Landing Pages

CISOs in the Boardroom: Presenting Cyber Risk Storyboards with Confidence

With cybersecurity becoming a top concern for boards of directors, CISOs finally have a seat at the table. But what happens when you have to deliver information on cybersecurity policies, risks, threats, and incident response plans to stakeholders who often don’t have the same technical understanding as you?

Join us on this 60-minute webinar, where we share how CISOs can overcome the challenge of transforming their tactical plans to a higher-level story that’s tailored for the board. You'll also learn:

How online storyboards make it easy to confidently communicate risk with a specific focus on the business value.
How combining and analyzing data from different sources results in a more effective explanation of your security maturity.
How to build a culture that religiously uses metrics to consistently make strategic, data-driven decisions.

About the IT GRC Forum
CPE The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members, and offer CPE credits via our programs. Executive IT Forums, Inc, is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education.

Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119

Phone: (646) 525-4801 | Visit us at www.executiveitforums.org

Research

pdf The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 (703 KB)

The Nine Providers That Matter Most And How They Stack Up

In Forrester’s evaluation of the emerging market for cybersecurity risk rating solutions, we identified the nine most significant providers in the category — Bitsight, Fico, iTrust, Normshield, Panorays, Prevalent, Riskrecon, SecurityScorecard, and upGuard — and evaluated them. This report details our findings about how well each vendor scored against 10 criteria and where they stand in relation to each other. Security and risk (s&r) professionals can use this review to select the right partner for their cybersecurity risk rating solution needs.

Key Takeaways

Forrester’s research uncovered a market in which Bitsight, RiskRecon, Prevalent, and SecurityScorecard are leaders; Panorays and Fico are strong Performers; and upGuard, Normshield, and iTrust are challengers. Risk Analytics, entity Attribution, and Rating Consistency are key differentiators. The best cyber-risk rating solutions don’t merely report on your third-party partners’ security flaws, they contextualize and prioritize the risk information they collect so you can more strategically allocate resources and mitigate risk.

pdf Download (703 KB)

About the IT GRC Forum

The IT GRC Forum is an online resource and networking platform for Governance, Risk Management, and Compliance (GRC) Professionals. We produce educational events and provide market intelligence for our members, and it is our goal to help industry stakeholders, government regulators, and end-users better understand and manage the increasingly complex GRC landscape across their organization. Visit us at www.executiveitforums.org

Research

pdf GDPR for Third-party Risk Management eBook (5.68 MB)

Everything you need to know to stay compliant

Europe’s GDPR is widely-discussed in today’s news cycles and for good reason. The regulation impacts many organizations throughout the world, and violations of the regulation can result in material fines. One big question remains for many businesses, how do third-party services fit into this new regulation and what can organizations do to protect themselves from third-party risks to meet the standards?

In this eBook we explore three key topics related to GDPR:

How organizations go from violations to fines
What the new fines mean for you and what your organization can do
Third-party risk management obligations

pdf Download (5.68 MB) a complimentary copy of the eBook now to learn how to stay GDPR compliant.

About the IT GRC Forum

Webcast

Learning Objectives:

Discover how to identify, catalog, and prioritize risks across the enterprise
Find out how to quickly measure critical activities and address inherited risk
Learn how to gain efficiency and effectiveness of current risk-management approaches

NASBA CPE Information

Register for this session via the console below. In order to be awarded the full credits, you must be respond to three out of the four polling questions asked during the program, and attend the session for a minimum of 45 minutes.

Qualifying participants will earn 1.0 CPE credit

Field of Study: Information Technology

Additional Information

Prerequisites: Basic knowledge of internet security issues within enterprise and the financial industry. No advance preparation required.
Who Should Attend: This session is suitable for executives, managers and key staff in all GRC and Information Security roles (including risk, audit, compliance, ethics, legal, performance, IT, Data Security, Cyber Security etc…). Members of technology providers and professional service firms will also benefit from understanding the issues and approaches covered on this session.
Program Level: Overview
Delivery Method: Group Internet Based. This is a group live event for NASBA authorized continuing education credit. Qualifying attendees will receive a certificate of completion of this event indicating 1 hour of CPE.

Executive IT Forums, Inc, is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.

Refunds and Cancellations: No Fee. For more information regarding complaints, and/or program cancellation policies please contact our at This email address is being protected from spambots. You need JavaScript enabled to view it.

PANEL DISCUSSION

About the IT GRC Forum
CPE sponsors The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members, and offer CPE credits via our programs. Executive IT Forums, Inc, is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education.. Visit us at www.executiveitforums.org

Research

pdf Cloud Risk Surface Report (1.54 MB)

Navigating safely in cloudy condition

This report (re)uses the same data set behind the Internet Risk Surface Report. It is derived from RiskRecon’s work in providing companies objective visibility into their third-party cybersecurity risk. For each organization analyzed, RiskRecon trains machine learning algorithms to discover internet facing systems, domains, and networks. For every asset discovered, RiskRecon analyzes the publicly accessible content, code, and configurations to assess system security and the inherent risk value of the system based on attributes such as observable data types collected and transaction capabilities. RiskRecon provided Cyentia a large anonymized sample of their production data set for this research.

Having studied several broad aspects of the Internet risk surface, we now seek to narrow the focus to consider how the cloud shapes that surface. The benefits of migrating data, workloads, applications, and business processes to the cloud are incredibly compelling. But as a steady string of headlines reporting large data exposures from cloud environments suggest, those benefits don’t come risk-free. Is the risk worth it? To help you answer that for your organization, we leverage a massive dataset supplied by RiskRecon spanning 18,000 organizations and over 5 million hosts yielding 32 million security findings. Read on for a preview of the fascinating facts and figures we share in this report.

pdf Download (1.54 MB)

About the IT GRC Forum

How to present cyber risk to the board

Cybersecurity has become a top concern for boards which means they’ll be looking to you for assurance and confidence. So how do you effectively communicate risk, threat, and incident response plans to a non-technical audience?

This eBook shares practical tips to increase executive visibility into cyber—for informed decision-making. You'll also learn:

How to collect, unify, and report on siloed data and assets
How to automate risk management processes and reduce human error
How to present key metrics to stakeholders and the board

Download Now >>

About the IT GRC Forum
The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.

Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119

Phone: (646) 525-4801 | Visit us at www.executiveitforums.org

CPE Webinar Invite:

Enabling Cybersecurity: Ignite Your ERM Program

Greetings!

Effectively managing risk is critical for the success of every organization. Cyber threats continue to increase in frequency and grow in complexity, and the volatility of risk is dramatically increasing. This makes it very difficult for organizations to adequately prepare for or respond to risk. In addition, many risks that organizations must contend with, such as Information security, are so complex and technical in nature that it is difficult for the organization’s leadership to get the necessary balanced insight into risk across the organization.

Join the panel discussion webinar to learn how your organization can take command of risk to proactively prioritize and address the risks that matter most, and ignite your risk management program to enable cybersecurity.

Learning Objectives:

Discover how to identify, catalog, and prioritize risks across the enterprise
Find out how to quickly measure critical activities and address inherited risk
Learn how to gain efficiency and effectiveness of current risk-management approaches

Qualifying participants will earn 1.0 CPE credit. In order to be awarded the full credits, you must be respond to three polling questions asked during the program, and attend the session for the required time.

With...Qualys, Riskonnect, and Barracuda

Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119

Phone: (646) 525-4801 | Visit us at www.executiveitforums.org

Harmonizing Insights From Your Cybersecurity Ecosystem

On this live webinar we will discuss how the future of cybersecurity is a centralized platform which provides oversight of risks and vulnerabilities, plus governance that issues are being remediated.

Most organizations already have an ecosystem of cybersecurity point solutions to protect their attack surface. While these vital investments are needed to establish a strong cybersecurity posture, they come with their own set of challenges. Most notably, the fact that these disparate systems produce a dizzying amount of data lakes and insights. Even if some systems have incumbent analytics, or BI and machine learning (ML) capabilities to help you uncover issues, there’s no way to be certain that the issues identified will be remediated.

Join us on this 60-minute webinar with Phil Shomura, Senior Product Manager at ACL, where you'll learn how to:

Identify key integration points within an organization
Apply data analytics to key control areas for continuous monitoring
Develop a standardized workflow and streamlined reporting

Save Your Seat Now >>

Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119

Phone: (646) 525-4801 | Visit us at www.executiveitforums.org

Webcast

Learning Objectives:

Learn how to prepare for GDPR implementation
Identify the real life challenges of compliance
Learn about prioritizing plans and actions to effectively prepare for data protection
Discover some of the benefits, approaches, and tools to comply with the GDPR

NASBA CPE Information

Qualifying participants will earn 1.0 CPE credit

Field of Study: Information Technology

Additional Information

PANEL DISCUSSION

Rebecca ISACA CACS March 2015 2

Rebecca Herold

John McLeod

John McLeod

mark mcglenn

Mark McGlenn

jake

Jake Olcott

brian2

Brian Philbrook

Discussion Moderator. CEO & Founder

CISO

Senior Manager of Risk and Compliance Services

VP of Strategic Partnerships

Privacy Counsel | CIPP/E, CIPP/US, CIPM, CIPT, FIP | JD

Webcast

Learning Objectives:

Discover how to identify, catalog, and prioritize risks across the enterprise
Find out how to quickly measure critical activities and address inherited risk
Learn how to gain efficiency and effectiveness of current risk-management approaches

NASBA CPE Information

Qualifying participants will earn 1.0 CPE credit

Field of Study: Information Technology

Additional Information

PANEL DISCUSSION

How to mature your identity governance program

New identity and user access management challenges have arisen due to remote work, restructured teams, and adoption of cloud and mobile tech. IT compliance and audit teams need to provide even more assurance over data validity, integrity, and completeness of testing. But performing manual oversight of identity governance is not a sustainable way to get the assurance you need.

Join this webinar on April 8 at 1 PM ET and discover how to move up the user access maturity scale and make user access testing easier with automation. You’ll also learn:

How to identify the current maturity of your user access review processes.
How to centralize and coordinate user access reviews across the business to reinforce the completeness and validity of testing.
How to automatically connect to systems to maximize the efficiency of user access control testing.
Practical steps you can take to move from Initial through to Optimized user access review maturity.

Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119

Phone: (646) 525-4801 | Visit us at www.executiveitforums.org

Webcast

Learning Objectives:

Learn how to prepare for GDPR implementation
Identify the real life challenges of compliance
Learn about prioritizing plans and actions to effectively prepare for data protection
Discover some of the benefits, approaches, and tools to comply with the GDPR

NASBA CPE Information

Qualifying participants will earn 1.0 CPE credit

Field of Study: Information Technology

Additional Information

PANEL DISCUSSION

Rebecca ISACA CACS March 2015 2

Rebecca Herold

John McLeod

John McLeod

mark mcglenn

Mark McGlenn

jake

Jake Olcott

brian2

Brian Philbrook

Discussion Moderator. CEO & Founder

CISO

Senior Manager of Risk and Compliance Services

VP of Strategic Partnerships

Privacy Counsel | CIPP/E, CIPP/US, CIPM, CIPT, FIP | JD

Webcast

Learning Objectives:

Discover how to identify, catalog, and prioritize risks across the enterprise
Find out how to quickly measure critical activities and address inherited risk
Learn how to gain efficiency and effectiveness of current risk-management approaches

NASBA CPE Information

Qualifying participants will earn 1.0 CPE credit

Field of Study: Information Technology

Additional Information

PANEL DISCUSSION

Page 32 of 37

Landing Pages

How to present cyber risk to the board with confidence

The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2019

pdf The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 (703 KB)

pdf Download (703 KB)

GDPR for Third-party Risk Management eBook

pdf GDPR for Third-party Risk Management eBook (5.68 MB)

pdf Download (5.68 MB) a complimentary copy of the eBook now to learn how to stay GDPR compliant.

March 22 | 2018

Cloud Risk Surface Report

pdf Cloud Risk Surface Report (1.54 MB)

pdf Download (1.54 MB)

CISOs in the Boardroom

March 22 Newsletter

CPE Webinar Invite:

Enabling Cybersecurity: Ignite Your ERM Program

With...Qualys, Riskonnect, and Barracuda

Live Webinar! Harmonizing Insights From Your Cybersecurity Ecosystem

April 24 | 2018

March 22 | 2018

[CPE webinar] Automating user access reviews

April 24 | 2018

March 22 | 2018

SIGN IN

Landing Pages

How to present cyber risk to the board with confidence

The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2019

pdf The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 (703 KB)

pdf Download (703 KB)

GDPR for Third-party Risk Management eBook

pdf GDPR for Third-party Risk Management eBook (5.68 MB)

pdf Download (5.68 MB) a complimentary copy of the eBook now to learn how to stay GDPR compliant.

March 22 | 2018

Cloud Risk Surface Report

pdf Cloud Risk Surface Report (1.54 MB)

pdf Download (1.54 MB)

CISOs in the Boardroom

March 22 Newsletter

CPE Webinar Invite:

Enabling Cybersecurity: Ignite Your ERM Program

With...Qualys, Riskonnect, and Barracuda

Live Webinar! Harmonizing Insights From Your Cybersecurity Ecosystem

April 24 | 2018

March 22 | 2018

[CPE webinar] Automating user access reviews

April 24 | 2018

March 22 | 2018

Please Login to download this file