When: December 14 | 2022 Attend
In an interconnected, ever changing digital world, how well your data is secured across your supply chain is a matter of great importance. Failing to adequately screen vendor security risks can lead to data breaches, which can shut down operations, damage customer trust and incur hefty regulatory penalties.
When: January 26 | 2023 Attend
The state of cybersecurity feels volatile. Despite massive worldwide spending on risk management to the tune of $150 billion, cyber attacks keep happening. Ransomware attacks doubled in 2021, with average ransomware recovery costs doubling to $1.85 million and average downtime increasing to 22 days.
When: February 16 | 2023 Attend
The cyber threat landscape grows exponentially each year. Third-party cyber data breaches like the Kaseya data breach, a cyberattack that affected over 1,500 organizations, have prompted regulators to raise cybersecurity standards. In the United States, the Biden Administration aims to improve nationwide cybersecurity with an executive order. The 100-day plan aims to modernize federal infrastructure, improve supply chain security, establish a cybersecurity review board and more.
When: March 16 | 2023 Attend
Cybersecurity is one of the largest concerns facing businesses today and hackers continuously develop diverse ways of penetrating your cybersecurity defences. By adopting the mindset of a hacker, you can be one step ahead of malicious attacks and improve your cybersecurity infrastructure.
When: March 30 | 2023 Attend
The COVID-19 pandemic gave rise to the term, “resilience.” In an organizational context, “business resilience” is the firm’s ability to prepare responses to recover quickly from disruptive events and continue to function amid challenging events. After two years of operating in survival mode, now is the time to take the steps that will accelerate recovery, build resilience and shape future success. The key to these goals is adopting an agile approach to a governance, risk management and compliance (GRC) program.
Recorded: November 3 | 2022 Attend
Data privacy is a key component in many strict regulatory mandates and a subject of increasing attention from the public at large. To avoid steep fines and attract and retain customers, organizations must ensure the privacy of all the sensitive data they process and store. But what's the best path to achieving that goal?
Recorded: October 20 | 2022 Attend
With organizations having an average of over 5500 third parties in their vendor ecosystem, third-party risk management (TPRM) can be overwhelming and costly. Manual approaches to TPRM research and analysis are no longer appropriate. Targeted risk intelligence and automated data feeds can enable organizations to recognize risk sooner and respond with increased operational resilience, reducing the manual burden and cost.
Recorded: October 6 | 2022 Attend
The corporate attack surface is rapidly expanding: how can security professionals get ahead of the curve and create resilient organizations?
Recorded: September 22 | 2022 Attend
Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. It disrupts or halts an organization’s operations and poses a dilemma for management: pay the ransom and hope that the attackers keep their word about restoring access and not disclosing data, or do not pay the ransom and restore operations themselves. The methods used to gain access to an organization’s information and systems are common to cyberattacks more broadly, but they are aimed at forcing a ransom to bepaid.
Recorded: September 8 | 2022 Attend
A huge percentage of data breaches start with privileged credential abuse. There are often many privileged accounts that today’s overburdened IT security teams lose track of them. Stop leaving privileged accounts available for attackers to compromise and insiders to misuse! Instead, discover and remove them to achieve zero standing privilege (ZSP).
Recorded: August 25 | 2022 Attend
It has always been challenging for security leaders to communicate the value of cybersecurity investments to board. Giving transparency about the weakness of organizations can be pretty uncomfortable but, it is essential to increase the Cybersecurity level. As an IT Manager, CISO, or CSO, your understanding of risk and compliance is intimate and understood in infosec terminology. You must offer board executives a set of data to help them make informed decisions based upon the optimal management.
Recorded: July 28 | 2022 Attend
The COVID-19 pandemic and increased geopolitical uncertainty has placed new priorities and responsibilities on the shoulders of risk and compliance professionals. Executives have realized that stronger ERM programs are required to remain competitive in this new era. Risk leaders, in turn, are looking beyond the urgent ERM measures required to handle the pandemic to how an effective enterprise risk management program can be a competitive differentiator for their companies.
Recorded: July 14 | 2022 Attend
Cyber Risk Quantification can help CISOs financially quantify risk for senior executives, identify program gaps, and prioritize areas for improvement. Unfortunately, despite the obvious benefits, many CISOs are struggling to implement cyber risk quantification (CRQ)
Recorded: June 23 | 2022 Attend
No matter how mature a cybersecurity program is, there always remains room for improvement. Digital transformation continually expands the scope of IT processes, and organizations continue to grapple with resource, staffing, and skill challenges.
Recorded: May 19 | 2022 Attend
Data privacy continues to make headlines and be a concern for many organizations. According to a recent study by CNBC, 23.1% of the 39 CFOs see cyber-attacks as the number 1 external risk to their company.
Recorded: April 21 | 2022 Attend
According to one study by Ponemon Research Institute, about 53% of organizations say they’ve had at least one third-party breach in the past two years with an average cost of $7.5 million dollars, and the majority of organizations still have immature third-party risk programs. As a result many organizations today are making deep investments into cybersecurity and implementing third-party risk assessment frameworks (such as NIST and ISO) to drive risk management and protect against constantly advancing cyber attacks.
Recorded: April 7 | 2022 Attend
Being a security professional has never been harder. The increasing threat environment, expanding attack surface, and continuous stakeholder demands for transparency are only adding to the challenges. It’s no wonder that Gartner’s latest report — “Predicts 2022: Cybersecurity” — states that cybersecurity leaders are “losing control” of decision making in an increasingly distributed ecosystem.
Recorded: March 24 | 2022 Attend
According to a recent survey by security vendor Anchore, 64% of businesses were affected by a supply chain attack in the past 12 months, and this year supplier attacks are expected to quadruple according to the European Union Agency for Cybersecurity. Third-party breaches can result in severe financial losses, downtime, loss of sensitive information, loss of reputation, breach of compliance, fines, and other legal liabilities.
Recorded: March 10 | 2022 Watch
The average ransom fee requested increased from $5,000 in 2018 to around $200,000 in 2020*, and according to FBI Director Christopher Wray, reports of ransomware attacks have tripled over the past year. The increased frequency and scope of these attacks present not only a business risk for a company, but legal and compliance risks as well.
Recorded: February 24 | 2022 Watch
How do hackers survey your company to identify gaps in your security program? Rachel Tobac executes these attacks for a living! But she's not a criminal, she's a white hat hacker -- launching successful social engineering attacks to train others on the up-to-date methods criminals use to gain access to your money, data, or systems, before the bad guys get there first.
Recorded: February 3 | 2022 Watch
Keeping track of cyber threats isn’t easy. The sheer volume of information threat researchers must sift through makes it difficult to collect, analyze, and research that data on time. The key to success is leveraging advanced analytics. It has been estimated that it would take 8,774 analysts working full time for a year to process the same amount of security event data that advanced analytics can process in that same time frame. Advanced analytics takes you from simply monitoring cyber security threats to active threat analytics, management, and prevention.
Organizations today are tasked with meeting the challenges of the current business climate, one of which is managing GRC processes which are often siloed. GRC has a wide reach and impacts many departments across an organization, but when it is done right, benefits accrue. Organizations that integrate GRC processes and technology across departments can ensure the right people get the right information at the right times; that the right objectives are established; and that the right actions and controls are put in place to address uncertainty and act with integrity.
Recorded: November 16 | 2021 Watch
Cybersecurity risks come in many forms, and most importantly, risks are evolving at an increasingly rapid pace. Organizations across industries should work to implement adaptive cybersecurity processes that enable them to predict, prepare and react to the shifting landscape of cyber threats. The NIST Cybersecurity Framework enables organizations to apply the principles and best practices of security to drive risk management and protect against constantly advancing cyber attacks.