Hi [[ session.user.profile.firstName ]]

Determining Cloud Strategy within IT GRC

Cloud is an increasingly prevalent and medium for the delivery of IT, offering users considerable flexibility, affordability and scalability. It is not a universal solution though. Therefore, when should an organisation choose cloud services over on-premise? What deployment models are appropriate? And, what considerations need to be made in determining and mitigating operational, commercial and security risks, governance and compliance. The Cloud Industry Forum will discuss current trends around cloud service adoption, issues raised by early adopters that need to managed, and set out key considerations businesses should be aware of in advancing cloud services as part of their wider IT capability.
Recorded Oct 13 2011 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Andy Burton, Chairman, Cloud Industry Forum
Presentation preview: Determining Cloud Strategy within  IT GRC

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [Earn CPE] Executive Tips to Present Cybersecurity to the Board Nov 19 2020 6:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    TBC
  • [Earn CPE] A Third-Party Risk Management Masterclass Sep 24 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    TBC
  • [Earn CPE] Implementing a Global Privacy Framework for End-to-End Compliance Jul 30 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    GDPR is a global phenomenon because as we all know, it applies not only to organisations located within the European Union (EU) but also to those outside of it, if they market to or monitor EU data subjects. It has set a benchmark that non-EU regulators are increasingly willing to match or even exceed, with emerging legislation such as The California Consumer Privacy Act and India’s Draft Data Protection Bill enacted.

    For many organisations, implementation was less challenging than they feared, as a lot of the building blocks for the CCPA were already in place after GDPR implementation. However, the bigger picture is that many issues are not yet fully resolved. The detail surrounding the data organisations hold (whose it is, why it is being held, and how it is being managed)- not just across IT systems but also devices, messaging services, social media and more – is often not yet clear. The way that the GDPR bumps up against existing laws is also not fully resolved. Just one example is data retention, where other laws require data to be kept for longer than the GDPR demands.

    Add to that the varying business imperatives, regional differences, and legal perspectives that impact on data privacy and in many ways the journey is just beginning. The positive here is that as these issues are addressed, better privacy models will emerge that not only aid compliance but also boost agility and support business growth. Join this CPE accredited webinar and listen to our expert panel discuss how to implement a global privacy framework for end-to-end-compliance, including how to:

    - Better align global privacy data regulations,
    - Enable business agility by forstering greater interplay between CIOs, CTOs, DPOs and CEOs,
    - Create successful privacy frameworks that are globally aligned, and locally deployed.
  • [Earn CPE] Automated Integrations for Third-Party Risk Management Jun 25 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    TBC
  • Earn CPE| Privileged Account Management: What You Need to Know for Data Security May 21 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. Panelists: Thycotic, Greenlight Technologies, Netwrix
    TBC
  • [PANEL] How to Simplify Cyber Risk Management? May 13 2020 3:00 pm UTC 60 mins
    Panelists TBA
    In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?

    Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
    - Risk scoring and security controls
    - How to identify risks for organizations and their third-party vendors
    - How to prevent, detect, and respond to, privacy and network security incidents
    - Best of vulnerability and risk management in a multi-vendor environment
    - Best practices and use cases across industries
  • Data Privacy in 2020 and Beyond May 13 2020 3:00 pm UTC 60 mins
    Panelists TBA
    Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - What's new on the data privacy and compliance landscape
    - Main differences between data regulations around the world and what this means for your organization
    - Expert recommendations regarding best tools and practices for achieving and maintaining compliance
    - The future of data privacy
    - What to expect in 2020 and beyond
  • [Earn CPE] Benchmarking Data Security Performance with Cybersecurity Frameworks Apr 23 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. Panelists from Process Unity and TBC.
    In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of agile cyber security strategies is becoming inevitable to achieve that goal.

    Agile cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. Cybersecurity Frameworks such as NIST can enable organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

    - Getting a clear picture of the current health of your organizations' defenses
    - Defining your security road map using a cybersecurity framework
    - Conducting gap analysis and executing remediation actions
    - Benchmarking performance with security controls and built-in reporting templates that align with the framework.
  • Cyber Breach Fatigue Mar 31 2020 7:00 pm UTC 60 mins
    Rhonda Bricco (UnitedHealth Group), Mary Diner (Optum), Deb Doffing (Optum), Sue Perkins (Optum), Cat Goodfellow (Optum)
    The stream of near constant data breaches has left consumers desensitized to the news their information was lost or stolen. We’ll discuss issues around complacency both in consumers and enterprises such as how long the customer cares after a breach occurs, whether data loss is as negatively impactful to an organization’s reputation as it used to be, and how breach fatigue benefits hackers.
  • [Earn CPE] Matching Threat Intelligence & Third-Party Risk for Cyber Security Mar 12 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker. With speakers from RiskRecon, Process Unity, OneTrust, and Recorded Future.
    As organizations evolve and become more connected, their reliance on third-party ecosystems continues to grow. While these business relationships undoubtedly add value, they also introduce significant new risk and compliance challenges. The third-party risk management process is complex and involves more stakeholders and data sources than many people may think including: cyber risk information, supply chain, financial, IT, compliance, legal, and privacy risk data. But even with loads of available data, it’s extremely difficult for risk teams to know how to prioritize risk and focus remediation and response efforts without the proper context or processes.

    As a result risk management teams are turning to governance, risk, and compliance (GRC) solutions to help centralize all of this information in order to gain a more holistic view of their third-party ecosystem. Cyber third-party risk data is a critical piece of the puzzle to a holistic third-party risk program within a GRC solution. Having access to a threat-centric view of cyber risk provides risk management teams with real-time insights that enable them to make faster, more confident decisions and effectively manage third-party risk.

    On this CPE accredited webinar our panel of experts will address how to bring threat intelligence into the third-party risk management process and discuss:

    - The importance of holistic risk management and sustainable ongoing monitoring,
    - How to incorporate external content sources and create a centralized data repository for a more holistic view of your vendors,
    - Ways to advance your third-party risk maturity with threat intelligence.
  • Good vs Bad Metrics Feb 18 2020 8:00 pm UTC 60 mins
    Rhonda Bricco (UnitedHealth Group), Mary Diner (Optum), Deb Doffing (Optum), Sue Perkins (Optum), Cat Goodfellow (Optum)
    Security leaders are increasingly basing their decisions on metrics to justify spending, quantifying risk, and demonstrating value to the executive suite. This panel of leaders will discuss how they are awash in dashboards, charts, and KPIs of little to no value and what they’ve done to develop contextual, impactful, actionable metrics.
  • [Earn CPE] Automating GRC to Increase Business Value Feb 13 2020 6:00 pm UTC 75 mins
    Matt Kunkel, LogicGate; James Rice, Greenlight Technologies; Scott Brigden, OneTrust; and Allan Liska, Recorded Future.
    GRC is neither a project nor a technology, but a corporate objective for improving governance through more-effective compliance and a better understanding of the impact of risk on business performance. GRC can vary dramatically depending on the businesses vertical market, and even further complexity can be found from one business unit to another. This complexity drives the need for different, highly specialized tools, which raises a huge set of cost, integration, and management issues.

    To address this challenge, many businesses are opting for an automated GRC (eGRC) solution, which aims to resolve the challenges associated with scattered and disconnected operational security processes through the centralization of data, alignment of processes and workflows, and clear enterprise-level visibility with trend and analysis metrics and reporting. The benefits of Automating GRC are substantial when businesses have a mature GRC program in place. Attend this expert CPE webinar to gain insights on:

    - Understanding the GRC Business Drivers.
    - Defining Your GRC Strategy.
    - Developing a GRC Roadmap that is aligned with the Mission, Value, and Strategic Agenda of Your Business.
    - Getting Leadership Support and Enabling Cross-Departmental Collaboration.
  • CCPA Compliance Beyond Deadline Day Jan 28 2020 7:00 pm UTC 60 mins
    Guy Cohen | Lisa Hawke | Joanne Furtsch | Laura Koulet
    On January 1st 2020, the California Consumer Privacy Act (CCPA) is going into effect. Are you familiar with the CCPA's privacy requirements? Is your organization ready for the most far-reaching data privacy regulation in the U.S. to date? 
    Join this panel of privacy experts for an interactive Q&A session to learn more about how CCPA will impact your organization, as well as dive into the main differences between CCPA and GDPR.
    - The CCPA privacy requirements- CCPA checklist beyond deadline day
    - Data mapping: how and why it is important for CCPA and GDPR
    - Data Subject Access Requests 
    - Other key similarities and differences between GDPR vs. CCPA
    - The future of privacy and compliance in 2020 and beyond

    Speakers:
    - Guy Cohen, Strategy and Policy Lead, Privitar
    - Lisa Hawke, VP Security and Compliance, Everlaw
    - Joanne Furtsch, Director, Deputy Data Governance Officer, TrustArc
    - Laura Koulet, Vice President, Head of Legal & Privacy, Tapad
  • The Emerging PCI DSS and NIST Standards Jan 28 2020 4:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    The Payment Card Industry Data Security Standard (PCI DSS) and the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework share the common goal of enhancing data security. This session maps PCI DSS to the NIST Framework and discuss how to align security efforts to meet objectives in both PCI DSS and the NIST Framework.

    PCI DSS is focused on the unique security threats and risks present in the payments industry

    The NIST Framework provides an overarching security and risk-management structure with security Functions, Categories, and Subcategories of actions. These Subcategories reference globally recognized standards for cybersecurity.

    Both PCI DSS and the NIST Framework are solid security approaches that address common security goals and principles as relevant to specific risks.

    We will discuss how the NIST Framework identifies general security outcomes and activities, and how PCI DSS provides specific direction and guidance on how to meet security outcomes for payment environments.

    This session will also discuss the interesting attribute based access control (ABAC) as a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes. This session also provides considerations for using ABAC to improve information sharing within organizations and between organizations while maintaining control of that information.
  • [Earn CPE] Cornerstones to Fortify Your Enterprise Cybersecurity Defense Jan 23 2020 6:00 pm UTC 75 mins
    Panelists: Dr. Anton Chuvakin, Google Cloud; with Sumedh Thakar, Qualys; Roger Grimes, KnowBe4; and Vivian Tero, Illumio.
    The enterprise cybersecurity landscape is dramatically expanding in scale and complexity, and cyberattacks are growing in magnitude and impact as digital transformation increases on a global scale. From phishing scams, to ransomware attacks, to malicious breaches from state actors, the potential threat to your business is huge. According to the Ponemon Institute, the average per breach cost to a company in 2018 was estimated at $3.86 million, an increase of 6.4 percent over the previous year.

    Even though cybersecurity presents a challenge to the enterprise, you are not helpless against the bad actors who seek to cause real and costly damage to your business. A proactive, company-wide, integrated digital security strategy that addresses cybersecurity threats at all levels of your business will provide you with both the offensive and defensive capabilities you need to handle whatever comes your way. Earn 1 CPE credit by attending this educational and interactive panel webinar. Our experts will discuss why fortifying your cybersecurity strategy should be a critical priority and highlight some best practices that you can employ to stay ahead of evolving threats, including how to;

    - Understand the changing cyberattack landscape,
    - Create a company-wide cybersecurity task force,
    - Evaluate your security budget against your threat level,
    - Fortify your cybersecurity defense with systems hardening, adaptive authentication, and endpoint protection.
  • Balancing Data Privacy & Security in 2020 Recorded: Jan 21 2020 58 mins
    Dr. Christopher Pierson | Shahrokh Shahidzadeh | Michelle Drolet | George Wrenn
    How has the compliance landscape changed in 2020? Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - CCPA is now in effect and what this means for you
    - The main differences between GDPR and CCPA
    - Best tools, practices, required policies and cultural game changers for commercial and government environments
    - Other data regulations on the horizon
    - Recommendations for 2020

    Speakers:
    - Dr. Christopher Pierson, CEO & Founder, BLACKCLOAK
    - Shahrokh Shahidzadeh, CEO, Acceptto
    - Michelle Drolet, CEO, Towerwall
    - George Wrenn, CEO & Founder, CyberSaint Security

    This Q&A panel is part of Privacy Month.
  • PCI Dream Team: Ask Us Your Toughest Questions [Part 8] Recorded: Jan 14 2020 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    The PCI Dream Team is back for another interactive Q&A session.

    Join us with your toughest questions and learn more about the various Payment Card Industry (PCI) standards and requirements, with a focus on PCI DSS v4.0.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    Speakers:
    - Ben Rothke, Senior Information Security Specialist at Tapad
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Senior Consultant with Online Business Systems
    - Arthur Cooper "Coop", Senior Security Consultant at NuArx
  • [Earn CPE] Critical Steps to Manage CCPA Compliance and Risk in 2020 Recorded: Dec 17 2019 78 mins
    Panelists: K Royal, TrustArc; Ilia Sotnikov, Netwrix, Dr. Else van der Berg, Datawallet; and Harold Byun, Baffle.
    The California Consumer Privacy Act of 2018 (CCPA) is arguably the most expansive privacy law in U.S. history and will become enforceable in just a matter of months. The CCPA introduces new privacy rights for consumers and will force companies that conduct business in the State of California to implement structural changes to their privacy programs.

    The new rights given to California consumers are similar to the rights provided in the European Union’s General Data Protection Regulation (GDPR). The CCPA also subjects non-compliant businesses to expensive fines, class-action lawsuits, and injunctions.

    On this webinar, we will examine the impact of the CCPA, answer your burning questions, uncover the CCPA’s nuances, and address its ambiguities and challenges. We will also include strategies for creating compliance programs in the midst of the unknowns, and a strategic action plan for businesses to become compliant.

    Learning objectives are to gain insights on:

    - Understanding the nuances, ambiguities and challenges of the CCPA;
    - Creating compliance programs in the midst of the unknowns;
    - Developing a strategic action plan to become CCPA compliant;
    - How to avoid expensive fines, class-action lawsuits, and injunctions;
    - Getting ahead of the curve and enabling your business with alternate data sharing and privacy preserving techniques.
Trends, developments, and technology
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Determining Cloud Strategy within IT GRC
  • Live at: Oct 13 2011 9:00 am
  • Presented by: Andy Burton, Chairman, Cloud Industry Forum
  • From:
Your email has been sent.
or close