Name: Continuously Monitoring First and Third Parties against the CCM Framework
Start: 2023-01-25T18:00:00Z
End: 2023-01-25T18:00:35.000Z
Location: BrightTALK
Rating: 0

A global leader in cybersecurity ratings, SecurityScorecard's mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

Thousands of organizations leverage our patented rating technology for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. But we don’t stop there. Through a customer-centric, solution-based commitment to our partners, SecurityScorecard is transforming the digital landscape by building a path toward cyber resilience. 

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

Cybersecurity In An Era of Scaling Start-Ups & Data Breaches

Saiba como podemos entender os desafios que envolvem a gestão de riscos de terceiros, que acabam por afetar  e impactar a saúde cibernética de uma organização, atuar sobre estes desafios com inteligência e automatização, criando um processo vivo, inteligente e colaborativo com os terceiros.

Com esta sessão aprenda como:
- criar processos inteligentes de gestão de riscos de terceiros;
- usar uma solução de TPRM para dar visibilidade ao compliance;
- a automatização é a regra do sucesso;
- otimizar seus recurso de tempo, de equipes e financeiros.

Os desafios da gestão de riscos de terceiros

Mastering CVEs with SecurityScorecard’s Vulnerability Intelligence through CVEdetails.com

Feeling overwhelmed by the constant barrage of CVE announcements? You're not alone. But what if you could transform this data overload into actionable insights that empower your security team?

Join this webinar to discover how CVEdetails, the go-to vulnerability intelligence solution, can help you:
- Cut through the CVE chaos: Uncover a comprehensive CVE database with real-time updates, exploit details, and severity ratings
- Focus on what matters most: Prioritize vulnerabilities based on product risk and exploitability, ensuring your team tackles the biggest threats first
- Remediate faster, not harder: Simplify vulnerability patching with readily available vendor patches and configuration guides 
- Stay future-proof: Receive ongoing alerts to anticipate emerging vulnerabilities in your attack surface and stay ahead of the curve

This webinar is designed for security professionals, vulnerability managers, and anyone who wants to transform vulnerability management from a nightmare to a proactive security strategy.

Bonus: Ryan Sherstobitoff, SVP of Threat Research and Intelligence will share how using CVEDetails alongside SecurityScorecard’s threat intelligence can improve threat hunting capabilities and decision making skills. 

Don't miss out! Register now and turn vulnerability data into your security advantage.

Vulnerability Nightmare or Visibility Powerhouse?

DoubleClick. MongoDB. Gilt Groupe. Business Insider. Zola.com. Nomad Health. And so many more. 

Join Kevin Ryan (the “Godfather” of NYC Tech) and Aleksandr Yampolskiy (CEO & CO-Founder SecurityScorecard) for this webinar discussing the:
- Ideas worth incubating in the NYC tech space in 2024 and beyond
- Broader trends to note in what may be the next innovative start-ups
- Lessons learned in scaling up across various stages of building an enterprise

Save your seat today!

The Founders’ Take: Strategies for Start-Ups & Scaling Up

¡Descubre cómo la automatización puede cambiar la forma en que manejamos los riesgos en empresas con pocos recursos! Aprende cómo la inteligencia artificial puede hacer más simple nuestros procesos y cómo trabajar juntos puede reducir los riesgos.

Aprende a comunicar los riesgos de manera efectiva a tu empresa y descubre cómo nuestro programa de gestión de riesgos de terceros de SSC puede ser implementado fácilmente. ¡No te pierdas esta oportunidad de mejorar la gestión de riesgos en tu empresa! ¡Regístrate ahora para asegurar tu lugar!

Automatizando la gestión de riesgo de terceros

“Companies are in the cross hairs of hackers of many stripes, and corporate leaders have become de facto national security decision-makers.” ~ Sue Gordon and Eric Rosenbach 

Years later, the words are prescient in an era of increased cyber conflict across companies and countries.

Join Aleksandr Yampolskiy (CEO & CO-Founder SecurityScorecard) and the Honorable Sue Gordon (former Principal Deputy Director for National Intelligence) for this discussion on the:
- Evolution of (cyber) security over the past few years, including the types of threats Russia, China, and others pose
- Best practices for decision-makers and their teams, including communication and execution across different levels of an organization
- Role of public-private partnerships, including which organizations are helping drive security forward

Save your seat today!

Public-Private Partnerships: Rebuilding Trust In An Era of Cyber Conflict

Gestionar la postura de Ciberseguridad de tu cadena de Suministro, es fundamental cuando el 54% de los incidentes se originan en la inadecuada gestión de riesgos en los terceros.

Gestionar la superficie de ataque de nuestra cadena de suministro para que se fortalezcan sus defensas y puedan verificar la Resiliencia, es parte de nuestra propuesta de valor. Contenido:

- Buenas Prácticas de gestión de Riesgos de Terceros
- El papel de la Automatización en un mundo con pocos recursos.
- Reportando Riesgos al Negocio
- Identificando los eslabones, más débiles en nuestra cadena de Suministro.

Duración 60 Minutos.

Ciberseguridad en la cadena de Suministro

Entenda como usar, de maneira eficiente, a inteligência na gestão de riscos de terceiros, criando processos automatizados e integrados a outras ferramentas, com visibilidade técnica e para o board.

Agregando Inteligência e Automatização à Gestão de Riscos de Terceiros

Organizations continue to struggle with the cybersecurity regulations The Securities and Exchange Commission (SEC) introduced in the second half of last year. While they bolster proactive security monitoring for the industry, these cybersecurity amendments have contributed to the mandatory regulatory assessment load on Public Companies. 

Join our panel of cybersecurity and compliance experts to craft your compliance blueprint and learn more about:
- How these regulations translate to shared responsibility for cybersecurity risk measures within your organization
- Best Practices for staying compliant
- What auditors look for and common blind spots to avoid 
- How being compliant with SEC regulations will better prepare you for the future 

Save your seat today!

How Cybersecurity Leaders are Navigating SEC Mandates

SecurityScorecard está liderando el camino en cuanto a Innovación en el scoring. Este es un término general que incluye los cambios que se están realizando en nuestro algoritmo de puntuación con el Scoring 3.0 y las recalibraciones de puntuación que se llevarán a cabo trimestralmente. Con este webinar, podrás descubrir todo sobre lo que implica esta actualización del Scoring y cómo prepararte para que su impacto sea lo menos significativo posible.

SCORE 3.0 - Leading the way in Scoring Innovation (webinar in Spanish)

A SecurityScorecard está liderando o caminho em termos de Scoring Innovation. Este é um termo agrupado para incluir as alterações que estão sendo feitas em nosso algoritmo de pontuação com o Scoring 3.0 e as recalibrações de pontuação que ocorrerão trimestralmente.

Com este webinar vai poder descobrir tudo sobre o que esta actualização do Scoring implica e como se preparar para que o seu impacto seja o menos significante possível.

SCORE 3.0 - Leading the way in Scoring Innovation (webinar in Portuguese)

At least 29% of all breaches were attributable to a third-party vector, even by very conservative estimates.

In the aftermath of last year’s MOVEit exploit campaign and the cascade of zero-day vulnerabilities, supply chain security is more important than ever.
 
Join Moriah Hara (CISO & Executive Advisor), Jeff Laskowski (SVP & GM, Professional Services), and Paul Prudhomme (Principal Security Analyst) in this webinar to get behind the scenes of our recently released report: Global Third-Party Cybersecurity Breaches: an in-depth analysis of the most significant third-party cyber risks and incidents in 2023.

Expect to learn more about the:
- Data and feed used to help develop this report
- Industries, geographies, and vendor relationships more likely to be subject to a breach
- Factors to consider when building and securing your digital supply chain

Save your seat today!

Breaches Beyond Borders: A Deep Dive Into Third-Party Cybersecurity Breaches

SecurityScorecard Ratings put a strong emphasis on DNS Health, Network Security and Application Security, due to the impact insecure configurations can have on a company’s cybersecurity posture. 

All three categories of scores are key risk factors to focus on when working to improve your company’s overall score. Red Sift helps SecurityScorecard customers address key areas of risk in email security, web security and brand protection. 

Tune in to this webinar to learn how you can:
- Use Red Sift and SecurityScorecard together to proactively mitigate vulnerabilities that can come from misconfigurations, 
- Demonstrably improve your security posture and external perception, as reflected in your SecurityScorecard Rating.

This session will be hosted by Billy McDiarmid, Sales Engineering Director, Red Sift and Dr. Bob Sohval, VP & Fellow, Data Science, SecurityScorecard.

Red Sift Rising: Tools to Level Up Your Cybersecurity Rating

At this point? Your vendors’ risk is your risk. 

This webinar will provide Supply Chain Guardians – and others tasked with helping secure your supply chain despite an ever-increasing attack surface – the keys to supply chain resilience. 

Join Robert Reid (Vistrada), Peter Pernebo (S&P Global Market Intelligence), and Matthew Ancelin (SecurityScorecard) as they explore real-life scenarios that:
- Navigate the complexities of safeguarding modern supply chain challenges,
- Demonstrate how to proactively mitigate risk by leveraging partners, and
- Bolster vendor relationships, fortifying business continuity.

Learn from the experiences of those who are at the forefront of ensuring the safety and continuity of their businesses – save your seat today!

---

Hosted in partnership with S&P Global Market Intelligence

---

By registering for this webinar, you acknowledge and agree to SecurityScorecard’s terms to share all your details provided in this form with S&P Global for event purposes only. Any personal information provided to S&P Global will be processed in accordance with their Privacy Policy.

Supply Chain Guardians: Strategies for Resilient Ecosystems

Complexity breeds insecurity: vulnerabilities and zero-day exploit campaigns are increasing in velocity like never before. However, there are plenty of solutions and steps organizations can take to proactively manage supply chain cyber risks, stay ahead of evolving threats, and improve their cyber resilience.

Join Aleksandr Yampolskiy and Renaud Deraison as they discuss:
- Vulnerability assessment and management in an increasingly complex ecosystem
- Entrepreneurship in the cyber security space
- The evolution of our digital infrastructure and the future of cyber security

Save your seat today!

About Renaud Deraison 
Renaud Deraison, Co-Founder and former CTO of Tenable, is widely regarded in the global security community as the father of the Nessus vulnerability scanner. He has authored multiple patents and also serves as an Advisor at multiple companies, including SecurityScorecard.

About Aleksandr Yampolskiy
Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard, is a globally recognized cybersecurity innovator, leader, and expert. Yampolskiy has served as CTO at BlogTalkRadio and was also CISO at Gilt Groupe, overseeing IT infrastructure security, fraud, application development, and PCI compliance.

The Founders’ Take: Strategies for Cyber Resilience Despite Insecurity

Únete a nosotros en una sesión donde vamos a enseñarte cómo un cliente puede iniciar un proyecto de VRM a través del módulo "Automatic Vendor Detection".

¿Vamos a evaluar la postura de seguridad de los proveedores de tus clientes?

Junte-se a nós numa sessão onde vamos demonstrar como um cliente pode iniciar um projeto de VRM através do módulo 'Automatic Vendor detection'.

Vamos avaliar a postura dos fornecedores dos seus clientes?

More zero-day vulnerabilities than ever before. Supply chain cyber threats are on the rise. SEC Disclosure Rules, DORA, and other mandates coming down the pipe. Many organizations are not equipped to operationalize their supply chain risk programs and address these issues on their own. 

Join SecurityScorecard’s Jeff Laskowski and Larry Slusser as they take a deep dive into MAX, the ultimate technology-enabled supply chain cyber risk managed service. Explore how MAX leverages AI, risk and threat telemetry, and elite cybersecurity experts to effectively improve the cybersecurity posture of your supply chain. Learn how you’ll be able to:

- Identify & continuously track all risk third parties globally, gaining ecosystem risk visibility
- Gain continuous visibility of current cyber security posture, optimizing vendor interactions and prioritizing supply chain cyber posture
- Improved handling of future events and threats, mitigating zero-day impacts

Don't miss this opportunity to master supply chain cyber resilience! Register now to secure your spot and stay ahead of evolving cyber threats.

Take Supply Chain Cyber Risk Management to the MAX

The ever-changing nature of today's threat landscape, and the hyper-connected environments that today's businesses operate in, require that companies take a continuous approach to security that encapsulates their own environments as well as those belonging to the third parties they rely on to run their businesses. Moreover, continued migration to the cloud has created a need for a framework that accounts for requirements and controls necessary for running a business in a cloud first environment. Join CSA and SSC as we discuss the importance of continuously monitoring first and third parties, and how businesses can leverage CCM to guide and benchmark their security practices.

Continuously Monitoring First and Third Parties against the CCM Framework

Cyber Security

Information Security

Cloud Security

Cloud

Network Security

Security

Application Security

IT Security

Threat Detection

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Continuously Monitoring First and Third Parties against the CCM Framework

Presented by

About this talk

More from this channel