Name: Innovating Defence: The life of a Risk Operations Centre (ROC) Analyst
Start: 2022-07-28T12:00:00Z
End: 2022-07-28T12:00:44.000Z
Location: BrightTALK
Rating: 4

A thought-provoking webinar programme developed from over three decades of collaborating with our Members across global business, government bodies, legislators and cyber security experts.

As 2026 approaches, the cyber threat landscape is accelerating. While AI-driven autonomous attacks, deepfake-enabled social engineering, and advanced phishing campaigns are redefining adversary tactics, supply chain and ecosystem attacks exploit growing interconnectivity and third-party dependencies. The looming impact of Quantum computing on encryption, rising geopolitical tensions, and the emergence of cyber-physical warfare all add new layers of complexity.

In this environment business leaders and their security teams must work together to rethink resilience strategies, stretch resources, and align cybersecurity priorities with business goals—all amid regulatory and economic pressures.

To help you prepare for a world where digital and physical domains converge and trust can be weaponised through AI-powered deception, Steve Durbin, Chief Executive of the ISF, returns for our annual Emerging Threats webinar. Gain early insight into the most critical threats of 2026 and practical guidance to build resilience in the face of disruption.

Secure your place today and stay ahead of what’s coming.

Emerging Threats 2026: Shaping the Future of Cyber Security

In the face of evolving threat landscape, it is no longer a matter of if you are targeted by threat actors but rather when you are targeted. This fact is further amplified by the pervasive use of AI across various digital platforms today. 

How can organisations set themselves up to survive and thrive after an attack?

This session from Illumio and SEP2 will focus on how to implement zero trust principles to ensure critical business operations can continue during and after a cyber incident.
 
The session will cover:
• Rethinking cyber resilience in favour of ease of operationalisation
• Key considerations for an effective defence-in-depth strategy
• Pragmatic steps on business continuity through an adaptive security posture
• How Zero Trust principles support stronger defences against evolving threats and enable effective breach containment

Speaker bios:
Michael has over 2 decades of experience. He is the Director of Systems Engineering where he is responsible for overseeing the go-to-market systems engineering team.   Michael is an accomplished public speaker, regularly speaking at conferences and webinars. He holds a MSc in Network Systems Engineering and a BSc in physics in addition to several cyber industry certifications. 

James is SEP2's Head of Technology and has been with the business since March 2021. The constant challenge and the evolving security landscape which requires constant learning is what keeps James on his toes and is why he enjoys working in cybersecurity.

Zero Trust in An AI World – Moving From Talk to Action

The Deep and Dark Web is a crowd-sourced, regulated economic system where one's reputation is held in the same high regard as the money that is used to buy the abundant goods and services.

This ecosystem, by design, is murky, has its own abundant culture and subcultures and where almost everything is permitted; where criminals buy and sell their goods; where governments conduct influence campaigns, where intelligence officers conduct espionage; and where the very best and worst of humanity gather to exchange ideas. 

Cyber intelligence and security professionals need to become proficient in the nuances of this ecosystem to put perceived threats emanating from Dark Web sources within the appropriate context. During this discussion, we will define what the Dark Web is, what it is not, and who frequents this space and how it relates to the struggle around attribution.

In this session, you will have the opportunity to: 
• Learn about the origins of and motivations behind cyber crime perpetuated in deep and dark web (DDW) forums and marketplaces.
• Gain an understanding of the demands to which DDW actors are beholden, including the complicated and murky relationships that exist that make attribution a real struggle.
• Observe how threat actors are utilising technology such as AI to perpetuate cyber crime, including extortion, to achieve maximum profit.

Speaker bio:
Adam Darrah is Vice President of Intelligence at ZeroFox. Previous to entering the private sector, he spent eight years working for the US Central Intelligence Agency, which formed his specialisation in Russian and Central Eurasian political, security and intelligence issues. Adam holds a bachelor's and master's degree in Russian from the University of Utah and the University of Arizona, respectively.

Demystifying the Dark Web

Join us for an exclusive webinar with Dave Stapleton, Chief Trust Officer at ProcessUnity, as he explores how AI is reshaping Third-Party Risk Management (TPRM).

Together, we’ll explore the evolution of TPRM - past, present, and future - to better understand AI’s transformative role in the field. Discover how tools like predictive analytics and automated evidence reviews streamline assessment work, and how emerging capabilities such as agentic AI will proactively monitor and mitigate risks.

Leave with practical ideas from a seasoned TPRM and security expert on how to incorporate AI into your program and elevate your role as a subject-matter expert in your organisations risk management strategy.

Key Takeaways:

• Explore innovative AI advancements and use cases driving the future of TPRM
• Discover how to responsibly integrate and scale AI across your vendor portfolio
• Learn how AI integration is redefining the role of risk analysts, empowering them with deeper insights and expertise.
• Communicate the ROI of AI in TPRM with key metrics to track

Don’t miss this opportunity to prepare your organisation for the future of TPRM and stay ahead with AI as your second-in-command.

Speaker bio: 
David Stapleton is the Chief Trust Officer at ProcessUnity, the global leader in third party risk management solutions. With over fifteen years of experience building and leading cybersecurity, risk, and compliance programs across both government and private sectors, David has held pivotal roles at the U.S. Food and Drug Administration, Indian Health Service, and was an early contributor to the development of the FedRAMP program. At ProcessUnity, he oversees trust, security, and risk functions, aligning internal operations with the evolving needs of customers and regulators.

TPRM 2030: Preparing for the AI-Powered Future

In the fight against phishing threats, resilience starts with control and visibility.

Join Marc Olesen, CEO of Cofense, and Steve Durbin, Chief Executive of the Information Security Forum (ISF), as they delve into the evolving role of automation and AI in cybersecurity. This session will explore whether AI is delivering real business value or simply adding complexity - and how organisations can strike the right balance between automation and human oversight.

We’ll unpack the transparency challenges of AI systems, the risks of opaque decision-making, and the critical role of live threat intelligence in staying ahead of attackers. The discussion will also address:

•  Who holds the upper hand in the AI arms race
•  How to support overstretched security teams
•  What metrics matter when evaluating AI-driven phishing defences.

Whether you're shaping your AI strategy or preparing for what’s next, this session offers practical insights to help you navigate the risks, opportunities, and future of AI in phishing defence.

What’s hiding in the AI Black Box?

This webinar examines why the traditional layered defense model is no longer sufficient in today’s threat landscape. With attackers increasingly targeting privileged credentials and exploiting gaps created by fragmented tools, organisations must shift to a security framework built on zero-trust and zero knowledge. 

In this session, Tom Cole, Solutions Engineer at Keeper Security, explains how continuous authentication, least-privilege access, and device-level encryption prevent unauthorized movement across networks, and why zero-trust is critical for protecting sensitive data. 

Drawing on fresh global research, the presentation highlights the rise of AI-driven attack vectors and persistent credential-based threats, while showcasing how a modern Privileged Access Management (PAM) platform can provide a unified, simplified, and robust defence.

What you'll learn:

• Understand and apply zero-trust fundamentals.
• New research on emerging AI-driven and credential-based threats.
• How to apply zero-trust PAM solutions in practice.

Securing Your Network with Zero-Trust

The EU cybersecurity regulatory environment is evolving rapidly. New and updated regulations such as NIS 2, DORA, the Cyber Resilience Act (CRA), and the EU AI Act are introducing complex and overlapping control expectations for organisations operating in or engaging with the European market. 

In this webinar, Benoit Heynderickx and Luka Ivezic will provide a clear update on these major EU regulations and explain how the ISF Standard of Good Practice for Information Security (SOGP) and related tools can support organisations in meeting compliance requirements. 

The session will conclude with an introduction to ISF’s detailed mapping of NIS 2 to ENISA's Technical Guidance - a practical resource available to support the compliance journey.

Key takeaways:
• A concise overview of the latest developments across NIS 2, DORA, CRA, and the EU AI Act
• Insights into emerging control themes across these regulations and common challenges faced by organisations
• How ISF resources, including the SOGP, help build control maturity aligned to these evolving obligations
• A spotlight on ISF’s exclusive mapping of the SOGP to ENISA’s NIS 2 technical Implementation Guidance

EU Cybersecurity Regulations: What’s changing and how ISF can help

AI is reshaping how businesses build and innovate, but it also introduces new risks: data exposure, Shadow AI, pipeline misconfigurations, and insecure model usage. Security teams are now tasked with protecting sensitive data across sprawling AI workloads while ensuring AI adoption stays safe and compliant.

That’s where the combination of Data Security Posture Management (DSPM) and AI Security comes in. Together, they provide the visibility and control organizations need to protect data flowing into, through, and out of AI systems. DSPM ensures sensitive data is discovered, classified, and governed, while AI security removes attack paths, secures pipelines, and uncovers hidden AI usage. By uniting these approaches, companies can innovate with AI at speed, with security embedded at every step.

Key Takeaways: 

• AI adoption creates new risks like data exposure, Shadow AI, and misconfigurations
• DSPM secures sensitive data across the AI pipeline
• AI security + DSPM together enable safe, confident AI innovation.

Securing the AI Era: Why DSPM and AI Security Are Better Together

In an era defined by geopolitical instability, rapid technological advancement, and increasingly complex global supply chains, cybersecurity threats are evolving faster than ever. This webinar explores the intersection of current affairs and cyber risk, highlighting how global events from conflicts and climate disasters to AI-driven scams are reshaping the threat landscape be and business operations.

In this session ISF senior analysts, Mark Ward and Francesca Williamson, will be exploring and providing guidance on:  
• The impact of global events and rising geopolitical tensions is having on cybersecurity
• Emerging AI related threats such as AI-generated attacks and deepfakes
• How malicious actors are exploiting current global affairs to attack vulnerable supply chains.

From Geopolitics to Deepfakes: Navigating threats in a turbulent world

Hybrid and multi-cloud architectures offer flexibility and scalability, but they also introduce challenges in maintaining consistent security across diverse platforms. Traditional approaches often struggle to deliver unified visibility and control across both on-premises infrastructure and cloud environments. 

In this session, Simon Cross, Enterprise Security Architect at Infoblox, will explore how organisations can evolve defence-in-depth by adding an extra layer of pre-emptive controls. By focusing on early asset identification and understanding attacker infrastructure, organisations can enforce safeguards that block threats before they reach critical systems. Foundational network services, such as DNS, provide value throughout the layers of defence-in-depth: enabling visibility, supporting consistent policy enforcement, and underpinning the new pre-emptive layer that disrupts adversaries earlier in the kill chain.

Key takeaways:
• Approaches to simplify asset discovery and policy enforcement across hybrid environments
• How foundational network services deliver value across layers of the defence-in-depth model
• Ways to apply pre-emptive controls and threat intelligence to stop attacks sooner

Strengthening Security in Hybrid and Multi-Cloud Environments

Read the latest AI vendor pitches, or even mainstream news feeds, and you’re likely to be bombarded by content about the latest entry to the hype cycle: agentic AI. These autonomous systems, capable of making decisions and pursuing goals independently, present a wealth of opportunities. But they also come with a range of risks that receive little in the way of discussion or understanding.

This webinar will address that imbalance by highlighting the key opportunities and challenges posed by this evolution in the world of AI. 

Join Lee Munson, ISF Principal Analyst, as he explores:

• What agentic AI is and why it’s generating so much attention
• The transformative potential of autonomous systems across sectors
• The risks, limitations, and ethical concerns that are often overlooked
• How organisations can critically assess agentic AI solutions

Whether you're an AI practitioner, tech strategist, or business leader, this session will help you navigate the evolving landscape of agentic AI with clarity and confidence.

Agentic AI: Why autonomy is its greatest strength and its biggest weakness

What would happen if your organisation’s most valuable information was compromised?

In today’s digital market, valuable, accurate information can be the difference between success and failure. Mission-critical information assets, also known as crown jewels, either hold inherent value or support vital business processes. If compromised, these assets can lead to serious incidents, including extinction level events.

Protecting these assets is essential for operational resilience. In many cases, crown jewels underpin the minimum viable company, meaning their protection demands extra investment and a strong culture of security, where everyone understands their responsibilities.

In this webinar, Richard Absalom will introduce the newly revised ISF Protection Process, helping the audience to:

• Identify mission-critical information assets
• Assess and counter the main threats
• Protect the information lifecycle.

Join us to explore how your organisation can better safeguard its most valuable information and build a resilient future.


Speaker bio: 

Richard Absalom is a Principal Analyst with the Research team. His work involves investigating, clarifying and sharing best practice with ISF Member organisations.

Richard has been with the ISF since 2016 and his research has provided insight into topics as varied as measuring security, mergers and acquisitions, supply chain security, artificial intelligence, security assurance, secure Agile development, mobile app security, and identifying future information risks for the flagship Threat Horizon report series. He also now supervises the quality of all Research products, providing an even wider view across many and varied topics around information security.

Protecting the Crown Jewels: Securing what matters most

As cyber threats grow, fostering employee awareness and preparedness becomes crucial for overall security.

In this session, Javvad Malik, Lead Security Awareness Advocate at KnowBe4, will delve into the ethical responsibility of organisations to ensure their employees are cyber resilient. He will explore best practices for creating a culture of cyber resilience, including ongoing training and leadership’s role in promoting awareness.

Don’t miss the opportunity – register now to discover how investing in your workforce enhances security and aligns with ethical business practices.


Speaker bio: 

Javvad Malik is the Lead Security Awareness Advocate at KnowBe4 and is based in London. Malik is an IT security professional with over 20 years of experience as an IT security administrator, consultant, industry analyst and security advocate. He is also a multi-award winner and is currently a Guinness World Records holder for the most views of a cybersecurity lesson on YouTube in 24 hours. Malik is passionate about helping people understand the value of cyber security and how every department and individual can play their part. He often educates his audience through blog posts, videos, podcasts and at public speaking events. Malik holds the SACP and CISSP certification.

Is ensuring your people are cyber-resilient the ethical responsibility of the organisation?

Organisations face an increasingly fast evolving regulatory landscape and a multitude of cybersecurity frameworks to help them defend against security threats.

In this interactive session, we will give some practical insights for leveraging the use of cybersecurity frameworks from major international organisations such as ISO, NIST, CSA, PCI DSS and the ISF, to develop a tailored security strategy for large multinational organisations. Discover how integrating diverse standards can enhance security controls and ensure comprehensive protection across global operations.

In this session you will gain practical insights into:
- Framework integration – how to create a robust customised security framework for a multinational organisation
- Pro-active risk management – the importance of adopting a multi-framework approach to identify and mitigate risks across different regions and operational environments.
- Continuous security improvement – strategies for continuously updating and refining your cybersecurity framework by leveraging multiple standards to stay ahead of emerging threats and regulatory changes.

Register now to hear from ISF Principal Analyst Benoit Heynderickx and Aviva’s standards and policies specialist Dave Owen to gain practical insights that will empower your organisation to build a unified and resilient cybersecurity framework.

SOGP: the right unifying compliance framework for your organisation

For today’s CISOs, third-party risk management (TPRM) often feels like a time-intensive, check-the-box process that pulls valuable resources away from strategic priorities.

Join this panel discussion featuring David Stapleton, Chief Trust Officer at ProcessUnity, and Marcello Tomasina, Senior Manager at Accenture Security, as they explore how adopting the “ask once, use many” approach through third-party risk exchanges. Thus, simplify due diligence, reduce redundancy, and empower security leaders to focus on mitigating real risks. Gain practical insights and proven strategies to optimise TPRM processes without compromising thoroughness or effectiveness.

Be part of the conversation and explore how to:

- Instantly perform inherent risk analysis on your entire vendor portfolio
- Incorporate real-time risk [CM1] data into your process to reduce [CM2] questionnaire requests
- Access [CM4] assessment data on large, hard-to-assess third parties that don’t respond to you
- Monitor 100% of your portfolio — not just your critical vendors


Speaker bios:

David Stapleton is the Chief Trust Officer at ProcessUnity, the global leader in third party risk management solutions. With over fifteen years of experience building and leading cybersecurity, risk, and compliance programs across both government and private sectors, David has held pivotal roles at the U.S. Food and Drug Administration, Indian Health Service, and was an early contributor to the development of the FedR AMP program. 
 
Marcello Tomasina is a Senior Manager at Accenture Security, specialised in Cyber Strategy with a focus on Risk Management. He is Accenture Global Lead for Supply Chain Security and he is responsible to coordinate project initiatives, research and development as well as strategic planning for Accenture and its Clients on Third Party Risk Management. During the past years, Marcello led major projects in Private Equity, Financial Services and Public Sector.

Ask Once, Use Many: Optimising Third-Party Risk Management Decisions with Risk Exchanges

Join the authors of ISF’s Threat Horizon 2027, Mark Ward and Richard Absalom, to explore how global developments will remake the threat landscape over the coming years and consider how organisations can prepare.

Key takeaways:
• Evaluate key areas of change that impact every business, from geopolitics to technical development.
• Identify emerging threats and trends related to this changing environment.
• Understand the actions required to prepare for these threats and build a resilient organisation.


Speaker bios: 

Richard Absalom is a Principal Analyst with the Research team. His work involves investigating, clarifying and sharing best practice with ISF Member organisations.

Richard has been with the ISF since 2016 and his research has provided insight into topics as varied as measuring security, mergers and acquisitions, supply chain security, artificial intelligence, security assurance, secure Agile development, mobile app security, and identifying future information risks for the flagship Threat Horizon report series. He also now supervises the quality of all Research products, providing an even wider view across many and varied topics around information security.

Mark Ward is a Senior Research Analyst at the ISF who has been lead author on the last two editions of the flagship Threat Horizon report.

Before joining the ISF, Mark worked as a journalist for a variety of mainstream publications including the Daily Telegraph and New Scientist. He spent 20 years at the BBC covering technology news for the corporation’s website. During that stint in the newsroom, he cultivated a strong interest in all aspects of cyber security – its history, practice and its increasingly criminal focus. That knowledge has been augmented with an understanding of how information security is practiced and the gumption and grit required to help organisations prosper spite of the cyber threats ranged against them.

Grasping for Control: The future threat landscape

Learn about ISF Assure, our holistic security platform that identifies and mitigates key risks to your environment at speed. 

Designed for businesses operating during periods of upheaval and uncertainty, ISF Assure supports security teams that need to stretch their resources further than ever before, prioritising cyber resilience and maintaining operational stability at all costs.

In this session, Avnee Dave, ISF Assure Product Owner, and Alex Jordan, Head of ISF Tools and Methodologies, will walk you through the platform, and demonstrate how you can use ISF Assure to:

• Design effective security controls and assess their implementation
• Enhance vendor management and assessment activities
• Assess and decompose risks in a lightweight, repeatable manner.
• Leverage the broader ISF ecosystem to support ongoing security activities.

With ISF Assure, we will also demonstrate how to custom risk treatment plans, unique to your organisation and control set. By drawing upon the ISF Standard of Good Practice, our unique library of peer-assessed research, and our dedicated consultancy teams,  you will learn how ISF Assure can accelerate your business towards risk mitigation at a speed consistent with the ever-changing world we find ourselves in.

ISF Assure: Solving security with less stress

As adoption accelerates, more than half of organisations lack a clear AI security governance framework – leaving them vulnerable to risks and compliance challenges.

In this webinar author Lee Munson, ISF Principal Research Analyst, will be joined by Richard Absalom ISF Principal Research Analyst and Nikhil Stephen, InfoSec Risk Analyst at Arcadis N.V., to reflect on why AI security governance is struggling to keep up and who should be accountable and responsible for it.

They will also consider why the governance of AI should be integrated within existing governance structures to enable organisations to grasp the opportunities presented by AI and to ensure longer-term success while controlling risks.

AI Security Governance: Seizing opportunities and controlling risks

Third-party cyber risk is not a new concern for organisations. Over the last decade, it has become significantly more of a priority as more complex supply chains and vendor ecosystems are adopted by all sectors and industries.

Moving beyond traditional third-party cyber risk management, BlueVoyant’s Risk Operations Centre (ROC) creates a comprehensive defence for organisations within the most expansive and complex supply chains. The ROC, modelled after traditional Security Operations Centres (SOC), can quickly respond to and provide direct remediation across your third-party ecosystem, offering expert-driven interaction between seasoned analysts and your supply chain vendors.

But how does the ROC actually function, and what can it mean for your organisation? Join us on the 28th July to hear from one of BlueVoyant's ROC analysts, Darin Epling, as he uncovers how the ROC can go beyond simple management and provide comprehensive defence of your vendor ecosystem.

In this webinar, you’ll discover: how the ROC monitors thousands of third parties in order to understand an organisation’s security and risk posture, how analysts create and validate footprints of your extended attack surface to identify risk, the methods used to curate findings and communicate directly with vendors in a supply chain, and how ROC analysts respond to and remediate zero-day vulnerabilities in record time.

Innovating Defence: The life of a Risk Operations Centre (ROC) Analyst

Risk Management

Supply Chain

Vendor Resiliency

Security Operations

Cyber Attacks

Cyber Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finance

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Innovating Defence: The life of a Risk Operations Centre (ROC) Analyst

Presented by

About this talk

Information Security Forum