Hi [[ session.user.profile.firstName ]]

Cost-Based Risk Ownership & Mitigation

Coming soon...
Recorded Jan 26 2010 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Gary Hicks, IT Forensic Expert Witness, Keppe & Partners
Presentation preview: Cost-Based Risk Ownership & Mitigation

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [Earn CPE] Automate Your Third-Party Risk Management Program Jun 25 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    TBC
  • Earn CPE| Privileged Account Management: What You Need to Know for Data Security May 21 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. Panelists: Thychotic and TBC
    TBC
  • [PANEL] How to Simplify Cyber Risk Management? May 13 2020 3:00 pm UTC 60 mins
    Panelists TBA
    In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?

    Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
    - Risk scoring and security controls
    - How to identify risks for organizations and their third-party vendors
    - How to prevent, detect, and respond to, privacy and network security incidents
    - Best of vulnerability and risk management in a multi-vendor environment
    - Best practices and use cases across industries
  • [Earn CPE] A CCPA Vs GDPR Comparison Guide for CCPA Readiness Apr 30 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    The groundbreaking California Consumer Privacy Act has been nicknamed California's GDPR, referring to the European Union's comprehensive data protection law that took effect in May 2018, just one month before the CCPA was passed. The CCPA, which comes into effect in January 2020, creates sweeping new rights for Californians and onerous transparency and other obligations for businesses handling their information.

    Businesses that have undertaken GDPR compliance will have an advantage in addressing CCPA, but those efforts alone won't suffice. The two laws share some key components, yet present crucial differences. On this webinar we aim to assist organizations in understanding and comparing the relevant provisions of the GDPR and the CCPA, to clarify and what they mean for your privacy operations, and ensure compliance with both pieces of legislation. You’ll learn:

    - Differences in the scope of application,
    - The nature and extent of collection limitations,
    - The rules concerning accountability,
    - Key differences so you don’t miss important requirements or “over-comply” by giving consumers wider scope of information than required.
  • [Earn CPE] Implementing a NIST Framework for Agile GRC Apr 9 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. With LogicGate
    In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of agile cyber security strategies is becoming inevitable to achieve that goal.

    Agile cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. The NIST Cybersecurity Framework enables organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

    - Getting a clear picture of the current health of your organizations' defenses
    - Defining your security road map using NIST CSF as a framework
    - Conducting gap analysis and executing remediation actions
    - Mapping the NIST CSF with security controls and built-in reporting templates that align with the framework.
  • Cyber Breach Fatigue Mar 31 2020 7:00 pm UTC 30 mins
    Rhonda Bricco (UnitedHealth Group), Mary Diner (Optum), Deb Doffing (Optum), Sue Perkins (Optum), Cat Goodfellow (Optum)
    The stream of near constant data breaches has left consumers desensitized to the news their information was lost or stolen. We’ll discuss issues around complacency both in consumers and enterprises such as how long the customer cares after a breach occurs, whether data loss is as negatively impactful to an organization’s reputation as it used to be, and how breach fatigue benefits hackers.
  • [Earn CPE] Matching Threat Intelligence & Third-Party Risk for Cyber Security Mar 12 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. With speakers from RiskRecon and Recorded Future.
    As organizations evolve and become more connected, their reliance on third-party ecosystems continues to grow. While these business relationships undoubtedly add value, they also introduce significant new risk and compliance challenges. The third-party risk management process is complex and involves more stakeholders and data sources than many people may think including: cyber risk information, supply chain, financial, IT, compliance, legal, and privacy risk data. But even with loads of available data, it’s extremely difficult for risk teams to know how to prioritize risk and focus remediation and response efforts without the proper context or processes.

    As a result risk management teams are turning to governance, risk, and compliance (GRC) solutions to help centralize all of this information in order to gain a more holistic view of their third-party ecosystem. Cyber third-party risk data is a critical piece of the puzzle to a holistic third-party risk program within a GRC solution. Having access to a threat-centric view of cyber risk provides risk management teams with real-time insights that enable them to make faster, more confident decisions and effectively manage third-party risk.

    On this CPE accredited webinar our panel of experts will address how to bring threat intelligence into the third-party risk management process and discuss:

    - The importance of holistic risk management and sustainable ongoing monitoring,
    - How to incorporate external content sources and create a centralized data repository for a more holistic view of your vendors,
    - Ways to advance your third-party risk maturity with threat intelligence.
  • Good vs Bad Metrics Feb 18 2020 8:00 pm UTC 30 mins
    Rhonda Bricco (UnitedHealth Group), Mary Diner (Optum), Deb Doffing (Optum), Sue Perkins (Optum), Cat Goodfellow (Optum)
    Security leaders are increasingly basing their decisions on metrics to justify spending, quantifying risk, and demonstrating value to the executive suite. This panel of leaders will discuss how they are awash in dashboards, charts, and KPIs of little to no value and what they’ve done to develop contextual, impactful, actionable metrics.
  • [Earn CPE] Automating GRC to Increase Business Value Feb 13 2020 6:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions. With speakers from LogicGate and Recorded Future.
    GRC is neither a project nor a technology, but a corporate objective for improving governance through more-effective compliance and a better understanding of the impact of risk on business performance. GRC can vary dramatically depending on the businesses vertical market, and even further complexity can be found from one business unit to another. This complexity drives the need for different, highly specialized tools, which raises a huge set of cost, integration, and management issues.

    To address this challenge, many businesses are opting for an automated GRC (eGRC) solution, which aims to resolve the challenges associated with scattered and disconnected operational security processes through the centralization of data, alignment of processes and workflows, and clear enterprise-level visibility with trend and analysis metrics and reporting. The benefits of Automating GRC are substantial when businesses have a mature GRC program in place. Attend this expert CPE webinar to gain insights on:'

    - Understanding the GRC Business Drivers.
    - Defining Your GRC Strategy.
    - Developing a GRC Roadmap that is aligned with the Mission, Value, and Strategic Agenda of Your Business.
    - Getting Leadership Support and Enabling Cross-Departmental Collaboration.
  • The Emerging PCI DSS and NIST Standards Jan 28 2020 4:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    The Payment Card Industry Data Security Standard (PCI DSS) and the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework share the common goal of enhancing data security. This session maps PCI DSS to the NIST Framework and discuss how to align security efforts to meet objectives in both PCI DSS and the NIST Framework.

    PCI DSS is focused on the unique security threats and risks present in the payments industry

    The NIST Framework provides an overarching security and risk-management structure with security Functions, Categories, and Subcategories of actions. These Subcategories reference globally recognized standards for cybersecurity.

    Both PCI DSS and the NIST Framework are solid security approaches that address common security goals and principles as relevant to specific risks.

    We will discuss how the NIST Framework identifies general security outcomes and activities, and how PCI DSS provides specific direction and guidance on how to meet security outcomes for payment environments.

    This session will also discuss the interesting attribute based access control (ABAC) as a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes. This session also provides considerations for using ABAC to improve information sharing within organizations and between organizations while maintaining control of that information.
  • [Earn CPE] Cornerstones to Fortify Your Enterprise Cybersecurity Defense Jan 23 2020 6:00 pm UTC 75 mins
    Panelists: Dr. Anton Chuvakin, Google Cloud; with Sumedh Thakar, Qualys, and speakers from Illumio, and KnowBe4.
    The enterprise cybersecurity landscape is dramatically expanding in scale and complexity, and cyberattacks are growing in magnitude and impact as digital transformation increases on a global scale. From phishing scams, to ransomware attacks, to malicious breaches from state actors, the potential threat to your business is huge. According to the Ponemon Institute, the average per breach cost to a company in 2018 was estimated at $3.86 million, an increase of 6.4 percent over the previous year.

    Even though cybersecurity presents a challenge to the enterprise, you are not helpless against the bad actors who seek to cause real and costly damage to your business. A proactive, company-wide, integrated digital security strategy that addresses cybersecurity threats at all levels of your business will provide you with both the offensive and defensive capabilities you need to handle whatever comes your way. Earn 1 CPE credit by attending this educational and interactive panel webinar. Our experts will discuss why fortifying your cybersecurity strategy should be a critical priority and highlight some best practices that you can employ to stay ahead of evolving threats, including how to;

    - Understand the changing cyberattack landscape,
    - Create a company-wide cybersecurity task force,
    - Evaluate your security budget against your threat level,
    - Fortify your cybersecurity defense with systems hardening, adaptive authentication, and endpoint protection.
  • Data Privacy in 2020 and Beyond Jan 22 2020 4:00 pm UTC 60 mins
    Panelists TBA
    Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - What's new on the data privacy and compliance landscape
    - Main differences between data regulations around the world and what this means for your organization
    - Expert recommendations regarding best tools and practices for achieving and maintaining compliance
    - The future of data privacy
    - What to expect in 2020 and beyond
  • Balancing Data Privacy & Security in 2020 Jan 21 2020 6:00 pm UTC 60 mins
    Dr. Christopher Pierson | Shahrokh Shahidzadeh | Michelle Drolet | George Wrenn
    How has the compliance landscape changed in 2020? Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - CCPA is now in effect and what this means for you
    - The main differences between GDPR and CCPA
    - Best tools, practices, required policies and cultural game changers for commercial and government environments
    - Other data regulations on the horizon
    - Recommendations for 2020

    Speakers:
    - Dr. Christopher Pierson, CEO & Founder, BLACKCLOAK
    - Shahrokh Shahidzadeh, CEO, Acceptto
    - Michelle Drolet, CEO, Towerwall
    - George Wrenn, CEO & Founder, CyberSaint Security

    This Q&A panel is part of Privacy Month.
  • CCPA Compliance Beyond Deadline Day Jan 21 2020 5:00 pm UTC 60 mins
    Guy Cohen | Lisa Hawke | Joanne Furtsch | Laura Koulet
    On January 1st 2020, the California Consumer Privacy Act (CCPA) is going into effect. Are you familiar with the CCPA's privacy requirements? Is your organization ready for the most far-reaching data privacy regulation in the U.S. to date? 
    Join this panel of privacy experts for an interactive Q&A session to learn more about how CCPA will impact your organization, as well as dive into the main differences between CCPA and GDPR.
    - The CCPA privacy requirements- CCPA checklist beyond deadline day
    - Data mapping: how and why it is important for CCPA and GDPR
    - Data Subject Access Requests 
    - Other key similarities and differences between GDPR vs. CCPA
    - The future of privacy and compliance in 2020 and beyond

    Speakers:
    - Guy Cohen, Strategy and Policy Lead, Privitar
    - Lisa Hawke, VP Security and Compliance, Everlaw
    - Joanne Furtsch, Director, Deputy Data Governance Officer, TrustArc
    - Laura Koulet, Vice President, Head of Legal & Privacy, Tapad
  • PCI Dream Team: Ask Us Your Toughest Questions [Part 8] Jan 14 2020 6:00 pm UTC 60 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    The PCI Dream Team is back for another interactive Q&A session.

    Join us with your toughest questions and learn more about the various Payment Card Industry (PCI) standards and requirements, with a focus on PCI DSS v4.0.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    Speakers:
    - Ben Rothke, Senior Information Security Specialist at Tapad
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Senior Consultant with Online Business Systems
    - Arthur Cooper "Coop", Senior Security Consultant at NuArx
  • [Earn CPE] Critical Steps to Manage CCPA Compliance and Risk in 2020 Dec 17 2019 6:00 pm UTC 75 mins
    Panelists: K Royal, TrustArc; Ilia Sotnikov, Netwrix, Dr. Else van der Berg, Datawallet; and Harold Byun, Baffle.
    The California Consumer Privacy Act of 2018 (CCPA) is arguably the most expansive privacy law in U.S. history and will become enforceable in just a matter of months. The CCPA introduces new privacy rights for consumers and will force companies that conduct business in the State of California to implement structural changes to their privacy programs.

    The new rights given to California consumers are similar to the rights provided in the European Union’s General Data Protection Regulation (GDPR). The CCPA also subjects non-compliant businesses to expensive fines, class-action lawsuits, and injunctions.

    On this webinar, we will examine the impact of the CCPA, answer your burning questions, uncover the CCPA’s nuances, and address its ambiguities and challenges. We will also include strategies for creating compliance programs in the midst of the unknowns, and a strategic action plan for businesses to become compliant.
  • Live Video Panel - Data Protection Done Right Recorded: Dec 2 2019 45 mins
    Allan Boardman, ISACA | Richard Agnew, Code42 | Steve Wright, Privacy Culture Ltd | Bill Mew, Mew Era Consulting
    As the number of data privacy laws and regulations increases globally, organizations need to take a proactive approach to data privacy and security, rather than reactive.

    Join this interactive panel of industry experts to learn more about:

    - How to bake privacy and security into your processes
    - Best Practices for achieving regulation compliance
    - How to mitigate risk with data loss protection technologies and solutions
    - Are we closer to a Privacy-and-Security-by-Design reality
    - How to protect your organization from insider threats
    - Recommendations for Improving Data Management and ensuring Data Protection

    Panellists
    Richard Agnew - VP EMEA - Code42
    Steve Wright, CEO and Partner, Privacy Culture Limited
    Bill Mew, Founder and Owner, Mew Era Consulting

    Moderated by Allan Boardman, CGEIT Certification Committee Member, ISACA


    Data Protection, Data Breach, Regulations, Compliance, Proactive Security, Data Privacy Security Strategy, GDPR, Data Governance, IT Security, Breach Prevention, Risk Management
  • Live Video Panel - Creating a Winning Security Strategy for 2020 Recorded: Dec 2 2019 45 mins
    Richard Agnew, Code42 | Ray Ford, GDPR Associates | Rita Bhowan, The Law Society
    Join security experts as they review the past 12 months and discuss security strategies, solutions and tools for success in 2020 and beyond.

    Discussion topics will include:

    - The key factors CISOs should consider for their cybersecurity strategy
    - The current and future threatscape
    - Platform Security for 2020
    - Technological solutions that make CISOs' lives easier
    - How organizations are coping with the shortage of qualified security workforce
    - How CISOs can better communicate their strategy to the board

    Panellists
    Richard Agnew - VP EMEA - Code42
    Ray Ford, Founding DPO, GDPR Associates
    Rita Bhowan, IT Security Manager, The Law Society

    Moderator to be Mark Chaplin, Principal, ISF

    Security Strategy, CISO, Cyber Security, IT Security, Best Practices, Skills shortage, Network Security, Cyber Defence, Breach Prevention, Data Security, Email Security, Vulnerabilities, Cloud Security
  • Ask the Expert - Interview with Richard Agnew - VP EMEA - Code42 Recorded: Dec 2 2019 14 mins
    Paige Bidgood & Richard Agnew, VP EMEA, Code42
    Join this interactive interview with Richard Agnew - VP EMEA - Code42

    Code42 is the leader in data loss protection. Native to the cloud, the Code42 Next-Gen Data Loss Protection solution rapidly detects insider threats, helps satisfy regulatory compliance requirements and speeds incident response – all without lengthy deployments, complex policy management or blocking user productivity. Because the solution collects and indexes every version of every file, it offers total visibility and recovery of data – wherever it lives and moves. Security, IT and compliance professionals can protect endpoint and cloud data from loss, leak and theft while maintaining an open and collaborative culture for employees.

    Richard brings a broad base of sales and management experience to Code42, gained through years leading regional teams within internationally recognised brands such as Veeam, NetApp, and Dell. Outside of work, Richard is an avid cyclist who competes in a number of local organised cycling events.
Trends, developments, and technology
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cost-Based Risk Ownership & Mitigation
  • Live at: Jan 26 2010 1:00 pm
  • Presented by: Gary Hicks, IT Forensic Expert Witness, Keppe & Partners
  • From:
Your email has been sent.
or close