Homepage Slideshow
Effectively Communicate Cybersecurity to the Board
Earn 1.5 CPE Credits by attending our webinar on August 25th
Compliance Trends Impacting Risk Management
Watch now on-demand!
Data Privacy 101: Using Technology to Close the GRC Gap
Watch now on-demand!
https://executiveitforums.org/9944-cpe-data-privacy-101-using-technology-to-close-the-grc-gap
Aligning Third-Party Risk Controls to Your Security Framework
Watch now!
Cornerstones to Third-Party Risk Management Success
Watch Now!
Ransomware Attacks: Trends & Compliance Lessons Learned
Watch Now!
Inside the Mind of a Hacker with Rachel Tobac
Watch Now!
Paradigm Shift: Using NIST Cybersecurity Principles to Drive Your Risk Program
Watch now on-demand!
https://executiveitforums.org/it-grc-forum/landing-pages/111621
A Data-Driven Cybersecurity Masterclass
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/072221
Cybersecurity Tips for when Working from Home
Watch Now On-Demand!
https://executiveitforums.org/it-grc-forum/landing-pages/121720
Latest News
- 45% of firms failing to detect criminal 'ghosts'
- SEC investigates Coinbase over securities - Bloomberg
- UK regulators propose supervision measures for critical third parties
- Firms failing to monitor social messaging
- Apple faces US antitrust suit over Apple Pay
- BIS and Iosco agree 'same risk, same rules' principles for systemic stablecoins
- FSB stresses need for regulation of crypto-assets
- CFPB strengthens data privacy and cybersecurity with new rules
- Bank of England to announce crypto regulation
- ECB to issue eurozone warning over crypto regulation – FT
- EU reaches agreement on landmark MiCA regulation for crypto
- Federal Reserve delays ISO 20022 cutover by two years
- Canadian banks team on KYC solution
- Nth Exception and IBM aim to reduce ISO 20022 Migration risk
- The Disruption House to deliver ESG verification of fintech on Temenos Exchange
- FCA calls for input on the use of synthetic data to support financial services innovation
- Flagstar Bank hackers steal data on 1.5 million customers
- Financial regulators issued with climate risk guidelines
- EBA publishes Guidelines on role and responsibilities of the AML/CFT compliance officer
- Charles Schwab pays $187m to settle SEC robo-advisor charges
On-Demand
-
Top Regulatory & Compliance Trends Impacting Risk ManagementRecorded: July 28 | 2022 Attend
The COVID-19 pandemic and increased geopolitical uncertainty has placed new priorities and responsibilities on the shoulders of risk and compliance professionals. Executives have realized that stronger ERM programs are required to remain competitive in this new era. Risk leaders, in turn, are looking beyond the urgent ERM measures required to handle the pandemic to how an effective enterprise risk management program can be a competitive differentiator for their companies.
-
Cyber Risk Quantification: Turning the Dream into RealityRecorded: July 14 | 2022 Attend
Cyber Risk Quantification can help CISOs financially quantify risk for senior executives, identify program gaps, and prioritize areas for improvement. Unfortunately, despite the obvious benefits, many CISOs are struggling to implement cyber risk quantification (CRQ)
-
Optimizing Controls to Mitigate Cybersecurity RisksRecorded: June 23 | 2022 Attend
No matter how mature a cybersecurity program is, there always remains room for improvement. Digital transformation continually expands the scope of IT processes, and organizations continue to grapple with resource, staffing, and skill challenges.
-
Data Privacy 101: Using Technology to Close the GRC GapRecorded: May 19 | 2022 Attend
Data privacy continues to make headlines and be a concern for many organizations. According to a recent study by CNBC, 23.1% of the 39 CFOs see cyber-attacks as the number 1 external risk to their company.
-
Aligning Third-Party Risk Controls to Your Security FrameworkRecorded: April 21 | 2022 Attend
According to one study by Ponemon Research Institute, about 53% of organizations say they’ve had at least one third-party breach in the past two years with an average cost of $7.5 million dollars, and the majority of organizations still have immature third-party risk programs. As a result many organizations today are making deep investments into cybersecurity and implementing third-party risk assessment frameworks (such as NIST and ISO) to drive risk management and protect against constantly advancing cyber attacks.
-
Increase Your Cyber Resilience & Regain Control of Your Security ProgramRecorded: April 7 | 2022 Attend
Being a security professional has never been harder. The increasing threat environment, expanding attack surface, and continuous stakeholder demands for transparency are only adding to the challenges. It’s no wonder that Gartner’s latest report — “Predicts 2022: Cybersecurity” — states that cybersecurity leaders are “losing control” of decision making in an increasingly distributed ecosystem.
-
Cornerstones to Strengthen Your Third-Party Risk Management ProgramRecorded: March 24 | 2022 Attend
According to a recent survey by security vendor Anchore, 64% of businesses were affected by a supply chain attack in the past 12 months, and this year supplier attacks are expected to quadruple according to the European Union Agency for Cybersecurity. Third-party breaches can result in severe financial losses, downtime, loss of sensitive information, loss of reputation, breach of compliance, fines, and other legal liabilities.
-
Ransomware Attacks: Trends & Compliance Lessons LearnedRecorded: March 10 | 2022 Watch
The average ransom fee requested increased from $5,000 in 2018 to around $200,000 in 2020*, and according to FBI Director Christopher Wray, reports of ransomware attacks have tripled over the past year. The increased frequency and scope of these attacks present not only a business risk for a company, but legal and compliance risks as well.
-
Inside the Mind of a HackerRecorded: February 24 | 2022 Watch
How do hackers survey your company to identify gaps in your security program? Rachel Tobac executes these attacks for a living! But she's not a criminal, she's a white hat hacker -- launching successful social engineering attacks to train others on the up-to-date methods criminals use to gain access to your money, data, or systems, before the bad guys get there first.
-
How to Improve Threat Intelligence with Advanced AnalyticsRecorded: February 3 | 2022 Watch
Keeping track of cyber threats isn’t easy. The sheer volume of information threat researchers must sift through makes it difficult to collect, analyze, and research that data on time. The key to success is leveraging advanced analytics. It has been estimated that it would take 8,774 analysts working full time for a year to process the same amount of security event data that advanced analytics can process in that same time frame. Advanced analytics takes you from simply monitoring cyber security threats to active threat analytics, management, and prevention.
-
GRC 101: Aligning Compliance, Security, and Business GoalsRecorded: December 16 | 2021 Watch
Organizations today are tasked with meeting the challenges of the current business climate, one of which is managing GRC processes which are often siloed. GRC has a wide reach and impacts many departments across an organization, but when it is done right, benefits accrue. Organizations that integrate GRC processes and technology across departments can ensure the right people get the right information at the right times; that the right objectives are established; and that the right actions and controls are put in place to address uncertainty and act with integrity.
-
Paradigm Shift: Using NIST Cybersecurity Principles to Drive Your Risk ProgramRecorded: November 16 | 2021 Watch
Cybersecurity risks come in many forms, and most importantly, risks are evolving at an increasingly rapid pace. Organizations across industries should work to implement adaptive cybersecurity processes that enable them to predict, prepare and react to the shifting landscape of cyber threats. The NIST Cybersecurity Framework enables organizations to apply the principles and best practices of security to drive risk management and protect against constantly advancing cyber attacks.
Visionaries
-
Steve Durbin is Vice President of the Information Security Forum (ISF). His main areas of focus include the emerging security threat landscape, Cyber ...
-
Adrian Lane is the CTO and Security Analyst at Securosis. He is a Senior Security Strategist with 25 years of industry experience. He brings...
-
Rebecca Herold, CISM, CISSP, CISA, CIPP, FLMI. Rebecca is an information privacy, security and compliance consultant, author and instructor who has pr...
-
Ed Ferrara is Principal Analyst for Security and Risk at Forrester Research. He contributes to Forrester's offerings for the Security & Risk Profe...
-
Chris McClean contributes to Forrester's offerings for the Security & Risk professional, leading the company's coverage of governance, risk, and c...
-
Derek Brink is the Vice President and Research Fellow at Aberdeen group. He is a senior high-tech executive experienced in strateg...
-
John Kindervag is a Senior Analyst at Forrester serving Security & Risk professionals. He is a leading expert on wireless security, network s...
-
Branden Williams has over fifteen years of experience in technology and information security with a formidable background in the majority of the techn...