The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.

Earn 1.5 CPE Credits on this webinar.

Cybersecurity and compliance go hand in hand. In this webinar, we will delve into the latest cybersecurity disclosure rules mandated by the U.S. Securities and Exchange Commission (SEC) and explore how organizations can effectively navigate and comply with these regulations. 

Join us to strengthen your organization's cybersecurity posture and resilience against cybersecurity risks, as we take a deep dive into the new rules and the specific reporting processes set to take effect on December 15, 2023. Attendees will earn 1.5 CPE credits and learn about:

• The recently enacted SEC cybersecurity disclosure rules and their implications for publicly traded companies.
• Best practices for aligning cybersecurity policies and practices with regulatory requirements to ensure compliance.
• The core cybersecurity practices necessary to establish a resilient compliance posture.
• Actionable takeaways and a roadmap for implementing robust cybersecurity disclosure practices within their organization.

CPE | Adopting the New SEC Cybersecurity Rules for Compliance Resilience

Earn 1.5 CPE Credits by attending

In today's dynamic business landscape, effective risk management is essential for organizations to safeguard their assets, reputation, and long-term success.
During this CPE accredited webinar, our expert panel will delve into the intricacies of measuring the return on investment (ROI) of your risk management program. We will explore practical strategies, methodologies, and key performance indicators (KPIs) to help you quantify the value your risk management initiatives bring to your organization. Attendees will learn how to:
• Define and align measurable objectives for your risk management program.
• Identify relevant KPIs to assess the effectiveness of your risk management efforts.
• Techniques for collecting and analyzing data to measure ROI accurately.
• Evaluate the financial and non-financial impact of risk management activities.
• Communicate ROI findings to stakeholders for enhanced decision-making.

CPE | How to Measure the ROI of Your Risk Management Program

Earn 1.5 CPE Credits on this webinar

In today's interconnected business landscape, organizations heavily rely on third-party vendors, suppliers, and partners. While these collaborations offer numerous benefits, they also introduce potential risks and vulnerabilities that need to be proactively managed.

In this CPE webinar, our panel of experts will delve into the latest strategies, tools, and techniques empowered by artificial intelligence (AI) that can revolutionize your organization's approach to identifying, assessing, and mitigating third-party risks. Attendees will gain valuable insights into leveraging targeted Risk Intelligence, enhanced by AI, to drive effective TPRM. 

Join us to gain an understanding of:

• The concept of targeted Risk Intelligence and explore how AI can amplify its application in enhancing TPRM.
• Potential risks and vulnerabilities associated with third-party engagements through the integration of AI-driven risk assessment methodologies.
• Practical strategies for mitigating third-party risks by harnessing the power of targeted Risk Intelligence complemented by AI capabilities.
• The transformative potential of automation, analytics, and AI in streamlining risk assessment processes, empowering data-driven decision-making, and ultimately enhancing the overall effectiveness of your TPRM practices.

CPE | Harnessing AI for Enhanced TPRM: Driving Targeted Risk Intelligence

Earn 1.5 CPE Credits on this webinar

In today's interconnected business landscape, managing risks associated with third-party relationships has become crucial for organizations across industries. Continuous Controls Monitoring (CCM) offers a proactive approach to monitor and mitigate risks by continuously evaluating controls and compliance measures. 

Join our expert panel on this CPE webinar and equip yourself with the knowledge and practical guidance needed to implement CCM effectively for third parties, and:

• Understand the significance of CCM in the context of third-party risk management: Discover why traditional point-in-time assessments are no longer sufficient and how CCM provides real-time insights into the effectiveness of controls implemented by third parties.
• Learn the key steps involved in implementing CCM for third parties: Gain practical knowledge of the step-by-step process required to establish a robust CCM program, including defining control objectives, selecting appropriate monitoring techniques, and setting up an automated monitoring system.
• Explore best practices for selecting and assessing third-party controls: Identify the critical factors to consider when evaluating third-party controls and gain insights into effective control assessment methodologies that align with CCM principles.
• Discover strategies to enhance third-party risk mitigation through CCM: Explore how CCM enables organizations to identify and address control gaps and non-compliance issues in real time, enhancing risk mitigation efforts and fostering stronger relationships with third parties

CPE | Key Steps to Implement Continuous Controls Monitoring for Third Parties

This is an exclusive immersive workshop, where you'll have the opportunity to explore various critical security aspects, such as safeguarding against insider threats, preventing unauthorized access, and eliminating local admin rights. The best part: you'll have the power to choose which problems our experts will face! The session will be filled with practical insights, best practices, and an in-depth demonstration of the Netwrix PAM Solution, showcasing how it can revolutionize your organizational security posture.

Join us for an interactive webcast featuring two cybersecurity heroes from Netwrix: Jeremy Moskowitz and Martin Cannard. Jeremy Moskowitz, CTO, and Founder of PolicyPak, and an 18X Microsoft MVP, brings his extensive expertise to the table, alongside Martin Cannard, an experienced technologist with over 30 years of specialization in Privileged Access Management.

Together, they will guide you on an exciting security adventure tailored to your needs. During the session, you will learn how to:

- Thwart cyberattacks by removing unmanaged privileged accounts.
- Minimize security risk related to privileged access, enhance team performance and pass audits with less effort.
- Strengthen the security and compliance posture of workstations across the organization without interrupting end-user productivity.

Interactive Cybersecurity Adventure: Exploring Privileged Access

Ransomware attacks have become more frequent and sophisticated, causing significant damage and financial loss to businesses of all sizes. According to Verizon’s 2022 data breach report, ransomware attacks saw a 13% increase in the past five years. The first half of 2022 saw nearly 236.7 million ransomware attacks worldwide, and the average cost of a ransomware attack was $1.85 million.

Statistics reveal that a ransomware attack will occur every 2 seconds by 2031. How well is your compliance team prepared?

Join our panel of experts on this CPE webinar as we discuss the emerging trends and best practices to combat ransomware and be better prepare for escalating cybersecurity threats, including how to:

- Understand the latest trends and tactics used by cybercriminals to launch ransomware attacks, including the use of advanced techniques like double extortion.
- Identify the key components of a comprehensive ransomware protection strategy, including backup and recovery, network segmentation, and employee training.
- Evaluate different ransomware defense solutions, such as endpoint protection, threat intelligence, and incident response planning, and select the most appropriate approach for their organization's needs.
- Learn from real-world examples and case studies of ransomware attacks and their impact on businesses, and apply these lessons to enhance their own security posture and resilience.

Emerging Trends & Best Practices to Combat Ransomware

Are you looking for effective strategies and tactics to improve group and identity management within your organization? Join us for an insightful webinar tailored specifically to address the challenges faced by IT professionals. In this webinar, we will explore best practices and techniques that enhance security, compliance, and efficiency in group and identity management.

Key topics to be covered include:

•     Industry-Leading Approaches for Efficient Group and Identity Management.
•     Strategies For Scalability and Adaptability in A Changing Enterprise Landscape.
•     Leveraging Tools to Streamline Group and Identity Management
•     Real-World Case Studies Highlighting Successful Implementations.

Join us with Jonathan Blackwell as we discuss the best practices that drive efficient and secure group and identity management.

Register now to reserve your spot.

Enterprise Best Practices for Group and Identity Management

In today's digital landscape, effective communication is crucial for ensuring cybersecurity across organizations. However, conveying cybersecurity concerns to both executives and employees can be a daunting task. 

Attend this CPE webinar to enhance your cybersecurity communication skills and effectively convey cybersecurity concerns to executives and employees, bridging the gap between technical complexities and organizational awareness. Our expert panel will address:

- How to translate technical cybersecurity jargon into business-oriented language that resonates with executives, enabling you to effectively articulate risks, potential impacts, and necessary security measures.
- Innovative methods for designing and implementing employee awareness programs that effectively communicate cybersecurity concerns. 
- Strategies for engaging employees, fostering a security-conscious culture, and promoting active participation in maintaining a secure digital environment.
- How to create compelling presentations that capture executives' attention and effectively communicate cybersecurity concerns. 
- Techniques for fostering collaborative relationships between cybersecurity teams, IT departments, and executives.

Note: The webinar will feature expert speakers with extensive experience in cybersecurity, communication, and organizational management. Interactive Q&A sessions will be included to address participants' specific challenges and provide tailored guidance.

How to Communicate Cybersecurity Concerns to Executives and Employees

Third-party incidents can occur at any time and can lead to significant disruptions in business operations. Traditional methods of managing third-party security risk are lagging behind the reality of today's threat landscape. By building future proofed supplier risk management practices, you can dramatically lessen the time it takes to onboard new suppliers, while simultaneously reducing organizational security risk to an acceptable level.

This CPE webinar will cover the best practices and steps involved in innovating traditional TPRM monitoring and management practices. We will discuss various approaches that organizations can take to streamline these workflows and address existing gaps in visibility. Join us to learn how you can keep pace with the evolving threat targeting the supplier ecosystem, and:

 - Understand pitfalls of the traditional method of managing third party risk
 - Learn about the different steps involved in simplifying third party incident reporting and management workflows.
 - Discover the benefits of innovating TPRM programs, including increased efficiency and reduced costs.
 - Explore how automation can be applied to the growing area of software risk including commercial software, third-party development, and software supply chain assurance

Innovating 3rd Party Security Risk Monitoring & Management

Earn 1.5 CPE Credits on this webinar

Prepare to be captivated as Brian Johnson, a skilled white-hat hacker, embarks on a daring mission to infiltrate privileged accounts, with intentions ranging from illicit data acquisition to espionage and disruption of critical systems. The burning question lingers: Will he succeed in his audacious endeavors?

Secure your front-row seat at the exhilarating Hacker vs Netwrix live cyber battle, where you will witness firsthand the meticulous step-by-step unraveling of various common attacks. Immerse yourself in the revelation of how the implementation of the principle of least privilege across endpoints can emerge triumphant in salvaging the situation.

In this real-time spectacle, Netwrix will demonstrate its prowess in defending against a multitude of attacks, and attendees will gain an understanding of:

- White-hat hacker roles and motives in infiltrating privileged accounts.
- Common attack techniques: local admin access, lateral movement, RDP abuse, local admin rights, downloadable malware, and USB exploitation.
- The principle of least privilege and its role in securing endpoints.
- Netwrix's defense strategies showcased in the live cyber battle.
 

Don't miss this extraordinary opportunity to witness the relentless clash between hackers and defenders, unfolding right before your eyes.

Ultimate Cyber Battle: Detect & Defeat the Most Common Attacks

Third-party risk management (TPRM) is a crucial aspect of any organization's overall risk management strategy. With the increasing reliance on third-party vendors, contractors, and service providers, it's more important than ever to understand the risks associated with these relationships and take steps to mitigate them.
To effectively manage third-party risk, organizations must be able to track the right metrics. On this CPE webinar, we'll look at the core metrics that organizations should track and how they can be tracked. Attendees will learn about:

• The core metrics that you should track to effectively manage for third-party risk.
• How to identify, measure, and track key metrics to assess third-party risk.
• Different approaches to measuring and tracking third-party risk.
• Practical insights and best practices for effectively managing third-party risk using metrics.

This webinar is designed for risk management professionals, compliance officers, and senior executives who are responsible for managing third-party risk within their organizations. Whether you are new to the field or have been working in third-party risk management for some time, this webinar will provide you with the knowledge and tools you need to effectively track and manage third-party risk.

Third-Party Risk Management Core Metrics to Track and How to Track Them

In today's digital world, data access governance has become a crucial aspect of protecting sensitive information. Organizations are facing increasing challenges when it comes to managing data access and ensuring the security of their critical data. Join our upcoming webinar to learn about best practices for data access governance and how Netwrix solutions can help simplify this task. During the webinar, we will discuss the following topics:

- The importance of data access governance in the digital age
- Best practices for identifying and classifying sensitive data
- Techniques for implementing access controls and permissions
- Strategies for monitoring and auditing data access
 
Netwrix offers a comprehensive suite of solutions that help organizations automate data access governance tasks, reducing the risk of data breaches and improving compliance with data protection regulations. Join us to learn more about how Netwrix solutions can simplify your data access governance tasks, and protect your sensitive information in the digital age.

Data Access Governance in the Digital Age

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is one of the leading frameworks for private and public sector cybersecurity maintenance and used by organizations of all sizes. The Framework helps to secure information systems and guide key decision points about risk management activities through the various levels of an organization from senior executives, to business and process level, and operations.

NIST has issued special publications focused on improving Third-Party Risk Management (TPRM) and Supply Chain Risk Management (SCRM), however this isn’t a light read. With 5 functions, 23 categories, and 108 subcategories, identifying the NIST CSF security controls applicable to cyber supply chain risk management is a daunting task. On this CPE webinar we will address the specific security controls for third-party information security management and explain how to align risk management processes against these requirements, including how to:

- Prioritize and assess third-parties using a cyber supply chain risk assessment process,
- Develop processes for continuously monitoring third-party security postures, and determining control effectiveness,
- Identify security gaps and conduct response action plans with suppliers and third-party providers,
- Track the progress of implementing the NIST framework through a 4-tier maturity scale.

A Deep-Dive into TPRM & NIST Framework Integration

Active Directory controls access to critical systems and data for organizations around the world — but it is not always managed securely. That makes it a top target of attackers.

How can you best protect your organizations from these attacks? And when they happen, how can you detect them promptly and respond effectively?

Learn from the experts how you can secure your Active Directory from end to end and gain peace of mind. Jeff Forsyth (PreSales Engineer at STEALTHbits Technologies) and Sander Berkouwer (CTO at DirTeam and 14-time Microsoft MVP) will explain how you can:

·   Identify and mitigate AD security risks before attackers can exploit them.
·   Promptly detect and contain active threats.
·   Quickly recover from incidents to ensure business continuity.

 Join us to become the Active Directory security hero your organization needs!

[Attack]tive Directory: How To Overcome Exploits and Prevent Attacks

Cybersecurity is one of the largest concerns facing businesses today and hackers continuously develop diverse ways of penetrating your cybersecurity defences. By adopting the mindset of a hacker, you can be one step ahead of malicious attacks and improve your cybersecurity infrastructure.

On this CPE webinar our panel of experts will address how and why security gaps arise in IT security posture, and provide some hacker tactics that you can use to identify those gaps. Attendees will gain insights on how to: 

- Conduct a thorough investigation of your systems by “footprinting” your entire system,
- Run penetration tests to identify the vulnerabilities that exist, 
- Perform a gap analysis to catch and close gaps as quickly as they open, across both your own systems or that of third-party vendors,
- Create a culture of cybersecurity with security awareness training to reduce the risk posed by your employees.

Think Like a Hacker: Tactics to Identify Gaps in Your IT Security Posture

The cyber threat landscape grows exponentially each year. Third-party cyber data breaches like the Kaseya data breach, a cyberattack that affected over 1,500 organizations, have prompted regulators to raise cybersecurity standards. In the United States, the Biden Administration aims to improve nationwide cybersecurity with an executive order. The 100-day plan aims to modernize federal infrastructure, improve supply chain security, establish a cybersecurity review board and more.

Gaining visibility into the security risks your supply chain or third-party vendors pose to your organization is a necessity among cybersecurity leaders. Next-generation cybersecurity practices will require organizations to align both internal and external cybersecurity risk processes to create a standardized process to facilitate effective third-party cyber risk mitigation. On this webinar as we explore the intersection of third-party risk management and cybersecurity best practices. We’ll review new strategies and outline the steps to mature your program, and you will learn how to:

∙ Map external third-party risk to internal cybersecurity controls,
∙ Evaluate control effectiveness internally and externally to track issues over time and stay ahead of future incidents,
∙ Prioritize third-party risk projects based on control gaps and domain inefficiencies,
∙ Build a cybersecurity program that protects against internal and external threats.

Aligning Cybersecurity Best Practices with Third-Party Risk

The state of cybersecurity feels volatile. Despite massive worldwide spending on risk management to the tune of $150 billion, cyber attacks keep happening. Ransomware attacks doubled in 2021, with average ransomware recovery costs doubling to $1.85 million and average downtime increasing to 22 days. Within the next few years, nearly half of companies worldwide will experience cyber attacks on their software supply chains. As companies scramble to respond to exploding cyber incidents and a massive threat landscape, they’re looking for cyber insurance coverage to protect themselves. 

But cyber insurers are responding to these industry challenges too. Many are rethinking their underwriting decisions altogether. The result? Stricter underwriting standards, tighter coverage expectations, increased premiums, and more denied applicants. As companies look to gain or expand their cyber coverage and negotiate premiums, they need to effectively demonstrate their risk profile to insurers. By improving their cybersecurity strategy and showcasing the effectiveness of their program, companies have a better chance to get the right cyber insurance coverage at an ideal premium. 

In this webinar, hear from experts in the field of cyber insurance, and learn about:

- A cyber insurer’s strategy to underwriting policies
- The top 10 concerns that cyber insurers have
- How to strengthen your security posture to influence coverage

Register today!

Navigating the Impacts of Your Security Performance on Cyber Insurance

In an interconnected, ever- changing digital world, how well your data is secured across your supply chain is a matter of great importance. Failing to adequately screen vendor security risks can lead to data breaches, which can shut down operations, damage customer trust, and incur hefty regulatory penalties.

Security ratings can help you grade your security performance, as well as that of your third- party vendors, by analyzing how well information is protected from external threats and breaches. Attend this webinar to learn how to use security ratings in TPRM, including how to:

- Grade your security performance and understand risk across your supply chain, including your vendors and business partners,
- Add context to your inherent risk tiers and gain visibility into the health of your vendor ecosystem,
- Increase accuracy across vendor risk assessments and continuous monitoring processes,
Speed up response and remediation efforts with real- time alerts on cybersecurity findings.

How to Utilize Security Ratings in Third-Party Risk Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.