is Blockchain bulletproof?
    * Are there technical risks related to cryptocurrencies?
    * How to assess the coverage and gaps in your security portfolio
    * The theme of “acceptance” in security strategy
    * Exciting sessions in our Hackers & Threats track from chipset to containers, as well as smart contracts
    * Closing the enterprise gaps when it comes to moving to the cloud

    You’ll have a chance to ask questions during this live webcast. Join us for this exclusive preview of what you’ll hear about at RSA Conference 2019, March 4-8 in San Francisco.

    Britta Glade, Director Content & Curation, RSA Conference
    Wendy Nather, Director, Advisory CISOs, Duo Security
    Rich Mogull, Analyst & CEO, Securosis
    Diana Kelley, Cybersecurity Field CTO, Microsoft
    Ryan Berg, Fellow, Alert Logic
  • Managing Compliance and Security in the Cloud Recorded: Jan 30 2019 43 mins
    Benny Czarny, Tzach Horowitz, Ariel Zeitlin, Diana Kelley
    "In the age of breaches, enterprises are looking to understand the security and compliance risks associated with data stored in, and accesible from, cloud applications so they can better prepare should the unthinkable happen. With data and workloads moving to the cloud, securing the enterprise is more critical than ever.

    Join cloud, security and compliance experts as they discuss:
    - How to proactively analyze security risk from the business perspective
    - What you need to know about your data, and how to ensure it is compliant when in the cloud
    - How to automate security policy changes
    - Top challenges for CISOs and CIOs
    - Achieving security and compliance across multiple clouds
    - Steps to take today"

    Presenters
    Benny Czarny, CEO and Founder, OPSWAT
    Tzach Horowitz, Pre-Sale Director, Cybergym
    Ariel Zeitlin, CTO and co-founder, Guardicore
    Diana Kelley, Cybersecurity Field CTO, Microsoft
  • Strategies for Cyber Resilience in 2019 Recorded: Jan 30 2019 50 mins
    Aviv Cohen, Eddy Bobritsky, Israel Levy, Ariel Koren
    With cyber attacks and breaches on the rise, cyber resilience is becoming an area of focus for C-suite executives worldwide. It is no longer a question of "if" a breach will occur, but "when," and organizations are looking to include cyber resilience as part of their business continuity and disaster recovery programs.

    Join security and business continuity experts as they review:
    - Threats to cyber resilience and business continuity
    - Lessons from Wannacry (ransomware) and NotPetya (wiper) attacks
    - Attack trends and business preparedness
    - Steps for enterprises to take today

    Panellists
    Aviv Cohen, CMO, Pcysys
    Ariel Koren, CTO, SNDBOX
    Israel Levy, CEO, Bufferzone Security
    Eddy Bobritsky, Founder & CEO, Minerva Labs
  • Top Challenges for CISOs and How to Solve Them Recorded: Jan 29 2019 46 mins
    Aviv Grafi, Guy Dagan, Noam Erez, Kobi Freedman, Avivit Kotler
    According to a recent study, having a lack of influence in the boardroom is a key reason why 84% of CISOs in North America believe there is no way to avoid a data breach. How are CISOs addressing the ever-growing cyber threat landscape, disappearing security perimeter and the chronic lack of skilled security professionals? What do they need to communicate and how, to get the board on their side?

    Join security experts across the industry for an interactive discussion on:
    - What keeps CISOs up at night
    - Strategies for breach prevention
    - Strategies for making the most of AI technolofy and human talent
    - Coping with analyst fatugue
    - Threats on the horizon
    - Recommendations for strengthening security

    Panellists
    Noam Erez, co-founder and CEO, XM Cyber
    Aviv Grafi, CEO and co-founder, Votiro
    Guy Dagan, Cofounder and Partner, Consienta
    Avivit Kotler, CISO - Head of Cyber Security & Business Continuity, Clal Insurance
    Kobi Freedman, Co-founder & CEO, IDRRA
trends, developments, and technology
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The OCEG GRC Capability Model
  • Live at: Jul 7 2009 5:00 pm
  • Presented by: Carole Switzer, President, Open Compliance & Ethics Group (OCEG)
  • From:
Your email has been sent.
or close