When: Dec. 17 | 2019 Attend
The California Consumer Privacy Act of 2018 (CCPA) is arguably the most expansive privacy law in U.S. history and will become enforceable in just a matter of months. The CCPA introduces new privacy rights for consumers and will force companies that conduct business in the State of California to implement structural changes to their privacy programs. The new rights given to California consumers are similar to the rights provided in the European Union’s General Data Protection Regulation (GDPR). The CCPA also subjects non-compliant businesses to expensive fines, class-action lawsuits, and injunctions.
Recorded: March 12 | 2019 Attend
As organizations evolve and become more connected, their reliance on third-party ecosystems continues to grow. While these business relationships undoubtedly add value, they also introduce significant new risk and compliance challenges. The third-party risk management process is complex and involves more stakeholders and data sources than many people may think including: cyber risk information, supply chain, financial, IT, compliance, legal, and privacy risk data. But even with loads of available data, it’s extremely difficult for risk teams to know how to prioritize risk and focus remediation and response efforts without the proper context or processes.
Recorded: Oct 31 | 2019 Attend
High-Profile Data Breaches have placed a spotlight on the risk of cyber security breaches with vendors and subcontractors, expanding the need to have greater rigor in third party risk management and ongoing risk assessments. Maintaining an effective third-party risk management program doesn't happen overnight. It's a journey that involves continual learning, refinement and evolution.
Recorded: July 25 | 2019 Attend
The current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes. Given the growing complexities in accurately collecting and screening third-party data and the need for deeper due diligence, automation is key to a successful risk program. However, many corporations haven’t adopted automation in their third-party risk management programs.
Recorded: June 27 | 2019 Attend
Today’s increasing organizational complexity and evolving threat environment have made it more critical than ever for organizations to clearly identify their exposures, measure vulnerability risk, and quickly prioritize remediation efforts. Cyberattacks are often hidden from view under a mountain of alerts generated by security systems, giving attackers time to gain access to systems and seize valuable data.
When: April 25 | 2019 Attend
In today’s interconnected technology ecosystem, companies increasingly rely on third party vendors to meet their operational needs. However, the current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.
Recorded: September 27 | 2018 Attend
Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.
Recorded: July 26 | 2018 Attend
Data protection laws such as the General Data Protection Regulation (GDPR) are complex, and can impact a broad range of business roles, including legal, audit, HR and finance, not just IT. In achieving GDPR compliance, organizations should focus on getting these roles to work together in ongoing efforts to ensure governance, risk and compliance (GRC) across an organization, and not be distracted by the noise in the marketplace.