Homepage Slideshow
GRC 101: Aligning Compliance, Security, and Business Goals
Watch now on-demand!
Paradigm Shift: Using NIST Cybersecurity Principles to Drive Your Risk Program
Watch now on-demand!
https://executiveitforums.org/it-grc-forum/landing-pages/111621
Strategies to Turn Risk into an Opportunity for Business Growth
Watch Now!
https://executiveitforums.org/it-grc-forum/landing-pages/092321
How to Avoid Becoming a Ransomware Victim
Watch Now!
https://executiveitforums.org/it-grc-forum/landing-pages/091621
A Data-Driven Cybersecurity Masterclass
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/072221
Evaluating Your Law Firms Data Security
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/061721
GDPR and Privacy in 2021, where are we now?
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/052621
Automating Cyber Risk Management in a Pandemic
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/032521
Cybersecurity Tips for when Working from Home
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/121720
A Zero-Trust Approach to COVID-19
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/052120
Latest News
- JPMorgan Chase to spend $12bn on tech this year
- Chainalysis: North Korean hackers stole $400m worth of digital assets in 2021
- Shield raises $15m for AI-driven communications compliance platform
- UK FS regulator takes aim at cloud giants - FT
- Federal Reserve reports "unprecedented" decline in in-person payment cards volumes
- Legacy tech mishandling costs Morgan Stanley $60 million in data breach suit
- Metro Bank fined £5.4 million for failing in its regulatory reporting governance and controls
- JPMorgan Chase fined $200 million for conducting business on WhatsApp
- HSBC fined £63.9m for AML failings
- Australia suffers 9.2% rise in Y-o-Y fraud on payment card transactions
- AML penalties hit $2.2 billion in 2020 as regulators crack down on financial crimes
- Bitmart loses $100 million in DeFi hack
- Bank of Ireland fined €24.5 million over IT resiliency issues
- US regulators promise crypto oversight clarity
- US banks ordered to report cyber incidents within 36 hours
- DeFi fraud and theft losses reach $10.5 billion in 2021
- Robinhood shares slip on data security breach
- Rapid shift to digital is outpacing the ability of banks to respond to cyber threats
- SC Ventures launches letsbloom to help regulated organisation hop on the cloud
- BNY Mellon launches ISO 20022 Hub
On-Demand
-
GRC 101: Aligning Compliance, Security, and Business GoalsRecorded: December 16 | 2021 Watch
Organizations today are tasked with meeting the challenges of the current business climate, one of which is managing GRC processes which are often siloed. GRC has a wide reach and impacts many departments across an organization, but when it is done right, benefits accrue. Organizations that integrate GRC processes and technology across departments can ensure the right people get the right information at the right times; that the right objectives are established; and that the right actions and controls are put in place to address uncertainty and act with integrity.
-
Paradigm Shift: Using NIST Cybersecurity Principles to Drive Your Risk ProgramRecorded: November 16 | 2021 Watch
Cybersecurity risks come in many forms, and most importantly, risks are evolving at an increasingly rapid pace. Organizations across industries should work to implement adaptive cybersecurity processes that enable them to predict, prepare and react to the shifting landscape of cyber threats. The NIST Cybersecurity Framework enables organizations to apply the principles and best practices of security to drive risk management and protect against constantly advancing cyber attacks.
-
A Data-Driven Approach to Third-Party Risk ManagementRecorded: October 21 | 2021 Watch
As organizations have increased their scope of vendors and partners, they have also increased their digital risk surface and are facing new challenges regarding vendor risk management. By taking a data-driven approach to identifying, understanding, and acting on risk, you can efficiently eliminate your organization's most critical third-party security gaps.
-
Strategies to Turn Risk into an Opportunity for Business GrowthRecorded: September 23 | 2021 Watch
We are all in the risk business. No risk, no business. The biggest risk points are usually where the biggest opportunities lie to better meet your strategic objectives, enable and drive growth, improve reputation management and confidence in decision-making — and face fewer surprises.
-
Ransomware: How to Reduce Your Likelihood of Being a VictimRecorded: September 16 | 2021 Watch
Colonial Pipeline. JBS meat processor. Scripps Health. The list of recent high-profile ransomware victims is long and growing. So are the costs to recover from these crimes.
-
Applying Threat Intelligence to Improve Visibility into Third-Party Cyber RisksRecorded: August 26 | 2021 Watch Now
Data breaches are one of the world’s biggest cybersecurity threats for organizations of all sizes. A recent survey conducted by the Ponemon Institute revealed that 59% of organizations have experienced one or more data breaches caused by a third party, costing an average of $7.5 million to remediate. Incorporating current threat intelligence is critical to building and maintaining an effective third-party risk program.
-
A Data-Driven Cybersecurity MasterclassRecorded: July 22 | 2021 Watch Now
Incident response teams, threat hunters and security operations centers need visibility into what’s happening on their networks so they can make sense of their traffic and move at the speed of attacks. Cybersecurity best practices have moved from protection to detection and response and the lens is refocusing again on data-driven security. Data is the key to making more informed, strategic cybersecurity decisions — and ensuring you’re spending your security dollars effectively. Continuous data-driven monitoring of security in your organization and in every vendor organization with access to your IT infrastructure is the only strategy that will keep you one step ahead of the bad guys.
-
How to Improve Efficiencies in Your Vendor Risk-Management ProgramRecorded: June 24 | 2021 Watch Now
Traditional Vendor Risk Management tactics are inadequate for understanding the cybersecurity posture of your vendor ecosystem. Your organization should also make sure that your program is efficient in its processes and works to enable business, mitigate risk, ensure compliance and that it fits into your organization’s overall structure. Whatever your company size and regardless of the number of vendors you have, creating efficiencies across your vendor risk management program isn’t just helpful—it’s critical if you want to properly assess the security posture of your vendors.
-
ACC Data Steward Program: A New Industry Model for Evaluating Law Firm SecurityRecorded: June 17 | 2021 Watch Now
Corporations give their law firms more sensitive information than any other type of vendor. Yet surveys show that 70% of companies do not assess the security of their firms and legal service providers.
-
GDPR and Privacy 2021, where are we now?Recorded: May 26 | 2021 Watch Now
2021 is set to be an exciting one for privacy protection legislation as several notable privacy laws will begin enforcement, with several others falling in line to the new international standard set by the GDPR.
-
Third-Party Risk Deep-Dive: How to Operate Your ProgramRecorded: April 29 | 2021 Attend
Procurement, IT, and Compliance leaders struggle to manage today’s complex regulatory environment, expansive supply chains, and compliance burdens. Difficulties increase as organizations subject themselves to additional risk by involving more third parties—suppliers, sales agents, and even charities—as regulations grow ever-more complex.
-
Automating Cyber Risk Management in a PandemicRecorded: March 25 | 2021 Attend
Cyber-risk management has been forever changed by COVID-19. From the sudden and exponential growth of the remote workforce to the increase in cyber threats that exploit the expanding attack surface, the pandemic has created new challenges which require new strategies for effectively managing cyber risk. This paradigm shift has accelerated the demand for efficiency and forced a new mindset for risk and compliance teams who are relying on automation technologies like never before.
Visionaries
-
Steve Durbin is Vice President of the Information Security Forum (ISF). His main areas of focus include the emerging security threat landscape, Cyber ...
-
Adrian Lane is the CTO and Security Analyst at Securosis. He is a Senior Security Strategist with 25 years of industry experience. He brings...
-
Rebecca Herold, CISM, CISSP, CISA, CIPP, FLMI. Rebecca is an information privacy, security and compliance consultant, author and instructor who has pr...
-
Ed Ferrara is Principal Analyst for Security and Risk at Forrester Research. He contributes to Forrester's offerings for the Security & Risk Profe...
-
Chris McClean contributes to Forrester's offerings for the Security & Risk professional, leading the company's coverage of governance, risk, and c...
-
Derek Brink is the Vice President and Research Fellow at Aberdeen group. He is a senior high-tech executive experienced in strateg...
-
John Kindervag is a Senior Analyst at Forrester serving Security & Risk professionals. He is a leading expert on wireless security, network s...
-
Branden Williams has over fifteen years of experience in technology and information security with a formidable background in the majority of the techn...