Name: Os desafios da gestão de riscos de terceiros
Start: 2024-06-06T14:00:00Z
End: 2024-06-06T14:00:38.000Z
Location: BrightTALK
Rating: 5

A global leader in Supply Chain Detection and Response,  SecurityScorecard empowers swift management and mitigation of critical third-party risks.

Our mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

Au-delà d’un simple impératif de conformité ponctuel, les directives DORA et NIS2 établissent de nouvelles références réglementaires visant à garantir une résilience cyber sur le long terme.

Les cybermenaces ne s’arrêtent plus à la frontière de votre organisation — elles s’infiltrent via vos prestataires, partenaires et fournisseurs. Au cours de cette session, nous explorerons des stratégies concrètes pour garder une longueur d’avance :

- Identifier automatiquement l’ensemble de vos fournisseurs de 3ème, 4ème et n-ième partie 
- Passer d’une évaluation ponctuelle à une surveillance en continu de votre écosystème de façon instantanée
- Anticiper les risques en identifiant, évaluant et priorisant les vulnérabilités au sein de votre supply chain
- Satisfaire les exigences de reporting tout au long du cycle de vie d’un fournisseur
- Gagner en efficacité et automatiser vos flux de travail grâce à l'IA et à des connecteurs clé-en-main

DORA, NIS2 : Maîtriser les risques cyber liés aux tiers

With 98% of organizations experiencing vendor breaches, preparedness is critical. This webinar equips CISOs and security leaders with strategies to effectively manage third-party cyber incidents. Learn how to leverage a robust playbook to move from reactive scrambling to proactive resilience.

Attend to learn how to:

- Stop Scrambling: Implement rapid response frameworks.
- Communicate Clearly: Develop winning crisis communication plans.
- Become Proactive: Discover preventative best practices.
- Ask the Right Questions: Vet vendor cybersecurity effectively.
- Learn from the Pros: Gain insights from real-world scenarios.

Don't let vendors be your vulnerability. Join us to streamline response, communicate effectively, and build a stronger digital ecosystem against escalating third-party threats.

A CISO's Guide to Mastering Cyber Incident Response: Are Your Vendors Your Weakest Link?

“In 2024, at least 35.5% of all data breaches originated from third-party compromises.”

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Nick Schneider (President & CEO, Arctic Wolf) for this discussion on:
-- How to start and stay scrappy, even as you scale an organization
-- Using AI to augment human talent and be more valuable to customers
-- Making security work for both the enterprise and the vendor ecosystem

Save your seat today!

The CEO’s Take: Making Security Work

In an era of increasing cyber threats, organizations must assess the resilience of their digital supply chain. Third-party breaches have become a significant attack vector, exposing enterprises to risks that extend beyond their immediate control. This webinar will explore the impact of supply chain vulnerabilities, recent high-profile breaches caused by third parties, and how organizations can proactively mitigate these risks using SecurityScorecard’s platform. The session will conclude with a live demo showcasing SecurityScorecard’s capabilities in monitoring and managing third-party risks effectively.

Key Discussion Points:
● The growing threat landscape: Why third-party breaches are a rising concern
● Notable recent supply chain cyber incidents and their business impact
● Key risk factors that contribute to supply chain vulnerabilities
● Best practices for assessing and managing third-party cyber risk
● How SecurityScorecard provides real-time insights and risk mitigation strategies
● Live platform demonstration: How to assess and monitor your digital supply chain

Who Should Attend:
● CISOs, CROs
● Risk and Governance Team
● Vendor Risk Management Team

How Resilient is Your Digital Supply Chain? (APAC)

The healthcare industry is under pressure—and under attack. With cyber threats on the rise and SaaS adoption exploding across every department, the 2025 HIPAA Security Rule update is reshaping how organizations secure and govern their digital footprint. What was once a gray area is now black and white.

In this timely conversation, Lior Yaari, CEO & Co-Founder of Grip Security, and Avesta Hojjati, CTO of SecurityScorecard, will explore how healthcare organizations and business associates can meet the new mandates by closing visibility gaps, managing SaaS sprawl, and securing third-party relationships before they become compliance risks.

In this webinar, you’ll learn:
-- What HIPAA’s 2025 Security Rule updates mean for SaaS applications and supplier risk management
-- Why uncovering SaaS apps and vendors that bypassed security reviews is essential to compliance
-- How Grip and SecurityScorecard help healthcare organizations meet the new HIPAA requirements and strengthen cyber and operational resilience.

Don’t wait for an audit or an incident to reveal the gaps in your cybersecurity.

Save your seat today, and take the first step toward smarter, HIPAA-ready SaaS and SaaS-supplier security!

Healthcare in the Crosshairs: HIPAA Compliance for SaaS Apps & Suppliers

Using the world’s largest proprietary risk and threat data set, SecurityScorecard’s STRIKE Threat Intelligence Unit analyzed 1,000 breaches across industries and regions to uncover key attack patterns, measure the impact of third-party security failures, and identify the most commonly exploited vendor relationships. 

Join this webinar for critical insights and actionable strategies revealed in the 2025 Global Third-Party Breach Report. You will learn:

- Key statistics on the surge of third-party related breaches, including the fact that over 35% of all breaches in 2024 originated through this vector.
- Which industries are currently facing the highest rates of third-party breaches, with a focus on Retail & Hospitality, Technology, and Energy & Utilities.
- The significant connection between ransomware attacks and third-party access, with over 41% of ransomware incidents now starting through vendors.
- Targeted recommendations to match your risk management strategies to your specific industry, geography, and technology profile.
- Practical steps to mitigate fourth-party risks and demand "Secure by Design" principles from your vendors to strengthen your overall security posture.

Turning Data into Action: Key Findings from the 2025 Global Third-Party Breach Report

Despite the connection with Robert De Niro, we won’t be spoiling Zero Day for you yet. But there is a large intersection between the future of media, cybersecurity, and AI, and we’re excited to jump into it!

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Sandy Climan (President, Entertainment Media Ventures, Inc.) in this webinar, where they chat about:
-- The evolution of media and bridging Hollywood, Silicon Valley, & cybersecurity
-- Building trust in the age of cyber threats & misinformation
-- How AI is redefining risk & opportunity in cybersecurity & entertainment

Save your seat today!

The Media Mogul’s Take: Cyber & Storytelling in the Age of AI

DORA and NIS2 reinforce best practices for managing supply chain cyber hygiene, emphasizing a structured and compliant approach to information security. Join SecurityScorecard as we explore how these frameworks guide organizations in strengthening third-party risk management, enhancing resilience, and ensuring compliance. Gain practical insights on implementing effective security measures that align with regulatory expectations while proactively safeguarding your business.

Navigating Supply Chain Cyber Hygiene: DORA & NIS2 in the Spotlight

In an increasingly complex threat landscape, CISOs are tasked with navigating resource constraints, prioritizing threats, and ensuring rapid response to emerging cyber risks. This webinar will highlight how the integration of SecurityScorecard with ServiceNow’s Security and Incident Response (SIR) module is transforming cyber risk management by enabling intelligent workflow automation and strategic decision-making.

Key takeaways from this webinar include:
-- Continuous Monitoring: Learn how to automate the daily monitoring of your organization’s third-party security posture, eliminating manual processes and improving visibility across your attack surface
-- Automated Incident Management: Discover how to streamline your incident response by automatically generating security incident tickets based on changes in the security landscape, allowing you to prioritize threats efficiently
-- Customized Incident Alerts: Gain control over your incident response by customizing security incident ticket creation, ensuring focus on the most critical and high-risk security events
-- Enhanced Remediation Capabilities: Leverage data and intelligence within ServiceNow to enable faster and more effective remediation, ensuring minimal disruption to your operations

This session is designed for security leaders looking to enhance their cyber risk management strategies by integrating powerful automation and data-driven insights, positioning your organization for greater resilience in the face of evolving threats.

Elevate Cyber Risk Management & Incident Response: Strategic Insights for CISOs Using ServiceNow & SecurityScorecard

“Human error contributes to 95% of data breaches.”

From unsecured collaboration channels to poor password hygiene, the attack surface of an organization extends across both its vendor ecosystem as well as all of the employees within it.

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Marc van Zadelhoff (CEO, Mimecast) for this discussion on:
-- Lessons learned in the shifting cybersecurity and collaboration landscape
-- How to improve human risk management today
-- Considerations across your vendor and nth-party ecosystem

Save your seat today!

The CEO’s Take: The Human Element of Security

In retrospect, it’s a lot easier to determine whether or not something has been overhyped. But for the moment? We’re bullish on agentic systems – and their adoption. 

Is your enterprise ready for the age of autonomous AI?

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Ilya Mezyin (SVP, Head of Data Science, Dun & Bradstreet) for this discussion on:
-- the evolution of the data landscape and the algorithms and models they feed
-- managing AI risk and compliance across the enterprise and within product innovation
-- the rise of AI agents and the challenges they’ll need to overcome for adoption

Save your seat today!

The Data Scientist’s Take: Making AI Work for the Enterprise

As cyber threats continue to grow in complexity, organizations are more vulnerable to significant risks. Yet, many struggle to measure and manage these unseen dangers effectively.

On this CPE webinar our panel of subject matter experts will explore the essentials of cyber risk quantification - a transformative approach that translates technical cybersecurity risks into business terms. Attendees will discover how organizations can assess their financial exposure to cyber threats, prioritize critical vulnerabilities, and demonstrate the ROI of their cybersecurity investments. Join us for insights on:
• Establishing an acceptable risk threshold to align security efforts with business objectives.
• Leveraging data-driven metrics and frameworks to quantify cyber risk.
• Communicating risk in financial terms to engage executives and secure buy-in for security initiatives.
• Identifying resource allocation strategies to maximize the impact of your cybersecurity program.

Cyber Risk Quantification: Measuring and Managing the Unseen Threats

150 companies account for 90% of the technology products and services across the global attack surface. 

In this webinar, join Nishant Taneja (VP Product Marketing, SecurityScorecard), Avesta Hojjati (CTO, SecurityScorecard), and guest speaker Alla Vallente (Senior Analyst, Forrester) as they break down key findings from the report The Top Systemic Risks, 2024, highlighting how systemic risk forces—such as concentration risk, supply chain interdependencies, and cascading failures—are reshaping business resilience. Through real-world case studies and expert analysis, they’ll explore how security and risk leaders can integrate real-time risk intelligence, security ratings, and proactive mitigation strategies to reduce exposure and improve business continuity.

Expect takeaways on how to:
– Identify the top systemic risks and their impact on the third-party ecosystem.
– Understand the role of risk intelligence and security ratings in proactively surfacing these risks.
– Learn best practices for integrating risk insights into business continuity strategies.

Save your seat today!

Navigating Systemic Risks: Strengthening Third-Party & Supply Chain Resilience

Supply chain disruptions can have catastrophic consequences, and recent incidents have shown that knowing your supply chain (KYSC) is a cornerstone of cyber resilience. Security teams need the ability to map dependencies effectively, identify critical vendors, and gain visibility into their extended ecosystem.

Join our upcoming webinar to learn how to enhance your organization's cyber resilience, mitigate supply chain risks, and future-proof your organization for incidents. Steve and Gian will discuss:

- The impact of recent outages on the global supply chain
- The critical role of SCDR in mapping dependencies and safeguarding your extended ecosystem
- How to prioritize vendors based on criticality and business impact
- Best practices for leveraging technology to enhance supply chain visibility
- Actionable recommendations to build a resilient supply chain through proactive measures

Strengthening Vendor Relationships and Building Cyber Resilience

“Doing well by doing good” – there’s something to be said for that.

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Craig Newmark (Founder, craigslist, Craig Newmark Philanthropies) for this discussion on:
-- Building craigslist and some of the decisions made along the way
-- Philanthropic efforts to bolster U.S. cybersecurity and resilience
-- Initiatives to improve cyber civil defense and discerning use of AI

Save your seat today!

The Philanthropist's Take: Bolstering Cyber Civil Defense

Too often, vendor risk management operates in a silo, focused on compliance checkboxes, while the SOC team is on the frontlines of threat intelligence and response. These two groups should be allies, but instead, they’re often working in isolation. That’s a problem because cyber risk isn’t just a compliance issue… it’s a threat issue.

Join Steve Cobb for this talk on:
-- the current state of TPRM within most organizations
-- how to us SOC intelligence to address TPRM challenges
-- tools, strategies, and best practices to overcome silos and boost your organization's cyber resilience.

Breaking Silos with SCDR: How SOCs & TPRM Teams Drive Integrated Cyber Strategies

“150 companies account for 90% of the technology products and services across the global attack surface. 41% of those companies had evidence of at least one compromised device in the past year.”

With organizations as interconnected as they are, even organizations who “have” good cybersecurity are only as good as their weakest link. 

Join Aleksandr Yampolskiy (SecurityScorecard) and Joe Levy (Sophos) for their take on:
-- Shifts in the cybersecurity landscape (past, present, and future)
-- Nth party risk and the importance of bridging the cybersecurity divide
-- Digital detritus and bolstering cyber resilience within the ecosystem

Save your seat today!

The CEO's Take: Bridging the Cybersecurity Divide To Address Cyber Risk

New year, new threats… Except some aren’t so new; they’ve been years in the making. As the future of financial services evolves from relying on traditional banking to other platforms, securing our future requires practitioners to be more strategic than the threat actors after our assets.

Join Aleksandr Yampolskiy and Jeff Lunglhofer for their take on:
-- The evolution of the threat landscape and financial services
-- Best practices around MFA and boosting cyber resilience
-- Predictions for 2025

Save your seat today!

The CISO's Take: Securing the Future of Financial Services & More

Saiba como podemos entender os desafios que envolvem a gestão de riscos de terceiros, que acabam por afetar  e impactar a saúde cibernética de uma organização, atuar sobre estes desafios com inteligência e automatização, criando um processo vivo, inteligente e colaborativo com os terceiros.

Com esta sessão aprenda como:
- criar processos inteligentes de gestão de riscos de terceiros;
- usar uma solução de TPRM para dar visibilidade ao compliance;
- a automatização é a regra do sucesso;
- otimizar seus recurso de tempo, de equipes e financeiros.

Os desafios da gestão de riscos de terceiros

gestão de riscos de terceiros

gestão de riscos

automatização

TPRM

Third-Party Risk Management

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Os desafios da gestão de riscos de terceiros

Presented by

About this talk

More from this channel