Hi [[ session.user.profile.firstName ]]

Evolving an Enterprise Risk Management Program

Organizations are suffering from volatility across all risk types, and in every organization, there are a multitude of applications and devices with threats and vulnerabilities. Every process, function and system has certain risks and compliance requirements, and senior management are being pressured to improve enterprise risk management capabilities.

An organization’s enterprise risk management (ERM) program can be a powerful management tool for achieving strategic and operational objectives, but it can be difficult to maintain and grow over time. If an ERM program is not moving forward it stagnates, so executives need to implement a program that evolves with the times. Implementation has its challenges but there are a range of responses that can be effective for each ERM program challenge. In this webinar our experts discuss these responses and address some of the ways to implement an evolving GRC program that gets boardroom backing.
Recorded Nov 17 2016 76 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Colin Whittaker, Russell McGuire, Riskonnect; Yo Delmar, MetricStream; Albert Biketi, HPE; and Marshall Toburen, RSA
Presentation preview: Evolving an Enterprise Risk Management Program

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Implementing a NIST Framework for Adaptive Cybersecurity Mar 21 2019 5:00 pm UTC 75 mins
    TBC
    In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of adaptive cyber security strategies is becoming inevitable to achieve that goal.

    Adaptive cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. The NIST Cybersecurity Framework enables organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

    - Getting a clear picture of the current health of your organizations' defenses
    - Defining your security road map using NIST CSF as a framework
    - Conducting gap analysis and executing remediation actions
    - Mapping the NIST CSF with security controls and built-in reporting templates that align with the framework.
  • IAM: Intelligent Automation for Successful Risk & Control Monitoring Feb 21 2019 6:00 pm UTC 60 mins
    Colin Whitaker, Informed Risk Decisions; Phil Shomura, Senior Product Manager, ACL
    No organization’s suite of business applications is static, especially for businesses that have committed to non-stop innovation. It is not uncommon for businesses to integrate only their high-impact applications with their existing identity and access management (IAM) systems. This can cause a huge surge in manual work, and oftentimes enterprises dedicate hundreds of human agents to manage accounts, adding more as new business applications are added. Enterprises can sidestep significant costs, increase efficiency, manage risk and deliver undiscovered value, by properly leveraging automation technologies across IAM systems.

    Robotic process automation (RPA) is a powerful technology that harmonizes different systems across an organization’s environment, reduces human errors, provides 24/7 operations, and relieves employees from repetitive tasks so they can focus on more valuable activities. For example, data quality management in the risk and compliance processs has been a traditional pain area for many institutions, as it is very time consuming and manual. However, a cognitive RPA solution which combines machine learning capabilities can enable fast automated remediation of data quality issues, and the system can learn from the final decisions taken by the data analyst as well. Attend this CPE webinar for insights on:

    - Getting started with an access management program.
    - Evaluating the right configuration and system-based tools to automate processes at a task level, and align to your process automation strategy.
    - Leveraging advanced analytics in risk management, compliance, and continuous monitoring programs.
    - Embedding governance, risk management, and controls into your enterprise’s mobilization and deployment of RPA, so you can catch issues before they arise.
  • Critical Actions to Prevent a Data Breach in 2019 and Beyond [Recording] Feb 20 2019 6:00 pm UTC 77 mins
    Panelists: Nick Hayes, Forrester; Idan Shoham, Hitachi-ID; Jason Bonds, Ping Identity; Perry Carpenter, KnowBe4
    * This is a recording so CPE credit is unavailable.

    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • [Earn 1 CPE] Critical Actions to Survive a Data Breach in 2019 and Beyond Jan 17 2019 6:00 pm UTC 75 mins
    Colin Whittaker, Moderator. Panelists: Stephen Boyer, BitSight; Jon Siegler, LogicGate; and Nicole Eagen, Darktrace.
    With large-scale data breaches continuing to make the headlines in 2018, Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. Cyberattacks that target and infiltrate critical infrastructure are very real and for the United States, it’s not a matter of if, but when.

    Keeping your company secure is as much about detecting and responding to attacks as they occur as it is about preventing attacks before they happen. On this webinar our panel of experts will discuss THE critical actions organisations should consider to prepare for and survive any subsequent breach that may happen, and attendees will learn how to:

    - Develop and direct an incident response plan and get C-Suite buy-in.
    Implement security analytics for incident detection and response.
    - Quickly determine the extent of a compromise once a breach is detected, and understand the steps necessary to contain the affected systems.
    - Understand key information that needs to be communicated to various stakeholders in the event of a breach.
    - Apply a “standard of due care” in order to prove compliance to regulatory agencies.
  • [Earn 1 CPE] Critical Actions to Prevent a Data Breach in 2019 and Beyond Recorded: Nov 29 2018 77 mins
    Panelists: Nick Hayes, Forrester; Idan Shoham, Hitachi-ID; Jason Bonds, Ping Identity; Perry Carpenter, KnowBe4
    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • GDPR 101: Monitoring & Maintaining Compliance After the Deadline Recorded: Oct 26 2018 77 mins
    Dr. Branden Williams, Union Bank; Janalyn Schreiber, TrustArc; Eugene Tyrrell, Online; Chris DePippo, DXC; Tim White, Qualys
    Achieving and maintaining GDPR compliance is a complex and expensive initiative for companies of all sizes, across all geographies and industries, and tech giants have already been sued for violating the terms, while major newspapers have been forced to restrict EU access to their websites for fear of noncompliance.

    In June 2018, Dimensional Research on behalf of TrustArc surveyed 600 legal, information technology and privacy professionals, and found that 20% of companies surveyed believe they now are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. Now three months after deadline, it's clear that there is a lot work yet to be done in order for all companies to achieve full GDPR compliance.

    In this CPE accredited webinar, our panel of experts will discuss the main issues and attendees will learn:

    - The latest techniques to protect data and remediate breaches.
    - How GDPR can support your corporate values and drive business value for customers and partners.
    - What your organization needs to uncover data risks and avoid fines.
    - How technology can enable continuous monitoring, maintenance, and demonstration of GDPR compliance, in an ongoing and efficient manner.
  • [Earn 1 CPE] Compliance vs Risk: Aligning Priorities & Prioritizing Threats Recorded: Sep 27 2018 62 mins
    Colin Whittaker, Moderator. Stephen Boyer, CTO at BitSight; Marc French, SVP at Mimecast; Scott Petry, CEO at Authentic8.
    Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.

    In a dynamic threat environment, forward-thinking organizations have concluded that the goal of total protection is elusive and that a risk-based approach to governance and management of cybersecurity is necessary. That is easier said than done, as the way most information security professionals measure risk today fails to quantify threats in terms the business can understand and use. In this CPE accredited webinar, our panel of experts will discuss:

    - Aligning risk and compliance metrics and controls across functional domains.
    - Benchmarking existing process for managing the risks identified by stakeholders.
    - Creating a transparent 'system of record' and collaborative process life-cycle management system.
    - Prioritizing control efforts accordingly.
    - Aligning compliance investments with compliance risk ratings and business priorities.
  • GDPR 101: Monitoring & Maintaining Compliance After the Deadline Recorded: Aug 28 2018 77 mins
    Dr. Branden Williams, Union Bank; Janalyn Schreiber, TrustArc; Eugene Tyrrell, Online; Chris DePippo, DXC; Tim White, Qualys
    Achieving and maintaining GDPR compliance is a complex and expensive initiative for companies of all sizes, across all geographies and industries, and tech giants have already been sued for violating the terms, while major newspapers have been forced to restrict EU access to their websites for fear of noncompliance.

    In June 2018, Dimensional Research on behalf of TrustArc surveyed 600 legal, information technology and privacy professionals, and found that 20% of companies surveyed believe they now are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. Now three months after deadline, it's clear that there is a lot work yet to be done in order for all companies to achieve full GDPR compliance.

    In this CPE accredited webinar, our panel of experts will discuss the main issues and attendees will learn:

    - The latest techniques to protect data and remediate breaches.
    - How GDPR can support your corporate values and drive business value for customers and partners.
    - What your organization needs to uncover data risks and avoid fines.
    - How technology can enable continuous monitoring, maintenance, and demonstration of GDPR compliance, in an ongoing and efficient manner.
  • [Earn 1 CPE] Post-GDPR: Key Steps to GRC Integration Recorded: Jul 26 2018 76 mins
    Moderator: Colin Whitaker. Panel: Sooji Seo, RSA; Quin Rodriguez, Riskonnect; Gabriel Gumbs, STEALTHbits; Tim Hill, Centrify
    Data protection laws such as the General Data Protection Regulation (GDPR) are complex, and can impact a broad range of business roles, including legal, audit, HR and finance, not just IT. In achieving GDPR compliance, organizations should focus on getting these roles to work together in ongoing efforts to ensure governance, risk and compliance (GRC) across an organization, and not be distracted by the noise in the marketplace. Through the process of integrating GRC practices real value can be achieved, as long as all stakeholders work with one another and take practical, measured steps toward integration. Join our panel of experts on this CPE accredited webinar to learn how your organization can achieve this.

    Learning Objectives

    - Find out how to align risk management with enterprise performance management under the GDPR.
    - Learn how to work with stakeholders to effectively integrate compliance activities, and gain transparency, efficiency and agility for process operations.
    - Discover how to identify and manage the digital risks that matter, and which risk functions need to transform.
  • [Earn 1 CPE] Practical Steps to Scale Your Vendor Risk Management Program Recorded: Jun 26 2018 76 mins
    Rebecca Herold. Panel: Jake Olcott, BitSight; Todd Boehler, ProcessUnity; Matt Kunkel, LogicGate; Scott Schneider, CyberGRX.
    As organizations rely on third parties to grow and thrive, they’re exposed to major cybersecurity risks. Mitigating this risk means confronting the potential security vulnerabilities that are present in your third party network, but traditional vendor risk management (VRM) methods are no match for modern threats. According to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

    Join our panel of experts on this CPE accredited webinar to learn how your organization can create a VRM program that’s ready and able to stand up to today's third party threat landscape.

    Learning objectives:

    • Find out how to gain executive leadership buy-in for your VRM program.
    • Learn how to perform quantifiable vendor security analyses.
    • Discover how to leverage Automation to Scale your VRM program.
  • [Earn 1 CPE] Best Practices for GRC Implementation & Enterprise Security Recorded: Jun 5 2018 77 mins
    Colin Whitaker, Moderator. Nick Hayes, Forrester; Viktor Culjak, ACL; Cameron Jackson, Riskonnect; James Maude, Avecto.
    In today’s world, implementing an effective GRC program is critical for every organization striving to secure the enterprise in an era of increasingly frequent and complex cyber threats. However, getting budget approval, organization buy-in and executing on a successful implementation can be daunting tasks to take on.

    Join our panel of experts on this CPE accredited webinar to discover some of the best practices for GRC Implementation and Enterprise Security in 2018.

    Qualifying participants will earn 1 CPE credit.

    Learning Objectives

    •Find out how to influence the correct stakeholders to successfully implement GRC at your organization.
    •Learn basic security fundamentals to reduce the attack surface and secure the lines of defense.
    •Discover strategies to mitigate threats and manage Reputational Risk.
  • [Earn 1 CPE] GDPR Compliance MasterClass Recorded: Apr 24 2018 73 mins
    Rebecca Herold, Moderator; John McLeod, AlienVault; Mark McGlenn, Absolute; Brian Philbrook, OneTrust; Jake Olcott, BitSight.
    The GDPR is the most significant change in data privacy regulation in more than 20 years. It comes into force on 25 May 2018 and will impact all businesses that process personal data or businesses that process personal data of EU citizens even if they are not in the EU. Obligations for compliance will affect both controller and processors and regulators will get increased enforcement powers and the right to impose fines of up to 4% of global turnover for both data breaches and infringements of the law.

    Attend this CPE accredited educational webinar with our panel of experts to learn what you need to know about the GDPR and how to remain compliant.

    Learning Objectives:

    - Learn how to prepare for GDPR implementation
    - Identify the real life challenges of compliance
    - Learn about prioritizing plans and actions to effectively prepare for data protection
    - Discover some of the benefits, approaches, and tools to comply with the GDPR
  • Enabling Cybersecurity: Ignite Your ERM Program Recorded: Mar 22 2018 75 mins
    Colin Whittaker with Tim White, Qualys, Alon Yaffe, Barracuda; Cameron Jackson, Riskonnect; and Marc French, Mimecast
    Effective risk management is critical for every organization, especially in the current era of increasingly frequent and complex cyber threats. Organizations with the ability to detect changes across global IT environments in real time can better prevent and respond to malicious acts such as ransomware/malware attacks and configuration tampering.

    Join our panel of InfoSec experts on this CPE accredited webinar to learn how your organization can take command of risk to proactively prioritize and address the risks that matter most, and ignite your risk management program to enable cybersecurity.

    Qualifying participants will earn 1 CPE credit.

    Learning Objectives:

    - Discover how to identify, catalog, and prioritize risks across the enterprise
    - Find out how to quickly measure critical activities and address inherited risk
    - Learn how to gain efficiency and effectiveness of current risk-management approaches
  • CPE Webinar: Critical Actions to Finalize Your GDPR Compliance Program: Part 2 Recorded: Jan 30 2018 78 mins
    Dr. Branden Williams, with Timothy Yim, Imperva; Barbara Cosgrove, Workday; Sue Habas, ASG; and Naheed Bleecker, TrustArc.
    The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

    In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.
  • CPE Webinar: Critical Actions to Finalize Your GDPR Compliance Program: Part 1 Recorded: Dec 12 2017 71 mins
    Dr. Branden Williams; Chris Covell, Absolute, Jake Olcott, BitSight, Brian Philbrook, OneTrust, and Marshall Toburen, RSA
    Attendees can earn 1 CPE credit on this session.

    The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

    In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.
  • Digital GRC: Innovations for Early Identification and Management of Risk Recorded: Nov 16 2017 62 mins
    Moderated by Colin Whittaker; Yo Delmar, MetricStream; Jason Ford, Contegix; and Cameron Jackson, Riskonnect
    Attendees can earn 1 CPE credit on this session.

    Digitization has become deeply embedded in enterprise strategy, as nearly all businesses and activities have been slated for digital transformations. The significant advantages of digitization, with respect to customer experience, revenue, and cost, have become increasingly compelling, and we are starting to see digital transformations in risk create real business value by improving efficiency and the quality of risk decisions.

    The state of risk management at most global, multiregional, and regional banks is abundant with opportunity. Current processes are resource intensive and insufficiently effective, as indicated by average annual fines above $400 million for compliance risk activities alone. By improving the efficiency and effectiveness of current risk-management approaches, digital risk initiatives can reduce operating costs for risk activities by up to 30 percent, and a digitized risk function can provide better monitoring and control and more effective regulatory compliance. On this webinar our panel of experts will discuss digital innovations for risk management success.
  • CPE Webinar: A Data Security Survival Guide in an Interconnected World Recorded: Oct 25 2017 66 mins
    Rebecca Herold, The Privacy Professor; M P. Suby, Frost & Sullivan; Deral Heiland, Rapid7; Bharath Vasudevan, ForcePoint
    Attendees can earn 1 CPE credit on this session.

    As the number of internet-connected devices skyrockets into the billions, a data security strategy is an increasingly important part of any organization’s ability to manage and protect critical information. Enterprises are migrating to the cloud in droves, however, protecting data in the cloud remains a challenge as employees push to access cloud apps from any device, anywhere. In the last year alone, 1 in 3 organizations were hacked more than 5 times, and with the increased number of attacks the financial cost of security incidents is also rising.

    In many cases, breaches are caused by a combination of benevolent insiders, targeted attacks, and malicious insiders. For example, targeted attacks are often enabled inadvertently by well-meaning insiders who fail to comply with data or security policies, which can lead to a data breach. In this webinar, our panel will discuss major trends impacting cyber security – from the rising frequency of attacks and types of threats that organizations should be concerned about the most, and they will adress the risks, priorities, and capabilities that are top of mind for enterprises as they migrate to the cloud.
  • A Tactical Guide to Reducing Your Data Breach Risk Recorded: Aug 29 2017 71 mins
    Dr. Branden Williams; Farshad Ghazi, HPE; Yo Delmar, MetricStream; Jordan Rogers, Rapid7; and Billy Sokol, MarkLogic
    Over 90% of the world’s data has been generated in the last few years. Accompanying this rapid growth in data comes exponential risks, as witnessed by the spike in cyber attacks of which no organization seems immune. The financial rewards gained by the perpetuators of cyber attacks is blatant, and this is driving continued attacks on companies containing massive amounts of consumer data. For these companies securing data is only half the battle. The risks can be greater when data is transmitted externally, hence it is critical that organizations know where sensitive data is going, how it is being transmitted, and how it is being handled and stored.

    On this webinar our panel of experts will discuss some of the best practices organizations can consider to reduce the risk of suffering from a data breach, and to proactively prepare for any subsequent breach that could happen.
  • Orchestrating Effective IT Risk Management Across the Lines of Defense Recorded: Aug 8 2017 65 mins
    Kelley Vick, IT GRC Forum; Cameron Jackson, Riskonnect; Weston Nelson, Moss Adams Advisory Services
    Today’s IT risk environment is more threatened than ever thanks to the growth in sophisticated cyber attacks and security vulnerabilities. Now, complex, hard-to-detect attacks could bring down not just a single institution but also large parts of the internet and the financial markets. Organizations need an intelligent approach when it comes to assessing IT risk and managing compliance.

    Staying safe is no longer just about deflecting attackers. It’s about staying ahead of attackers who are already inside the organization, and banks are doing this through structured lines of defense that enhance security capabilities, involve IT risk managers in operations, and expand internal audits mandate so they can cover business disruption. On this webinar presentation we will address some ways how organizations can as a part of an Integrated Risk Management initiative orchestrate effective IT risk management across the lines of defense.
Empowering the GRC Community
The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Evolving an Enterprise Risk Management Program
  • Live at: Nov 17 2016 6:00 pm
  • Presented by: Colin Whittaker, Russell McGuire, Riskonnect; Yo Delmar, MetricStream; Albert Biketi, HPE; and Marshall Toburen, RSA
  • From:
Your email has been sent.
or close