Browse communities
Browse communities
Presenting a webinar?

"Enterprise Security Risk Management" - Part 2

Doug Powell, Steve Hunt
Doug Powell, Manager of SMI Security, Privacy & Safety at BC Hydro, and Steve Hunt, CEO of Hunt Business Intelligence, continue the discussion on ESRM for Critical Infrastructure protection. Key topics include integrating operational, technological, and physical security; the criticality of people, process, and technology in CI protection; and the need for a unified GRC model to make business run better.
May 21 2014
59 mins
"Enterprise Security Risk Management" - Part 2
Join us for this summit:
More from this community:

IT Governance, Risk and Compliance

  • Live and recorded (3356)
  • Upcoming (51)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • GRC Process Automation Apr 2 2015 3:30 pm UTC 60 mins
    Carlos Krause, CISSP, Head of Professional Services - Modulo
    Many organizations still use spreadsheets and emails for business critical processes related to Governance, Risk, and Compliance (GRC) management. These more “manual” processes become burdensome as infrastructure scales out or new compliance and policy requirements emerge. Without a traceable and efficient way to perform, track, and report GRC assessment results, organizations face the possibility of failing audits, costly fines, and reputation damage.

    Modulo’s solutions for GRC help automate processes, which improve the efficiency and traceability of GRC activities. Modulo’s Risk Manager™ software automates GRC tasks based on both proven processes aligned with international standards and on your own established methodologies.

    In this session, learn how to:
    • Align processes to the “plan, do, check, act” methodology
    • Replicate and improve internal processes using an easily configurable workflow tools
    • Build and send user-friendly, traceable surveys
    • View assessment results in detailed and high-level dashboards and reports
    • Leverage audit log to monitor the history of assessment participation and issue remediation
  • GRC inside-out: Preparing for & deploying GRC automation Recorded: Feb 26 2015 67 mins
    Carlos Krause, Modulo & Tony UcedaVelez, VerSprite
    Good security risk management begins with a repeatable process within security governance, risk management, and compliance (GRC). GRC and many security risk management processes fail when organizations rely too much on point-solution technologies rather than repeatable processes.

    Do you have an optimal security risk management program? Two experts discuss security risk management best practices and “quick-win” GRC automation opportunities. In this live webinar, learn how to:

    Create governance for security risk management
    Identify gaps in foundational processes
    Build a GRC automation deployment timeline
  • Modulo Risk Manager: What's New v9.1 Recorded: Jan 21 2015 15 mins
    John Ambra, Chief Product Officer, Modulo
    Demo video of Modulo Risk Manager Version 9.1, featuring enhanced functionality for the following Modulo Risk Manager’s modules: GRC Intelligence; Policy; Organization, Risk, Compliance, Workflow; as well as improved system stability and performance, low-impact bug fixes and a new version of the installer, released initially for internal use, to help speed up the installation process.
  • Is Your Vulnerability Management Program Vulnerable? (Part 2) Recorded: Dec 18 2014 59 mins
    Carlos Krause, Manager of Professional Services, CISSP, CISA, MCSO
    Is your vulnerability management program vulnerable? If you are unsure or answered “yes," sign up to join Carlos Krause, Modulo’s lead technical consultant for Part 2 of this two-part webinar series.

    In Part 1, Carlos identified key challenges and pitfalls most vulnerability management programs face. In Part 2, he will outline best practices and action items to improve your vulnerability management process, including how to:

    *Integrate your vulnerability management program with the risk and compliance actions in the organization
    *Harmonize vulnerability metrics with other programs and assessments
    *Represent risks in a business language
    *Plan and deploy a successful implementation

    Carlos Krause presented this topic at ISACA ISRM 2014 at a record-setting Megatrend Session. Due to its popularity, we wanted to bring it to you in a webinar series. Don’t miss out!
  • Is Your Vulnerability Management Program Vulnerable? (Part 1) Recorded: Dec 11 2014 56 mins
    Carlos Krause, Manager of Professional Services, CISSP, CISA, MCSO
    In this webinar, Carlos Krause, Modulo’s lead technical consultant, will identify key challenges and pitfalls most vulnerability management programs face, including how to:

    *Understand the main components and steps of an efficient vulnerability management program
    *Define requirements and criteria for scoping, collecting, analyzing, evaluating, accepting, and treating vulnerabilities
    *Identify the pitfalls of a typical vulnerability management implementation

    To learn more about best practices and action items to improve your vulnerability management process and reduce enterprise risk, join us for Part II on Thursday December 18 at 11:30am ET.
  • Adapting Your Risk Management Framework for New Regulations Recorded: Oct 22 2014 60 mins
    Lillibett Machado, MBA, CISA, CISM, CGEIT, CRISC, ITIL-BSM
    Cadence Bank recently established the Technology & Operations Governance and Risk Management under the Enterprise Risk Management function reporting to the Board of Directors of the bank. On a recent regulatory audit, the ERM team was recognized for achieving a workable governance framework and integrating the Technology Governance and Risk Management, using Modulo’s GRC automation software as the technology to help execute all our risk and compliance assessments. GRC automation software facilitated Cadence Bank’s objective of achieving the implementation of the new regulatory requirement of the “Three Levels of Defense” being enforced by the regulatory agencies.

    Learn how in this case study, as Cadence Bank’s CISO Lillibett Machado discusses ways to develop a technology GRC framework and use automation to facilitate the new functions required for the CISO’s responsibilities within GRC.
  • Proven Risk Management Automation Methods in Ten Use Cases Recorded: Oct 8 2014 61 mins
    Rich Licato
    This webinar features Modulo Risk Manager customer Rich Licato, Managing Director, Corporate Security for Airlines Reporting Corporation (ARC). Rich explores the breadth of GRC use cases ARC has deployed, including:

    - Audit Remediation
    - Vulnerability Management / Pen Testing
    - PCI and ISO Compliance
    - SANS Top 20 Critical Security Controls
    - Vendor Management
    - Employee Policy Attestation
    - Operational Incidents
    - Enterprise Risk Management
    - Metrics
    - Business Continuity

    Rich will discuss some of his strategies around deploying the different applications of GRC automation and share the highlights of his successes.
  • "Is Security Unachievable?" Recorded: Sep 17 2014 62 mins
    Doug Powell of BC Hydro and Steve Hunt of Hunt Business Intelligence
    As we move toward interconnected, "smart" systems, security professionals must play a focused role in enterprise risk management. Doug Powell, critical infrastructure protection professional and security industry thought leader, and Steve Hunt, security industry luminary and analyst, team up to debate the continually increasing complexity of the environment in which security professionals operate, in light the Snowden breach, the Internet of Things, cyberhackers, and looming national threats. During this webinar, Powell and Hunt will debate the possibility of achieving true security and give some practical, actionable recommendations for modern age security risk management. Questions addressed include:

    • Does physical security have any impact on information protection?
    • Is it possible for IT, Operational Technology, and physical security to work together?
    • Can an integrated process and program ensure security meets business objectives?
  • Governance, Risk, and Compliance for Physical Security Recorded: Sep 4 2014 6 mins
    Modulo, LLC
    A 5 minute guide on how to get the most out of integrating physical security risk management within an automated GRC program.
  • Physical-IT Risk Convergence in Practice Recorded: Aug 13 2014 57 mins
    Steve Hunt and Marco Conti
    Expert Analyst Steve Hunt of Hunt Business Intelligence and Modulo's Marco Conti present perspectives on theoretical versus applied convergence of physical and IT security.
  • Beyond IT: Third Party Risk Recorded: Jul 15 2014 53 mins
    Steve Bartolotta, Yale New Haven Health System
    When an automated third party risk management program is in place, risk assessments are performed more efficiently and effectively, allowing for additional analyses on third party criticality and faster, smoother expansion of third party networks. The right third party risk solution will also increase visibility and report security and compliance based on the activities and departments third parties support.

    Watch this end-user case study and learn how to…

    - Understand the basics of risk and risk management
    - Understand the importance of utilizing a risk management process
    - Be able to identify, analyze, evaluate, and manage your enterprise third party risks
    - Consider GRC to automate and synchronize efforts in your third party risk management
  • Optimizing Governance & Risk Management in an Age of Advanced Threats Recorded: Jul 1 2014 50 mins
    Steve Hunt and Vic Wheatman
    Steve Hunt of Hunt Business Intelligence and SecurityCurrent analyst Vic Wheatman present how to prepare for and manage risk in an “age of advanced threats."
  • Supply Chain Security Risk Management Recorded: Jun 4 2014 51 mins
    Barrett Hightower & Portia Mllls
    With ever increasing security threats and other widespread supply chain disruptions, Supply Chain Security (SCS) is now officially a reality of both day-to-day business and trade compliance. View this webinar to learn how Supply Chain Security (SCS) Risk Management addresses heightened threats to the supply chain including cyber-terrorism, organized crime, theft and tampering, and country-of-origin risks.
  • "Enterprise Security Risk Management" - Part 2 Recorded: May 21 2014 59 mins
    Doug Powell, Steve Hunt
    Doug Powell, Manager of SMI Security, Privacy & Safety at BC Hydro, and Steve Hunt, CEO of Hunt Business Intelligence, continue the discussion on ESRM for Critical Infrastructure protection. Key topics include integrating operational, technological, and physical security; the criticality of people, process, and technology in CI protection; and the need for a unified GRC model to make business run better.
  • ”Enterprise Security Risk Management” - Part 1 Recorded: May 6 2014 60 mins
    Doug Powell, Steve Hunt
    Doug Powell, Manager of SMI Security, Privacy & Safety at BC Hydro, and Steve Hunt, CEO of Hunt Business Intelligence, present ESRM for Critical Infrastructure protection. Key topics include integrating operational, technological, and physical security; the criticality of people, process, and technology in CI protection; and the need for a unified GRC model to make business run better.
  • What's New Modulo Risk Manager v8.4 Recorded: Apr 22 2014 41 mins
    John Ambra
    Modulo Director of Technical Services John Ambra walks Risk Manager users through the latest version 8.4, and answers user questions at the end.
  • "You, Too, Can Enjoy Being Audited!" Recorded: Apr 16 2014 56 mins
    David Moule
    David Moule, Manager of IT Security Operations at Allied Irish Bank, discusses how AIB has leveraged Modulo Risk Manager™ to mature their Vulnerability Management process, remedy “on the fly” VM needs, and successfully navigate an internal audit.
  • Business Relevant IT Risk Management Recorded: Mar 11 2014 55 mins
    Carlos Krause, CISSP, Manager of Professional Services
    Business Relevant IT Risk Management for IT. Audit, Assurance, Security, Risk and Governance professionals. Learn how you can develop a GRC program that encompasses broader Enterprise Risk Management initiatives.
  • Effective ERM for Security Officers, a Customer Case Study Recorded: Jan 15 2014 56 mins
    Rich Licato, Managing Director, Corporate Security ARC
    Rich Licato, Managing Director, Corporate Security Airline Reporting Corporation (ARC) and Modulo customer will discuss how he built his GRC program to include ERM. By tackling his goal to automate the ISO27001 certification process and ongoing risk assessments, he established a platform upon which he could establish successful and effective ERM. `
  • Incident Response, Plans and Procedures: Part 3 Recorded: Dec 4 2013 45 mins
    Carlos Krause, CISSP, CISA, MCSO, Manager of Professional Services, Modulo
    Improve your Business Continuity Management: learn effective methods for BCP and DRP execution, and more.
Flexible, scalable, affordable :: Solutions for GRC
Modulo provides flexible, scalable and affordable GRC solutions for the leaders in information and risk management. Modulo's software solutions for governance, risk, and compliance allow users to better manage technology risk, compliance, and policy requirements, monitor critical assets, and ensure good governance and business continuity.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: "Enterprise Security Risk Management" - Part 2
  • Live at: May 21 2014 4:30 pm
  • Presented by: Doug Powell, Steve Hunt
  • From:
Your email has been sent.
or close
You must be logged in to email this