Hi [[ session.user.profile.firstName ]]

Hackers and Auditors: A Common Threat

Compliance and information security have had a tumultuous relationship. Sometimes they get along; sometimes they don't. Organizations often combine them under the CISO, but provide dotted line reporting elsewhere for compliance. Compliance might partner with internal audit or have its own C-level position. All of this variation isn't really necessary. Compliance and Risk Management can be successfully combined under the practice of Security Performance Management.

During this webinar we will discuss how:
•Compliance behaves like more traditional information security threat.
•Compliance can be managed similarly to other information security programs.
•Security Performance Management provides a framework for comprehensive compliance and risk management across the enterprise.
Recorded May 22 2012 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tim Erlin, Director, Product Management, nCircle
Presentation preview: Hackers and Auditors: A Common Threat

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Harmonizing Standards & Controls for Intelligent Risk Governance Dec 17 2020 6:00 pm UTC 75 mins
    Moderated by Colin Whittaker, Founder of Informed Risk Decisions.
    One of the biggest challenges faced by compliance officers, CISOs, and CROs in today’s world is complying with various standards available in the market. Historically, risk management has been a complex subject, and many companies continue to exercise risk oversight in siloed ways that limit the board’s view of risk, leaving management blind not only to certain risks but also to the opportunities that risks present.

    To address risk effectively, risk management must be integrated into day-to-day business practices. An enterprise-level approach to standards and controls harmonization can enable risk intelligence, putting the right risk-related information in the hands of the right people at the right time, while avoiding the common pitfall of capabilities becoming siloed. Attend this CPE accredited webinar to gain insights from our expert panel on the key factors, including how to:

    - Promote an integrated approach to risk management and assurance.
    - Assign risk-related roles and responsibilities.
    - Define a comprehensive list of controls to implement.
    - Track the progress of the governance program along a Risk Intelligence maturity model.
  • [Earn CPE] Executive Tips to Present Cybersecurity to the Board Nov 19 2020 6:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
  • [Earn CPE] A Third-Party Risk Management Masterclass Sep 24 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
  • [Earn CPE] Executive Tips to Modernize Your Compliance Program Aug 27 2020 5:00 pm UTC 75 mins
    Under the weight of new and changing regulations around the world, many organizations struggle to achieve compliance. They often lack a holistic view of their compliance profile and face increasing challenges due to digital transformation. Chief Compliance Officers who take a top-down approach are often met with resistance, but a successful program requires management to actively participate, not just sign off.  

    Organizations can no longer afford to apply check-the-box approaches to compliance. Executive management must take a variety of actions to demonstrate leadership and commitment to the company’s compliance management program. On this CPE accredited webinar our panel of experts will discuss the current compliance landscape and challenges facing today's organizations, and they will address best practices to modernize your compliance program, including how to:

    - Use a risk-based approach to meet regulatory demands.
    - Employ digital transformation in the management of compliance obligations.
    - Understand the impacts of regulatory changes and minimize resource-intensive manual processes.
    - Get buy-in from other departments and create a working group of stakeholders to develop and improve your compliance program.
  • [Earn CPE] Implementing a Global Privacy Framework for End-to-End Compliance Jul 30 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    GDPR is a global phenomenon because as we all know, it applies not only to organisations located within the European Union (EU) but also to those outside of it, if they market to or monitor EU data subjects. It has set a benchmark that non-EU regulators are increasingly willing to match or even exceed, with emerging legislation such as The California Consumer Privacy Act and India’s Draft Data Protection Bill enacted.

    For many organisations, implementation was less challenging than they feared, as a lot of the building blocks for the CCPA were already in place after GDPR implementation. However, the bigger picture is that many issues are not yet fully resolved. The detail surrounding the data organisations hold (whose it is, why it is being held, and how it is being managed)- not just across IT systems but also devices, messaging services, social media and more – is often not yet clear. The way that the GDPR bumps up against existing laws is also not fully resolved. Just one example is data retention, where other laws require data to be kept for longer than the GDPR demands.

    Add to that the varying business imperatives, regional differences, and legal perspectives that impact on data privacy and in many ways the journey is just beginning. The positive here is that as these issues are addressed, better privacy models will emerge that not only aid compliance but also boost agility and support business growth. Join this CPE accredited webinar and listen to our expert panel discuss how to implement a global privacy framework for end-to-end-compliance, including how to:

    - Better align global privacy data regulations,
    - Enable business agility by forstering greater interplay between CIOs, CTOs, DPOs and CEOs,
    - Create successful privacy frameworks that are globally aligned, and locally deployed.
  • [Earn CPE] Automated Integrations for Third-Party Risk Management Jun 25 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
  • Data Privacy in 2020 and Beyond Jun 17 2020 3:00 pm UTC 60 mins
    Panelists TBA
    Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - What's new on the data privacy and compliance landscape
    - Main differences between data regulations around the world and what this means for your organization
    - Expert recommendations regarding best tools and practices for achieving and maintaining compliance
    - The future of data privacy
    - What to expect in 2020 and beyond
  • Earn CPE| Privileged Access Management: What You Need to Know for Data Security May 21 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. Panelists: Thycotic, Greenlight Technologies, Netwrix
    Whether your organization is just getting started with a Privileged Access Management (PAM) program, or you are focused on implementing advanced PAM strategies to align with new digital transformation investments, this CPE accredited education webinar will address what you need to know for data security.

    Our panel of experts will outline the key challenges and offer some clear recommendations that emphasize the critical role of people, processes and technology in effectively mitigating PAM risk and making purchase decisions, including:

    - Tracking and Securing Every Privileged Account.
    - Governing and Controlling Access.
    - Recording and Auditing Privileged Activity.
    - Operationalizing Privileged Tasks.
  • [PANEL] How to Simplify Cyber Risk Management? May 13 2020 3:00 pm UTC 60 mins
    Panelists TBA
    In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?

    Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
    - Risk scoring and security controls
    - How to identify risks for organizations and their third-party vendors
    - How to prevent, detect, and respond to, privacy and network security incidents
    - Best of vulnerability and risk management in a multi-vendor environment
    - Best practices and use cases across industries
  • [Earn CPE] Improving Data Security Performance with Cybersecurity Frameworks Apr 23 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. Panelists from Process Unity and TBC.
    In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of agile cyber security strategies is becoming inevitable to achieve that goal.

    Agile cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. Cybersecurity Frameworks such as NIST can enable organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

    - Getting a clear picture of the current health of your organizations' defenses
    - Defining your security road map using a cybersecurity framework
    - Conducting gap analysis and executing remediation actions
    - Benchmarking performance with security controls and built-in reporting templates that align with the framework.
  • Cyber Breach Fatigue Mar 31 2020 7:00 pm UTC 60 mins
    Rhonda Bricco (UnitedHealth Group), Deb Doffing (Optum), Sue Perkins (Optum), Cat Goodfellow (Optum)
    The stream of near constant data breaches has left consumers desensitized to the news their information was lost or stolen. We’ll discuss issues around complacency both in consumers and enterprises such as how long the customer cares after a breach occurs, whether data loss is as negatively impactful to an organization’s reputation as it used to be, and how breach fatigue benefits hackers.
  • [Earn CPE] How to Get More Visibility into Your Digital Ecosystem Mar 26 2020 5:00 pm UTC 75 mins
    Kelley Vick, Host. With Chris Poulin, Principal Consulting Engineer at BitSight.
    In today's cybersecurity landscape, having continued visibility into your organization’s attack surface is essential to staying ahead of new and evolving threats. But as your digital ecosystem continues to expand, monitoring and mitigating cyber risk become increasingly difficult.

    During this CPE webinar, BitSight’s Chris Poulin, a risk reduction and cybersecurity expert, will take a deep dive into how you can evaluate your current digital risk management efforts, identify gaps, and prioritize improvements.

    Join us on Thursday, March 26, to learn how to:
    ●Validate and manage your digital footprint across various ecosystems
    ●Monitor for indicators of attack, compromise, and abuse
    ●Leverage business context to prioritize remediation efforts and allocate resources
    ●Initiate response plans to mitigate risks
    ●Track and communicate progress with objective data across environments
    ●Use risk intelligence to improve your security posture
  • [Earn CPE] Matching Threat Intelligence & Third-Party Risk for Cyber Security Mar 12 2020 5:00 pm UTC 75 mins
    Panelists: Kelly White, RiskRecon; Jaymin Desai, OneTrust; Allan Liska, Recorded Future; and Todd Boehler, ProcessUnity
    As organizations evolve and become more connected, their reliance on third-party ecosystems continues to grow. While these business relationships undoubtedly add value, they also introduce significant new risk and compliance challenges. The third-party risk management process is complex and involves more stakeholders and data sources than many people may think including: cyber risk information, supply chain, financial, IT, compliance, legal, and privacy risk data. But even with loads of available data, it’s extremely difficult for risk teams to know how to prioritize risk and focus remediation and response efforts without the proper context or processes.

    As a result risk management teams are turning to governance, risk, and compliance (GRC) solutions to help centralize all of this information in order to gain a more holistic view of their third-party ecosystem. Cyber third-party risk data is a critical piece of the puzzle to a holistic third-party risk program within a GRC solution. Having access to a threat-centric view of cyber risk provides risk management teams with real-time insights that enable them to make faster, more confident decisions and effectively manage third-party risk.

    On this CPE accredited webinar our panel of experts will address how to bring threat intelligence into the third-party risk management process and discuss:

    - The importance of holistic risk management and sustainable ongoing monitoring,
    - How to incorporate external content sources and create a centralized data repository for a more holistic view of your vendors,
    - Ways to advance your third-party risk maturity with threat intelligence.
  • CCPA Compliance Beyond Deadline Day Mar 10 2020 3:00 pm UTC 60 mins
    Guy Cohen | Lisa Hawke | Joanne Furtsch | Laura Koulet
    The California Consumer Privacy Act (CCPA) went into effect on January 1st 2020, yet there is still confusion and uncertainty regarding this data regulation, especially for businesses operating in a post-GDPR world.

    Are you familiar with the CCPA's privacy requirements? Is your organization ready for the most far-reaching data privacy regulation in the U.S. to date? 

    Join this panel of privacy experts for an interactive Q&A session to learn more about how CCPA will impact your organization, as well as dive into the main differences between CCPA and GDPR.
    - The CCPA privacy requirements- CCPA checklist beyond deadline day
    - Data mapping: how and why it is important for CCPA and GDPR
    - Data Subject Access Requests 
    - Other key similarities and differences between GDPR vs. CCPA
    - The future of privacy and compliance in 2020 and beyond

    - Guy Cohen, Strategy and Policy Lead, Privitar
    - Lisa Hawke, VP Security and Compliance, Everlaw
    - Joanne Furtsch, Director, Deputy Data Governance Officer, TrustArc
    - Laura Koulet, Vice President, Head of Legal & Privacy, Tapad
  • Good vs Bad Metrics Recorded: Feb 18 2020 31 mins
    Rhonda Bricco (UnitedHealth Group), Deb Doffing (Optum), Sue Perkins (Optum), Cat Goodfellow (Optum)
    Security leaders are increasingly basing their decisions on metrics to justify spending, quantifying risk, and demonstrating value to the executive suite. This panel of leaders will discuss how they are awash in dashboards, charts, and KPIs of little to no value and what they’ve done to develop contextual, impactful, actionable metrics.
  • [Earn CPE] Automating GRC to Increase Business Value Recorded: Feb 13 2020 76 mins
    Matt Kunkel, LogicGate; James Rice, Greenlight Technologies; Scott Bridgen, OneTrust; and Allan Liska, Recorded Future.
    GRC is neither a project nor a technology, but a corporate objective for improving governance through more-effective compliance and a better understanding of the impact of risk on business performance. GRC can vary dramatically depending on the businesses vertical market, and even further complexity can be found from one business unit to another. This complexity drives the need for different, highly specialized tools, which raises a huge set of cost, integration, and management issues.

    To address this challenge, many businesses are opting for an automated GRC (eGRC) solution, which aims to resolve the challenges associated with scattered and disconnected operational security processes through the centralization of data, alignment of processes and workflows, and clear enterprise-level visibility with trend and analysis metrics and reporting. The benefits of Automating GRC are substantial when businesses have a mature GRC program in place. Attend this expert CPE webinar to gain insights on:

    - Understanding the GRC Business Drivers.
    - Defining Your GRC Strategy.
    - Developing a GRC Roadmap that is aligned with the Mission, Value, and Strategic Agenda of Your Business.
    - Getting Leadership Support and Enabling Cross-Departmental Collaboration.
  • How Private is My Healthcare Data? Surprise! Recorded: Jan 28 2020 59 mins
    Debra Baker | Ellie Daw | Michelle Finneran Dennedy | Karen Schnell | Anna Kirkland Smith
    Join well-known women in privacy and cybersecurity for an exclusive keynote panel on ransomware and IoT threats to healthcare data, and steps to take in 2020 to better secure it.

    Viewers will also learn about Google’s Project Nightingale, as well as have the opportunity to ask questions during the live webinar.

    - Debra Baker, CISSP CCSP, Host and Technical Program Manager at RedSeal
    - Ellie Daw, Research Scientist at Crimson Vista, Inc.
    - Michelle Finneran Dennedy, CEO at DrumWave
    - Karen Schnell, Cybersecurity Business Architect and Adjunct Professor in Computer Science
    - Anna Kirkland Smith, Data Scientist, MetLife

    This keynote panel is part of International Data Privacy Day 2020 and will be available Live on January 28th, as well as an on-demand.

    Data Privacy Day is an international effort to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.
  • The Emerging PCI DSS and NIST Standards Recorded: Jan 28 2020 61 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    The Payment Card Industry Data Security Standard (PCI DSS) and the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework share the common goal of enhancing data security. This session maps PCI DSS to the NIST Framework and discuss how to align security efforts to meet objectives in both PCI DSS and the NIST Framework.

    PCI DSS is focused on the unique security threats and risks present in the payments industry

    The NIST Framework provides an overarching security and risk-management structure with security Functions, Categories, and Subcategories of actions. These Subcategories reference globally recognized standards for cybersecurity.

    Both PCI DSS and the NIST Framework are solid security approaches that address common security goals and principles as relevant to specific risks.

    We will discuss how the NIST Framework identifies general security outcomes and activities, and how PCI DSS provides specific direction and guidance on how to meet security outcomes for payment environments.

    This session will also discuss the interesting attribute based access control (ABAC) as a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes. This session also provides considerations for using ABAC to improve information sharing within organizations and between organizations while maintaining control of that information.
  • [Earn CPE] Cornerstones to Fortify Your Enterprise Cybersecurity Defense Recorded: Jan 23 2020 77 mins
    Panelists: Dr. Anton Chuvakin, Google Cloud; with Sumedh Thakar, Qualys; Roger Grimes, KnowBe4; and Vivian Tero, Illumio.
    The enterprise cybersecurity landscape is dramatically expanding in scale and complexity, and cyberattacks are growing in magnitude and impact as digital transformation increases on a global scale. From phishing scams, to ransomware attacks, to malicious breaches from state actors, the potential threat to your business is huge. According to the Ponemon Institute, the average per breach cost to a company in 2018 was estimated at $3.86 million, an increase of 6.4 percent over the previous year.

    Even though cybersecurity presents a challenge to the enterprise, you are not helpless against the bad actors who seek to cause real and costly damage to your business. A proactive, company-wide, integrated digital security strategy that addresses cybersecurity threats at all levels of your business will provide you with both the offensive and defensive capabilities you need to handle whatever comes your way. Earn 1 CPE credit by attending this educational and interactive panel webinar. Our experts will discuss why fortifying your cybersecurity strategy should be a critical priority and highlight some best practices that you can employ to stay ahead of evolving threats, including how to;

    - Understand the changing cyberattack landscape,
    - Create a company-wide cybersecurity task force,
    - Evaluate your security budget against your threat level,
    - Fortify your cybersecurity defense with systems hardening, adaptive authentication, and endpoint protection.
Trends, developments, and technology
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Hackers and Auditors: A Common Threat
  • Live at: May 22 2012 1:00 pm
  • Presented by: Tim Erlin, Director, Product Management, nCircle
  • From:
Your email has been sent.
or close