Name: DORA Compliance Unveiled: Managing Third-Party Risks
Start: 2023-09-19T11:00:00Z
End: 2023-09-19T11:00:54.000Z
Location: BrightTALK
Rating: 4.9

A global leader in cybersecurity ratings, SecurityScorecard's mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

Thousands of organizations leverage our patented rating technology for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. But we don’t stop there. Through a customer-centric, solution-based commitment to our partners, SecurityScorecard is transforming the digital landscape by building a path toward cyber resilience. 

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

Mastering CVEs with SecurityScorecard’s Vulnerability Intelligence through CVEdetails.com

Feeling overwhelmed by the constant barrage of CVE announcements? You're not alone. But what if you could transform this data overload into actionable insights that empower your security team?

Join this webinar to discover how CVEdetails, the go-to vulnerability intelligence solution, can help you:
- Cut through the CVE chaos: Uncover a comprehensive CVE database with real-time updates, exploit details, and severity ratings
- Focus on what matters most: Prioritize vulnerabilities based on product risk and exploitability, ensuring your team tackles the biggest threats first
- Remediate faster, not harder: Simplify vulnerability patching with readily available vendor patches and configuration guides 
- Stay future-proof: Receive ongoing alerts to anticipate emerging vulnerabilities in your attack surface and stay ahead of the curve

This webinar is designed for security professionals, vulnerability managers, and anyone who wants to transform vulnerability management from a nightmare to a proactive security strategy.

Bonus: Ryan Sherstobitoff, SVP of Threat Research and Intelligence will share how using CVEDetails alongside SecurityScorecard’s threat intelligence can improve threat hunting capabilities and decision making skills. 

Don't miss out! Register now and turn vulnerability data into your security advantage.

Vulnerability Nightmare or Visibility Powerhouse?

When start-ups scale-up, their cybersecurity -- or lack thereof -- is increasingly viewed as the backdoor into the larger organizations they serve.

Join Aleksandr Yampolskiy (CEO and Co-Founder of SecurityScorecard) and Harry Moseley (former CIO at Zoom, KPMG, and more) for a conversation on the:
- evolution of the C-Suite's interest in cybersecurity and data within an organization
- strategies to emulate (and avoid) in scaling up the security architecture of a growing organization
- key things to think about in scaling the security of organizations in an era where third-party breaches are on the rise

Save your seat today!

Cybersecurity In An Era of Scaling Start-Ups & Data Breaches

Saiba como podemos entender os desafios que envolvem a gestão de riscos de terceiros, que acabam por afetar  e impactar a saúde cibernética de uma organização, atuar sobre estes desafios com inteligência e automatização, criando um processo vivo, inteligente e colaborativo com os terceiros.

Com esta sessão aprenda como:
- criar processos inteligentes de gestão de riscos de terceiros;
- usar uma solução de TPRM para dar visibilidade ao compliance;
- a automatização é a regra do sucesso;
- otimizar seus recurso de tempo, de equipes e financeiros.

Os desafios da gestão de riscos de terceiros

現代企業面對來自全球的數位供應商，供應鏈千絲萬縷。
可是未知、不安全、不斷變化的供應鏈攻擊面讓 CISO 夜不能寐。

根據估計，超過 70% 的漏洞都是供應鏈攻擊造成的： MOVEit 和 SolarWinds 就是很好的例子。
有些公司的資安團隊不具備評估和保護供應鏈的工具和專業知識，不足夠應付日新月異的供應鏈
攻擊。又或是 TPRM 團隊使用過時的基於問卷的解決方案，同樣，他們不具備安全專業知識。
現實情況是，大多數公司甚至不知道誰是他們的供應鏈供應商：供應鏈供應商的違規行為總是出
乎意料。我們看到，出現漏洞的公司會向客戶解釋，真正被入侵的其實是供應商。不幸地，他們
的聲譽已經受損了。

供應鏈安全領域需要徹底的模式轉變!

是次線上講座，我們將分享SecurityScorecard MAX解決方案如何:
● 識別並修復可能使您暴露的網路關鍵漏洞
● 解決網路安全人才缺口問題，使您能夠將團隊投入到其他關鍵專案中去
● 做到客戶供應商監控的同時, 讓我們負責供應商管理和溝通，節省時間和金錢
● 利用易於理解的即時報告，讓您的安全領導者能夠交流成功經驗

請立即登記參加

新世代供應鏈網路風險管理

Critical infrastructure services in North America face accelerating threats from both nation-states and other sophisticated threat actors. Governments globally are grappling with how to best balance incentives, support, and direct oversight. Meanwhile, critical infrastructure owners and operators face significant challenges with technology, staff resources, and expertise to better manage cyber resilience.

Join Cheri Caddy (Senior Technical Advisor for Cybersecurity, US Department of Energy), Brendan Peter (VP, Global Government Affairs, SecurityScorecard), and John Breeden II (Moderator & Contributing Editor, FedInsider) as they discuss:

- Trends in cyber threat activities that organizations may see
- Metrics to determine the cyber resilience in different critical infrastructure sectors
- Tools available to address these kinds of threat activities
- Actionable recommendations to build flexibility to respond to evolving threats

Metrics That Matter for Critical Infrastructure Cyber Resilience

Missed us at RSAC? Join SecurityScorecard's Dr. Jared Smith, Distinguished Engineer, Threat Research in this session, where he'll discuss:
- the symbiotic relationship between Threat Intelligence, Security Operations, and Third-Party Risk Management
- outcome-driven metrics for Supply Chain Cyber Risk Management
- real-world examples and strategies to mature your cybersecurity posture and increase collaboration across security teams

Save your seat today!

Mature Your Cyber Defenses: Are You Smarter Than Your Third-Party Risks?

DoubleClick. MongoDB. Gilt Groupe. Business Insider. Zola.com. Nomad Health. And so many more. 

Join Kevin Ryan (the “Godfather” of NYC Tech) and Aleksandr Yampolskiy (CEO & CO-Founder SecurityScorecard) for this webinar discussing the:
- Ideas worth incubating in the NYC tech space in 2024 and beyond
- Broader trends to note in what may be the next innovative start-ups
- Lessons learned in scaling up across various stages of building an enterprise

Save your seat today!

The Founders’ Take: Strategies for Start-Ups & Scaling Up

¡Descubre cómo la automatización puede cambiar la forma en que manejamos los riesgos en empresas con pocos recursos! Aprende cómo la inteligencia artificial puede hacer más simple nuestros procesos y cómo trabajar juntos puede reducir los riesgos.

Aprende a comunicar los riesgos de manera efectiva a tu empresa y descubre cómo nuestro programa de gestión de riesgos de terceros de SSC puede ser implementado fácilmente. ¡No te pierdas esta oportunidad de mejorar la gestión de riesgos en tu empresa! ¡Regístrate ahora para asegurar tu lugar!

Automatizando la gestión de riesgo de terceros

As regulatory mandates and frameworks continue to emerge, cybersecurity leaders must continue to adapt to more than just the latest threat actor TTPs. 

Next up in our “Crafting Your Compliance Blueprint” series: Implementing the updated NIST Cybersecurity Framework. NIST CSF 2.0 empowers cybersecurity leaders to proactively address evolving threats and safeguard their organization's assets, operations, and reputation.

Join Adam Bixler (Principal, Squadra Ventures), Christopher Strand (Global Risk Officer), and Steve Cobb (CISO, SecurityScorecard) as they dissect the latest updates for NIST CSF 2.0, focusing on the five key updates, including core framework revisions, organizational profiles, and tier structures. 

In this webinar, you will:
- Better understand how the NIST CSF 2.0 framework impacts risk management processes across departments to assess, prioritize, and mitigate risks effectively
- Hear from cybersecurity leaders on how they predict these updates will impact policy management, reporting, and boardroom discussions 
- Walk away with actionable recommendations and best practices to implement the NIST CSF 2.0 framework effectively, enable better communication and collaboration, and strengthen your cybersecurity posture

Save your seat today!

Implementing NIST CSF 2.0 Controls with Confidence

98% of organizations have a hacked vendor… are you prepared? 

Third-party breaches are a major threat, but most companies lack a plan. Join this webinar to hear from our team of experts on how you can leverage our Third-Party Cyber Incident Response playbook to:  

- Stop scrambling - Learn how to respond quickly and effectively.
- Communicate clearly - Craft a winning communication plan.
- Become proactive - Discover best practices to prevent future incidents.
- Ask the right questions - Vet your vendors' cybersecurity.
- Learn from the pros - See real-world response strategies in action.

Don't wait for a breach to hit. Register now!

Speakers:

- Mark Dunkerley, Chief Information Security Officer, Coca-Cola Bottlers' Sales & Services
- Dave Hoeller, Sr. Director, Product Marketing, SecurityScorecard
- Larry Slusser, VP, Professional Services & MAX Fellow, SecurityScorecard

A CISO's Guide to Mastering Cyber Incident Response

“Companies are in the cross hairs of hackers of many stripes, and corporate leaders have become de facto national security decision-makers.” ~ Sue Gordon and Eric Rosenbach 

Years later, the words are prescient in an era of increased cyber conflict across companies and countries.

Join Aleksandr Yampolskiy (CEO & CO-Founder SecurityScorecard) and the Honorable Sue Gordon (former Principal Deputy Director for National Intelligence) for this discussion on the:
- Evolution of (cyber) security over the past few years, including the types of threats Russia, China, and others pose
- Best practices for decision-makers and their teams, including communication and execution across different levels of an organization
- Role of public-private partnerships, including which organizations are helping drive security forward

Save your seat today!

Public-Private Partnerships: Rebuilding Trust In An Era of Cyber Conflict

Gestionar la postura de Ciberseguridad de tu cadena de Suministro, es fundamental cuando el 54% de los incidentes se originan en la inadecuada gestión de riesgos en los terceros.

Gestionar la superficie de ataque de nuestra cadena de suministro para que se fortalezcan sus defensas y puedan verificar la Resiliencia, es parte de nuestra propuesta de valor. Contenido:

- Buenas Prácticas de gestión de Riesgos de Terceros
- El papel de la Automatización en un mundo con pocos recursos.
- Reportando Riesgos al Negocio
- Identificando los eslabones, más débiles en nuestra cadena de Suministro.

Duración 60 Minutos.

Ciberseguridad en la cadena de Suministro

Entenda como usar, de maneira eficiente, a inteligência na gestão de riscos de terceiros, criando processos automatizados e integrados a outras ferramentas, com visibilidade técnica e para o board.

Agregando Inteligência e Automatização à Gestão de Riscos de Terceiros

Organizations continue to struggle with the cybersecurity regulations The Securities and Exchange Commission (SEC) introduced in the second half of last year. While they bolster proactive security monitoring for the industry, these cybersecurity amendments have contributed to the mandatory regulatory assessment load on Public Companies. 

Join our panel of cybersecurity and compliance experts to craft your compliance blueprint and learn more about:
- How these regulations translate to shared responsibility for cybersecurity risk measures within your organization
- Best Practices for staying compliant
- What auditors look for and common blind spots to avoid 
- How being compliant with SEC regulations will better prepare you for the future 

Save your seat today!

How Cybersecurity Leaders are Navigating SEC Mandates

SecurityScorecard está liderando el camino en cuanto a Innovación en el scoring. Este es un término general que incluye los cambios que se están realizando en nuestro algoritmo de puntuación con el Scoring 3.0 y las recalibraciones de puntuación que se llevarán a cabo trimestralmente. Con este webinar, podrás descubrir todo sobre lo que implica esta actualización del Scoring y cómo prepararte para que su impacto sea lo menos significativo posible.

SCORE 3.0 - Leading the way in Scoring Innovation (webinar in Spanish)

A SecurityScorecard está liderando o caminho em termos de Scoring Innovation. Este é um termo agrupado para incluir as alterações que estão sendo feitas em nosso algoritmo de pontuação com o Scoring 3.0 e as recalibrações de pontuação que ocorrerão trimestralmente.

Com este webinar vai poder descobrir tudo sobre o que esta actualização do Scoring implica e como se preparar para que o seu impacto seja o menos significante possível.

SCORE 3.0 - Leading the way in Scoring Innovation (webinar in Portuguese)

At least 29% of all breaches were attributable to a third-party vector, even by very conservative estimates.

In the aftermath of last year’s MOVEit exploit campaign and the cascade of zero-day vulnerabilities, supply chain security is more important than ever.
 
Join Moriah Hara (CISO & Executive Advisor), Jeff Laskowski (SVP & GM, Professional Services), and Paul Prudhomme (Principal Security Analyst) in this webinar to get behind the scenes of our recently released report: Global Third-Party Cybersecurity Breaches: an in-depth analysis of the most significant third-party cyber risks and incidents in 2023.

Expect to learn more about the:
- Data and feed used to help develop this report
- Industries, geographies, and vendor relationships more likely to be subject to a breach
- Factors to consider when building and securing your digital supply chain

Save your seat today!

Breaches Beyond Borders: A Deep Dive Into Third-Party Cybersecurity Breaches

SecurityScorecard Ratings put a strong emphasis on DNS Health, Network Security and Application Security, due to the impact insecure configurations can have on a company’s cybersecurity posture. 

All three categories of scores are key risk factors to focus on when working to improve your company’s overall score. Red Sift helps SecurityScorecard customers address key areas of risk in email security, web security and brand protection. 

Tune in to this webinar to learn how you can:
- Use Red Sift and SecurityScorecard together to proactively mitigate vulnerabilities that can come from misconfigurations, 
- Demonstrably improve your security posture and external perception, as reflected in your SecurityScorecard Rating.

This session will be hosted by Billy McDiarmid, Sales Engineering Director, Red Sift and Dr. Bob Sohval, VP & Fellow, Data Science, SecurityScorecard.

Red Sift Rising: Tools to Level Up Your Cybersecurity Rating

The implementation of the Digital Operational Resilience Act (DORA) presents challenges and exciting opportunities for the EU financial sector. Join Dan Morgan, Senior Director of Government Relations at SecurityScorecard, and Nuno Teodoro, Vice President, Group Cybersecurity at Solaris SE, for an illuminating webinar that delves into the intricate interplay between the DORA framework and the critical task of monitoring third-party relationships. 

This webinar will focus on the convergence of DORA compliance and the role played by services like SecurityScorecard in ensuring adherence to these regulations, especially concerning third-party risk. 

Key takeaways:
- Understand DORA regulations and implications for financial sector
- Hear best practices for adapting third-party risk management strategies for compliance
- Hear from a Solaris SE cybersecurity expert as they share insights 
- Gain tools and techniques for ensuring operational resilience and compliance.

We are here to help. As a special offer, webinar attendees qualify to receive a one hour FREE session with a SecurityScorecard expert to discuss the DORA mandate, focusing on the requirements most concerning to your organization.

DORA Compliance Unveiled: Managing Third-Party Risks

Cyber Security

DORA

Digital Operations Resilience Act

Third Party Risk Management

TPRM

Compliance

Cyber Resilience

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

DORA Compliance Unveiled: Managing Third-Party Risks

Presented by

About this talk

More from this channel