Hi [[ session.user.profile.firstName ]]

Tokenization: Secure Payment Data & Simplify PCI Compliance

*Rescheduled event*
This event will discuss an overall payment security landscape, the costs associated with managing payment data, and the benefits of Tokenization. Attendees will learn how payment security solutions, such as encryption and tokenization can go beyond complying with PCI–DSS requirements and reduce the scope of PCI, while keeping data safe and alleviating the overall impact on your business.

- Opportunities & Challenges of Tokenization
- Differences in types of payment security and tokenization
- How you can reduce the scope of PCI within your organization
- Available payment security solutions and approaches
- How investing in a payment security solution can produce an ROI

Who Should Attend:

Designed for both technical and non-technical audiences concerned with their eCommerce Security and PCI compliance
Recorded Sep 14 2011 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Moderator: Brandon Dunlap (Brightfly). Panel: Derek Brink (Aberdeen Group), Dave Glaser (CyberSource), Alex Quilter (Qualys)
Presentation preview: Tokenization: Secure Payment Data & Simplify PCI Compliance

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [Earn 1 CPE] Critical Actions to Survive a Data Breach in 2019 and Beyond Jan 10 2019 6:00 pm UTC 75 mins
    Colin Whittaker, Moderator.
    With large-scale data breaches continuing to make the headlines in 2018, Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. Cyberattacks that target and infiltrate critical infrastructure are very real and for the United States, it’s not a matter of if, but when.

    Keeping your company secure is as much about detecting and responding to attacks as they occur as it is about preventing attacks before they happen. On this webinar our panel of experts will discuss THE critical actions organisations should consider to prepare for and survive any subsequent breach that may happen, and attendees will learn how to:

    - Develop and direct an incident response plan and get C-Suite buy-in.
    Implement security analytics for incident detection and response.
    - Quickly determine the extent of a compromise once a breach is detected, and understand the steps necessary to contain the affected systems.
    - Understand key information that needs to be communicated to various stakeholders in the event of a breach.
    - Apply a “standard of due care” in order to prove compliance to regulatory agencies.
  • [Earn 1 CPE] Critical Actions to Prevent a Data Breach in 2019 and Beyond Nov 29 2018 6:00 pm UTC 75 mins
    Panelists: Idan Shoham, Hitachi-ID; Bernard Harguindeguy, Ping Identity; Perry Carpenter, KnowBe4
    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • GDPR 101: Monitoring & Maintaining Compliance After the Deadline Oct 26 2018 3:00 pm UTC 77 mins
    Dr. Branden Williams, Union Bank; Janalyn Schreiber, TrustArc; Eugene Tyrrell, Online; Chris DePippo, DXC; Tim White, Qualys
    Achieving and maintaining GDPR compliance is a complex and expensive initiative for companies of all sizes, across all geographies and industries, and tech giants have already been sued for violating the terms, while major newspapers have been forced to restrict EU access to their websites for fear of noncompliance.

    In June 2018, Dimensional Research on behalf of TrustArc surveyed 600 legal, information technology and privacy professionals, and found that 20% of companies surveyed believe they now are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. Now three months after deadline, it's clear that there is a lot work yet to be done in order for all companies to achieve full GDPR compliance.

    In this CPE accredited webinar, our panel of experts will discuss the main issues and attendees will learn:

    - The latest techniques to protect data and remediate breaches.
    - How GDPR can support your corporate values and drive business value for customers and partners.
    - What your organization needs to uncover data risks and avoid fines.
    - How technology can enable continuous monitoring, maintenance, and demonstration of GDPR compliance, in an ongoing and efficient manner.
  • [Earn 1 CPE] Compliance vs Risk: Aligning Priorities & Prioritizing Threats Recorded: Sep 27 2018 62 mins
    Colin Whittaker, Moderator. Stephen Boyer, CTO at BitSight; Marc French, SVP at Mimecast; Scott Petry, CEO at Authentic8.
    Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.

    In a dynamic threat environment, forward-thinking organizations have concluded that the goal of total protection is elusive and that a risk-based approach to governance and management of cybersecurity is necessary. That is easier said than done, as the way most information security professionals measure risk today fails to quantify threats in terms the business can understand and use. In this CPE accredited webinar, our panel of experts will discuss:

    - Aligning risk and compliance metrics and controls across functional domains.
    - Benchmarking existing process for managing the risks identified by stakeholders.
    - Creating a transparent 'system of record' and collaborative process life-cycle management system.
    - Prioritizing control efforts accordingly.
    - Aligning compliance investments with compliance risk ratings and business priorities.
  • GDPR 101: Monitoring & Maintaining Compliance After the Deadline Recorded: Aug 28 2018 77 mins
    Dr. Branden Williams, Union Bank; Janalyn Schreiber, TrustArc; Eugene Tyrrell, Online; Chris DePippo, DXC; Tim White, Qualys
    Achieving and maintaining GDPR compliance is a complex and expensive initiative for companies of all sizes, across all geographies and industries, and tech giants have already been sued for violating the terms, while major newspapers have been forced to restrict EU access to their websites for fear of noncompliance.

    In June 2018, Dimensional Research on behalf of TrustArc surveyed 600 legal, information technology and privacy professionals, and found that 20% of companies surveyed believe they now are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. Now three months after deadline, it's clear that there is a lot work yet to be done in order for all companies to achieve full GDPR compliance.

    In this CPE accredited webinar, our panel of experts will discuss the main issues and attendees will learn:

    - The latest techniques to protect data and remediate breaches.
    - How GDPR can support your corporate values and drive business value for customers and partners.
    - What your organization needs to uncover data risks and avoid fines.
    - How technology can enable continuous monitoring, maintenance, and demonstration of GDPR compliance, in an ongoing and efficient manner.
  • [Earn 1 CPE] Post-GDPR: Key Steps to GRC Integration Recorded: Jul 26 2018 76 mins
    Moderator: Colin Whitaker. Panel: Sooji Seo, RSA; Quin Rodriguez, Riskonnect; Gabriel Gumbs, STEALTHbits; Tim Hill, Centrify
    Data protection laws such as the General Data Protection Regulation (GDPR) are complex, and can impact a broad range of business roles, including legal, audit, HR and finance, not just IT. In achieving GDPR compliance, organizations should focus on getting these roles to work together in ongoing efforts to ensure governance, risk and compliance (GRC) across an organization, and not be distracted by the noise in the marketplace. Through the process of integrating GRC practices real value can be achieved, as long as all stakeholders work with one another and take practical, measured steps toward integration. Join our panel of experts on this CPE accredited webinar to learn how your organization can achieve this.

    Learning Objectives

    - Find out how to align risk management with enterprise performance management under the GDPR.
    - Learn how to work with stakeholders to effectively integrate compliance activities, and gain transparency, efficiency and agility for process operations.
    - Discover how to identify and manage the digital risks that matter, and which risk functions need to transform.
  • [Earn 1 CPE] Practical Steps to Scale Your Vendor Risk Management Program Recorded: Jun 26 2018 76 mins
    Rebecca Herold. Panel: Jake Olcott, BitSight; Todd Boehler, ProcessUnity; Matt Kunkel, LogicGate; Scott Schneider, CyberGRX.
    As organizations rely on third parties to grow and thrive, they’re exposed to major cybersecurity risks. Mitigating this risk means confronting the potential security vulnerabilities that are present in your third party network, but traditional vendor risk management (VRM) methods are no match for modern threats. According to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

    Join our panel of experts on this CPE accredited webinar to learn how your organization can create a VRM program that’s ready and able to stand up to today's third party threat landscape.

    Learning objectives:

    • Find out how to gain executive leadership buy-in for your VRM program.
    • Learn how to perform quantifiable vendor security analyses.
    • Discover how to leverage Automation to Scale your VRM program.
  • [Earn 1 CPE] Best Practices for GRC Implementation & Enterprise Security Recorded: Jun 5 2018 77 mins
    Colin Whitaker, Moderator. Nick Hayes, Forrester; Viktor Culjak, ACL; Cameron Jackson, Riskonnect; James Maude, Avecto.
    In today’s world, implementing an effective GRC program is critical for every organization striving to secure the enterprise in an era of increasingly frequent and complex cyber threats. However, getting budget approval, organization buy-in and executing on a successful implementation can be daunting tasks to take on.

    Join our panel of experts on this CPE accredited webinar to discover some of the best practices for GRC Implementation and Enterprise Security in 2018.

    Qualifying participants will earn 1 CPE credit.

    Learning Objectives

    •Find out how to influence the correct stakeholders to successfully implement GRC at your organization.
    •Learn basic security fundamentals to reduce the attack surface and secure the lines of defense.
    •Discover strategies to mitigate threats and manage Reputational Risk.
  • [Earn 1 CPE] GDPR Compliance MasterClass Recorded: Apr 24 2018 73 mins
    Rebecca Herold, Moderator; John McLeod, AlienVault; Mark McGlenn, Absolute; Brian Philbrook, OneTrust; Jake Olcott, BitSight.
    The GDPR is the most significant change in data privacy regulation in more than 20 years. It comes into force on 25 May 2018 and will impact all businesses that process personal data or businesses that process personal data of EU citizens even if they are not in the EU. Obligations for compliance will affect both controller and processors and regulators will get increased enforcement powers and the right to impose fines of up to 4% of global turnover for both data breaches and infringements of the law.

    Attend this CPE accredited educational webinar with our panel of experts to learn what you need to know about the GDPR and how to remain compliant.

    Learning Objectives:

    - Learn how to prepare for GDPR implementation
    - Identify the real life challenges of compliance
    - Learn about prioritizing plans and actions to effectively prepare for data protection
    - Discover some of the benefits, approaches, and tools to comply with the GDPR
  • Enabling Cybersecurity: Ignite Your ERM Program Recorded: Mar 22 2018 75 mins
    Colin Whittaker with Tim White, Qualys, Alon Yaffe, Barracuda; Cameron Jackson, Riskonnect; and Marc French, Mimecast
    Effective risk management is critical for every organization, especially in the current era of increasingly frequent and complex cyber threats. Organizations with the ability to detect changes across global IT environments in real time can better prevent and respond to malicious acts such as ransomware/malware attacks and configuration tampering.

    Join our panel of InfoSec experts on this CPE accredited webinar to learn how your organization can take command of risk to proactively prioritize and address the risks that matter most, and ignite your risk management program to enable cybersecurity.

    Qualifying participants will earn 1 CPE credit.

    Learning Objectives:

    - Discover how to identify, catalog, and prioritize risks across the enterprise
    - Find out how to quickly measure critical activities and address inherited risk
    - Learn how to gain efficiency and effectiveness of current risk-management approaches
  • CPE Webinar: Critical Actions to Finalize Your GDPR Compliance Program: Part 2 Recorded: Jan 30 2018 78 mins
    Dr. Branden Williams, with Timothy Yim, Imperva; Barbara Cosgrove, Workday; Sue Habas, ASG; and Naheed Bleecker, TrustArc.
    The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

    In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.
  • CPE Webinar: Critical Actions to Finalize Your GDPR Compliance Program: Part 1 Recorded: Dec 12 2017 71 mins
    Dr. Branden Williams; Chris Covell, Absolute, Jake Olcott, BitSight, Brian Philbrook, OneTrust, and Marshall Toburen, RSA
    Attendees can earn 1 CPE credit on this session.

    The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

    In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.
  • Digital GRC: Innovations for Early Identification and Management of Risk Recorded: Nov 16 2017 62 mins
    Moderated by Colin Whittaker; Yo Delmar, MetricStream; Jason Ford, Contegix; and Cameron Jackson, Riskonnect
    Attendees can earn 1 CPE credit on this session.

    Digitization has become deeply embedded in enterprise strategy, as nearly all businesses and activities have been slated for digital transformations. The significant advantages of digitization, with respect to customer experience, revenue, and cost, have become increasingly compelling, and we are starting to see digital transformations in risk create real business value by improving efficiency and the quality of risk decisions.

    The state of risk management at most global, multiregional, and regional banks is abundant with opportunity. Current processes are resource intensive and insufficiently effective, as indicated by average annual fines above $400 million for compliance risk activities alone. By improving the efficiency and effectiveness of current risk-management approaches, digital risk initiatives can reduce operating costs for risk activities by up to 30 percent, and a digitized risk function can provide better monitoring and control and more effective regulatory compliance. On this webinar our panel of experts will discuss digital innovations for risk management success.
  • CPE Webinar: A Data Security Survival Guide in an Interconnected World Recorded: Oct 25 2017 66 mins
    Rebecca Herold, The Privacy Professor; M P. Suby, Frost & Sullivan; Deral Heiland, Rapid7; Bharath Vasudevan, ForcePoint
    Attendees can earn 1 CPE credit on this session.

    As the number of internet-connected devices skyrockets into the billions, a data security strategy is an increasingly important part of any organization’s ability to manage and protect critical information. Enterprises are migrating to the cloud in droves, however, protecting data in the cloud remains a challenge as employees push to access cloud apps from any device, anywhere. In the last year alone, 1 in 3 organizations were hacked more than 5 times, and with the increased number of attacks the financial cost of security incidents is also rising.

    In many cases, breaches are caused by a combination of benevolent insiders, targeted attacks, and malicious insiders. For example, targeted attacks are often enabled inadvertently by well-meaning insiders who fail to comply with data or security policies, which can lead to a data breach. In this webinar, our panel will discuss major trends impacting cyber security – from the rising frequency of attacks and types of threats that organizations should be concerned about the most, and they will adress the risks, priorities, and capabilities that are top of mind for enterprises as they migrate to the cloud.
  • A Tactical Guide to Reducing Your Data Breach Risk Recorded: Aug 29 2017 71 mins
    Dr. Branden Williams; Farshad Ghazi, HPE; Yo Delmar, MetricStream; Jordan Rogers, Rapid7; and Billy Sokol, MarkLogic
    Over 90% of the world’s data has been generated in the last few years. Accompanying this rapid growth in data comes exponential risks, as witnessed by the spike in cyber attacks of which no organization seems immune. The financial rewards gained by the perpetuators of cyber attacks is blatant, and this is driving continued attacks on companies containing massive amounts of consumer data. For these companies securing data is only half the battle. The risks can be greater when data is transmitted externally, hence it is critical that organizations know where sensitive data is going, how it is being transmitted, and how it is being handled and stored.

    On this webinar our panel of experts will discuss some of the best practices organizations can consider to reduce the risk of suffering from a data breach, and to proactively prepare for any subsequent breach that could happen.
  • Orchestrating Effective IT Risk Management Across the Lines of Defense Recorded: Aug 8 2017 65 mins
    Kelley Vick, IT GRC Forum; Cameron Jackson, Riskonnect; Weston Nelson, Moss Adams Advisory Services
    Today’s IT risk environment is more threatened than ever thanks to the growth in sophisticated cyber attacks and security vulnerabilities. Now, complex, hard-to-detect attacks could bring down not just a single institution but also large parts of the internet and the financial markets. Organizations need an intelligent approach when it comes to assessing IT risk and managing compliance.

    Staying safe is no longer just about deflecting attackers. It’s about staying ahead of attackers who are already inside the organization, and banks are doing this through structured lines of defense that enhance security capabilities, involve IT risk managers in operations, and expand internal audits mandate so they can cover business disruption. On this webinar presentation we will address some ways how organizations can as a part of an Integrated Risk Management initiative orchestrate effective IT risk management across the lines of defense.
  • Data-Centric Security for GDPR Compliance Recorded: Jun 27 2017 74 mins
    Moderated by Mark Chaplin, ISF; with panelists: Carole Murphy, HPE; Les McMonagle, Blue Talon; Cheryl Tang, Imperva.
    In today’s threat landscape, traditional approaches to securing data are falling short. Since 2015 we have seen some of the largest data breaches ever and it is clear that no industry or organization is immune from cyber attacks. The threat landscape is increasingly dangerous, while new technologies are distributing sensitive data farther across locations, devices and repositories. Starting in May 2018, enforcement will kick in on the European Union’s General Data Protection Regulation (GDPR), a move that could have a stronger privacy/security standardization effect than any technological effort has to date. Globalization efforts will make GDPR compliance essential for global companies wherever they are located.

    The development of a comprehensive data-centric security program, including data discovery, classification, encryption, and file protection, can uniquely position your organization to protect what matters most, and make security move with your data to comply with global regulations such as GDPR. On this webinar our panel of experts will discuss the key points that you should consider when developing such a program for your organization.
  • Strategies for Effective 3rd Party Risk Management Recorded: May 23 2017 63 mins
    Scott Roller, Founder of 3WP; Rebecca Herold, Privacy Professor; Sam Kassoumeh, SecurityScorecard. James Christiansen, Optiv.
    The challenges that organizations face today are increasingly more complex than in the past. The constant change of the global economy, dynamics of business risks and opportunities, and an increased threat of cyber-attacks add complexities we’ve never faced. As organizations rely on more and more third parties to grow and thrive, they’re exposed to higher levels of risk, and regulators are focused on the need for organizations to manage 3rd party risk more effectively.

    Manual processes, silos in contract administration, and technology and resource constraints can all lead to significant errors in the third party supply chain that leads to violation of privacy guidelines and security breaches, which cause substantial fines, penalties, and damage to brand value. On this webinar our panel of experts will discuss the risks and repercussions associated with third party contract management shortcomings, common gaps in third party contract management processes, examples of how new solutions and technologies can help organizations optimize their third party processes, and effective strategies for managing 3rd Party Risk.
  • Streamlining Your Data-Security Program to Meet Regulatory Change Recorded: Apr 4 2017 60 mins
    Colin Whittaker, Moderator; Vibhav Agarwal, MetricStream, Mark Bower, HPE Security - Data Security, and Brian Kelley, IDERA.
    Data security and the challenge of data protection is increasing in scope and difficulty. The massive volume of data that businesses are collecting is growing exponentially, and managing compliance delivery is a daunting task with huge negative consequences for getting it wrong. While organizations have long needed to safeguard intellectual property and confidential information, changes in information technology and business models introduce new threats, and new regulations. Governments and industry bodies are imposing new regulations to motivate organizations to protect the privacy and confidentiality of information. Responsibilities can vary widely by region and by industry, and staying on top of an ever-shifting regulatory landscape is complex and challenging, but it isn't impossible.

    Successful organizations coordinate enterprise-wide regulatory compliance activities with tools to identify and address new and changing regulations, and are able to map the impact of these regulations across the entire infrastructure, and prioritize compliance activities according to business impact. By deploying a consistent, sustainable, scalable and measurable process for managing regulatory change, they are able to eliminate manual, non-scalable and non-strategic activities to reduce the cost and improve the speed of regulatory compliance programs.

    On this webinar our panel of experts will discuss the key points to streamline your data-security program and meet regulatory change.
  • Key Steps to Implement & Maintain PCI DSS Compliance in 2017 Recorded: Feb 28 2017 60 mins
    Dr. Branden Williams; Smrithi Konanur, HPE Security; Kevin Eberman, Mineraltree; Asma Zubair, WhiteHat Security
    In today’s digital landscape, it’s much easier for criminals to access sensitive payment card data, not only gaining direct access to a consumer’s available funds, but also their personal identity. With cyber attacks becoming much more advanced, the PCI DSS standard has been forced to adapt to address these new threats.

    However, PCI compliance is something that any organization can successfully achieve. The requirements of PCI DSS are clear, but it takes work to accomplish compliance across an organization. On this webinar our panel will discuss some best practices, and solutions that provides your business with an easy, cost effective and highly automated way to achieve compliance with PCI DSS in 2017.
Empowering the GRC Community
The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Tokenization: Secure Payment Data & Simplify PCI Compliance
  • Live at: Sep 14 2011 7:00 pm
  • Presented by: Moderator: Brandon Dunlap (Brightfly). Panel: Derek Brink (Aberdeen Group), Dave Glaser (CyberSource), Alex Quilter (Qualys)
  • From:
Your email has been sent.
or close