Name: Third-Party Risk Management Best Practices
Start: 2021-11-10T22:16:00Z
End: 2021-11-10T22:16:30.000Z
Location: BrightTALK
Rating: 0

Over the past two decades, we have become the leading experts in critical access management for highly regulated enterprise organizations, technology vendors, healthcare providers, and more. Organizations of varying industries and needs continue to depend on SecureLink to secure access to their critical systems, data, IT and OT infrastructure, regulated information, and networks. Our value is more than world-class products — it’s our partnerships with every organization we work with. We understand technology, security, industries, and the vast cyber threats our customers face. We’re here to stand beside them and keep them secure.

According to the IBM Cost of a Data Breach Report, the average cost of a data breach is $4.24 million - and that cost increases by $370,000 when it’s caused by a third-party. 

Third-party remote access is the single-most dangerous vector to organizations. In this webinar, Ashley Guerra and Kylie Ruiz, SecureLink Product Managers, will walk through the vast costs associated with failing to secure third-party access and how organizations are losing money by not re-evaluating how they’re protecting their critical systems. Learn more about:

- The current costs of a data breach caused by third parties
- How current “band aid” solutions are costly and don’t offer adequate security
- What you can do to standardize critical third-party access in your organization

How To Make Your Budget Cover a Million Dollar Hack

Cyber attacks from nation-state actors and their proxies are on the rise. Many of these attackers seek a broader scale to do more damage than simply defacing a website with embarrassing propaganda or by causing a temporary internet outage with a DDOS attack. These hackers often have significant backing and resources from their nation-state sponsors, officially or unofficially. Increasingly, they are targeting key infrastructures such as power utilities, financial networks, hospitals, healthcare organizations, and state and local governments. A popular tactic is to come in through vendors or managed service providers where they can leverage one successful hack to access dozens of entities. This makes proper vendor and third-party risk management more important than ever.

Download our webinar, “Protect Yourself from Cyberattacks Through Proper Third-Party Risk Management” where we discussed the threats, methods and attack vectors that hackers are using, with recent examples followed by best practice areas to focus on in order to secure your organization from these types of cyberattacks.

Prevent Cyberattacks: Third-Party Risk Management

With threats from every vector and an increasingly complex regulatory and privacy landscape, it can be difficult for organizations to stay informed and up to date with the ever changing trends. However, ensuring your organization has the most relevant and updated strategies, techniques, and tools to strengthen your security posture and protect against cyber attacks is a necessity.

Watch this webinar hosted by SecureLink’s Product Marketing Managers Kylie Ruiz and Ashley Guerra as they discuss two of the top cyber security trends of 2022, and how you can utilize them to strengthen your organization’s cybersecurity. Specifically, they will:

- Review the current state of the industry and leading trends
- Deep dive into the concept of Cybersecurity Mesh with the key insights you need to know
- Unpack the Adaptive Security model and help you understand how this security model can benefit your organization

Top Trends of 2022: Cybersecurity Mesh and Adaptive Security

According to a recent report from Sophos, the average total cost of recovery from a ransomware attack in 2021 was $1.85 million, which more than doubled from 2020. With more organizations expanding their remote work access, the cost of PII and sensitive data fetching record prices on the dark web, and increasingly complex networks and infrastructure to secure, it’s no wonder those numbers keep climbing.

Join SecureLink’s Product Marketing Managers Kylie Ruiz and Ashley Guerra as they dig into the increasing trend of ransomware attacks, especially those targeting high-value industries such as healthcare and critical infrastructure, and share how to prepare and defend yourself against them to protect your organization.

- Take a deep dive into some of the major recent ransomware attacks
- Discover some of the key reasons organizations are targeted, and where the key points of vulnerability are
- Learn about how to defend your critical systems and valuable data against future attacks

How To Protect Your Organization Against A Ransomware Attack

Digital transformation is taking over many industries — transforming the way previously analog, brick-and-mortar organizations operate. As this transformation matures across various parts of organizations, cybersecurity is often left behind. This creates serious cybersecurity gaps, as the technologies and architecture aren’t equipped to work with the new, digitally-focused systems. Not to mention that hacks are sophisticating and evolving rapidly.

Join us for our webinar on June 21st at 12 PM CT where Ashley Guerra, SecureLink’s Product Marketing Manager, will walk you through:

- What the digital transformation lifecycle looks like
- Lessons learned those who excluded security as a part of digital transformation
- Emerging technologies and the critical security factors to address as you implement new strategies and digital operations
- Tangible ways to implement security into your digital transformation strategy

The digital transformation is here: Is your cybersecurity transforming too?

Most manufacturing entities are becoming “smart” and joining the industrial revolution 4.0, whether they want to or not. The major shift to remote access, cloud servers, and a massive influx of IoT has left manufacturers’ cybersecurity architecture outdated and vulnerable. This gap creates a major risk – the risk of a third-party related hack. Third parties are multiplying within organizations to fill digital, remote needs, and every third-party access point carries the threat of a cyberattack. Third parties are often granted too much access and are not properly managed, and in an industry that is still finding their footing in a digital world while struggling to keep IT talent, the vulnerabilities are growing.

Join SecureLink’s Director of Sales Engineering, Russell Dowdell to better understand:

- How manufacturing is transforming.
- Why smart factories need equally smart security strategies.
- How organizations can implement better third-party security and access management.

Why the Rise of Smart Factories Facilitates Better Third-Party Security

Different identities have different access and security requirements, and organizations are struggling to manage all of them. Internal privileged users, third parties, and typical employees all contain different workflows, access requirements and zones within an organization's access architecture. Man-to-man coverage is impossible, and too many users are slipping through traditional defenses.

Instead of relying on traditional, outdated methods, organizations need to consider and understand which processes and technologies work for what zone in their identity and access landscape. Third-party remote access, PAM software, identity governance and other access software need to be collaborative and agile, working together to cover every zone.

Join our webinar on July 14th at 12 PM CT where Rob Palermo, Senior Vice President of Product & Solutions Marketing, will discuss the right coverage model for each zone, as well as best practices for closing gaps between those zones which often result in access vulnerabilities or a drain on productivity.

Why You Need To Look At Access Security Architecture Like Zone Coverage

Zero trust network access (ZTNA) is the foundation of modern security design. The principle of ZTNA is simple: Don’t trust anyone, and explicitly grant user access to limit the amount of exposure to sensitive systems and reduce the footprint of a data breach.

While powerful, zero trust network access security benefits are weakened as access rights grow and become stale. As employees change roles and leave an organization, sensitive applications are unnecessarily at risk if the ZTNA rules are not updated. Some organizations leverage various user access review processes for zero trust network access management, but often those processes are slow, laborious, and inaccurate.

Join us for a live webinar on August 26th at 12 pm CT where we will discuss:
• Current best practices of ZTNA architecture and design
• Pitfalls of “access creep” and out-of-date user access rules
• Methods to optimize zero trust network access designs with efficient user access reviews

Closing-The-Loop on Zero Trust Network Access

Internet-connected devices have been growing exponentially in our home and enterprise IT for years. And the healthcare industry has something that no one else has: IoT devices that are also connected to human beings that provide the monitoring, diagnostics, and even infusion of drugs. This talk will discuss the various areas that IoT has infiltrated healthcare IT and different mitigation strategies for each.

To learn more, watch the webinar where we will discuss these topics.

The Internet of Things: A Pervasive Life and Death Cyberthreat for Healthcare

Every organization understands the importance of securing its most critical assets. These are the systems, applications, and data that are critical to the core functions of the organization, or where malicious access could result in devastating consequences. Unfortunately, breaches and critical downtime events continue to rise due to mismanagement and continued vulnerabilities to these assets. 

Register for our webinar on October 28th at 12pm CT where we'll discuss strategies to finally close the gaps, including:

- The three pillars of critical access management: access governance, control, and monitoring
- Common challenges organizations face, such as securing third-party access and monitoring access to high volume open systems
- Best practices and practical steps to secure access to critical assets, including how to utilize machine learning in your critical access management strategy

How to Implement Critical Access Management

No organization is an island unto itself. With valuable information (including credentials and PII) fetching for high prices on the dark web, an array of third-party points of access, and many organizations needing to meet regulatory requirements, staying safe and compliant can quickly become complicated.

Join SecureLink’s Product Marketing Managers Kylie Ruiz and Ashley Guerra as they look at the trends around data privacy, and increasing privacy regulation. Learn how to level up your enterprise security with best practices including user access reviews, credential vaulting, session monitoring, and more.

- Take a deep dive into some of the major hacks of today
- Look at where regulations and attacks are headed with respect to valued information
- Learn how to build an effective and strong decentralized security architecture that protects from threats that are coming from every direction

How To Proactively Protect Valuable Information

With 51% of organizations reporting a third-party breach and supply chain hacks regularly making headlines, it's clear that hackers’ focus on third-party targets is here to stay. Trends show that both the number of third-party breaches and their organizational impact will only increase in 2022.

In this webinar SecureLink’s Product Marketing Managers Kylie Ruiz and Ashley Guerra will dig into the trend of targeting your supply chain to attack your organization, and share how to proactively prepare and secure yourself against them. 

- Take a deep dive into some of the major recent supply chain attacks
- Discover some of the key vulnerabilities associated with your third parties
- Learn how to secure your critical systems and data by minimizing your third-party risks

How To Prepare By Securing Your Third-Party Risks

Modern critical systems store immense amounts of sensitive information, from protected health information to financial data to sales leads. Organizations trust that their employees will utilize this information appropriately, but unfortunately, there are numerous examples where employees abuse their access privileges for malicious acts,
insider trading, or snooping.

To combat this risk, security and privacy officers deploy access monitoring systems to detect potential inappropriate or high-risk accesses. Over the last two decades, these monitoring systems have seen substantial changes in their methods and approaches.

In this webinar our Chief Data Scientist, Daniel Fabbri, will discuss critical access monitoring systems including: regular expressions, rules, high-risk flags, anomaly detection methods, statistical outlier methods, and context-based approaches. At the end of the webinar, you will have an understanding of:

- The history of critical access monitoring systems
- Pros and cons of each approach
- How you can adapt your monitoring program to mitigate organization-specific
risks

Critical Access Monitoring: How It’s Evolved and Why You Need It

Do you feel like you need to compromise adherence to industry regulations when dealing with vendors or business associates? You shouldn’t. It doesn’t matter how many third parties need network access, you can achieve compliance without compromise.

In this webinar, find out how highly regulated organizations can achieve compliance without sacrifice.

Learn how to:

- Ensure third-party vendor accountability
- Eliminate security risks like shared logins or ad hoc support methods
- Streamline remote access provisioning and decrease time to resolution

Remote Access: Compliance Without Compromise

Data privacy and security are regularly cited as a top challenge for healthcare organizations. This on-demand webinar highlights the importance of developing a comprehensive identity and access management (IAM) program that supports privacy, security, and compliance.

Topics included in this webinar:

- Practical approaches for improving your IAM program
- Why third-party remote access is an essential, but often overlooked, part of a holistic IAM strategy
- How continually evolving IAM programs can help achieve compliance with regulations in healthcare

Support Privacy & Compliance by Improving Your IAM

Third Party Risk Management (TPRM) is quickly becoming an actualized discipline with formal standards, certified professionals, and increased requirements from industry regulators. In this webinar, we will examine the key concepts behind TPRM and why it is such an important part of any information security and compliance program. We will also provide a set of third-party risk management best practices based on Identity, Control, and Audit that will make your TPRM program a success.

To learn more, download the webinar where we will discuss these topics including:

- The exponential growth of third party risk due to the pandemic, increased outsourcing, and new tactics and attack vectors by serious cybercrime organizations
- An overview of the principles of TPRM and its importance for security and compliance
- Action items for implementing and managing a TPRM program

Third-Party Risk Management Best Practices

Risk Management

Privileged Access Management

Data Breach

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Third-Party Risk Management Best Practices

Presented by

About this talk

More from this channel