Recorded: March 10 | 2022 Watch
The average ransom fee requested increased from $5,000 in 2018 to around $200,000 in 2020*, and according to FBI Director Christopher Wray, reports of ransomware attacks have tripled over the past year. The increased frequency and scope of these attacks present not only a business risk for a company, but legal and compliance risks as well.
Recorded: February 24 | 2022 Watch
How do hackers survey your company to identify gaps in your security program? Rachel Tobac executes these attacks for a living! But she's not a criminal, she's a white hat hacker -- launching successful social engineering attacks to train others on the up-to-date methods criminals use to gain access to your money, data, or systems, before the bad guys get there first.
Recorded: February 3 | 2022 Watch
Keeping track of cyber threats isn’t easy. The sheer volume of information threat researchers must sift through makes it difficult to collect, analyze, and research that data on time. The key to success is leveraging advanced analytics. It has been estimated that it would take 8,774 analysts working full time for a year to process the same amount of security event data that advanced analytics can process in that same time frame. Advanced analytics takes you from simply monitoring cyber security threats to active threat analytics, management, and prevention.
Organizations today are tasked with meeting the challenges of the current business climate, one of which is managing GRC processes which are often siloed. GRC has a wide reach and impacts many departments across an organization, but when it is done right, benefits accrue. Organizations that integrate GRC processes and technology across departments can ensure the right people get the right information at the right times; that the right objectives are established; and that the right actions and controls are put in place to address uncertainty and act with integrity.
Recorded: November 16 | 2021 Watch
Cybersecurity risks come in many forms, and most importantly, risks are evolving at an increasingly rapid pace. Organizations across industries should work to implement adaptive cybersecurity processes that enable them to predict, prepare and react to the shifting landscape of cyber threats. The NIST Cybersecurity Framework enables organizations to apply the principles and best practices of security to drive risk management and protect against constantly advancing cyber attacks.
Recorded: October 21 | 2021 Watch
As organizations have increased their scope of vendors and partners, they have also increased their digital risk surface and are facing new challenges regarding vendor risk management. By taking a data-driven approach to identifying, understanding, and acting on risk, you can efficiently eliminate your organization's most critical third-party security gaps.
Recorded: September 23 | 2021 Watch
We are all in the risk business. No risk, no business. The biggest risk points are usually where the biggest opportunities lie to better meet your strategic objectives, enable and drive growth, improve reputation management and confidence in decision-making — and face fewer surprises.
Recorded: September 16 | 2021 Watch
Colonial Pipeline. JBS meat processor. Scripps Health. The list of recent high-profile ransomware victims is long and growing. So are the costs to recover from these crimes.
Recorded: August 26 | 2021 Watch
Data breaches are one of the world’s biggest cybersecurity threats for organizations of all sizes. A recent survey conducted by the Ponemon Institute revealed that 59% of organizations have experienced one or more data breaches caused by a third party, costing an average of $7.5 million to remediate. Incorporating current threat intelligence is critical to building and maintaining an effective third-party risk program.
Recorded: July 22 | 2021 Watch
Incident response teams, threat hunters and security operations centers need visibility into what’s happening on their networks so they can make sense of their traffic and move at the speed of attacks. Cybersecurity best practices have moved from protection to detection and response and the lens is refocusing again on data-driven security. Data is the key to making more informed, strategic cybersecurity decisions — and ensuring you’re spending your security dollars effectively. Continuous data-driven monitoring of security in your organization and in every vendor organization with access to your IT infrastructure is the only strategy that will keep you one step ahead of the bad guys.
Recorded: June 17 | 2021 Attend
Corporations give their law firms more sensitive information than any other type of vendor. Yet surveys show that 70% of companies do not assess the security of their firms and legal service providers.
Recorded: June 24 | 2021 Watch
Traditional Vendor Risk Management tactics are inadequate for understanding the cybersecurity posture of your vendor ecosystem. Your organization should also make sure that your program is efficient in its processes and works to enable business, mitigate risk, ensure compliance and that it fits into your organization’s overall structure. Whatever your company size and regardless of the number of vendors you have, creating efficiencies across your vendor risk management program isn’t just helpful—it’s critical if you want to properly assess the security posture of your vendors.
Recorded: May 26 | 2021 Watch Now
2021 is set to be an exciting one for privacy protection legislation as several notable privacy laws will begin enforcement, with several others falling in line to the new international standard set by the GDPR.
Recorded: April 29 | 2021 Attend
Procurement, IT, and Compliance leaders struggle to manage today’s complex regulatory environment, expansive supply chains, and compliance burdens. Difficulties increase as organizations subject themselves to additional risk by involving more third parties—suppliers, sales agents, and even charities—as regulations grow ever-more complex.
Recorded: March 25 | 2021 Attend
Cyber-risk management has been forever changed by COVID-19. From the sudden and exponential growth of the remote workforce to the increase in cyber threats that exploit the expanding attack surface, the pandemic has created new challenges which require new strategies for effectively managing cyber risk. This paradigm shift has accelerated the demand for efficiency and forced a new mindset for risk and compliance teams who are relying on automation technologies like never before.
Recorded: February 25 | 2021 Attend
The frequency and severity of security incidents has risen as cyber criminals continually adapt their methods of attack to maximize profit, from mass-market approaches, to compromising as many organizations as possible, to more sophisticated attacks that target specific companies. This is why building an IT security strategy that has data-driven threat intelligence (TI) at its core is so critical.
Recorded: January 28 | 2021 Watch Now
Last year, 59% of companies experienced a third-party data breach, and current global uncertainty is a reminder of the increasing complexity of managing third-party risk. Balancing the risks and benefits of using third parties to deliver business services has always been key and during a crisis, the risks can be significantly heightened.
Recorded: December 17 | 2020 Watch Now
Working From Home (WFH) is rapidly becoming the new norm, and cyber criminals across the globe are leveraging the panic induced by this pandemic to launch disruptive cyber-attacks. In the new WFH normal, you will have to secure every aspect of the architecture, whether it’s on premise hardware, cloud infrastructure or your employee’s endpoint devices. Any weakness in this entire chain will expose your IT infrastructure to security risks.
Recorded: November 19 | 2020 Watch Now
Cyberattacks can cost an organisation its reputation, its customers and a great deal of money, making CEOs and board members more accountable. Yet, research shows that a high percentage of corporate boards are not actively involved in cybersecurity oversight. Nonetheless, Gartner estimates by 2021, 100% of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually.
Recorded: October 22 | 2020 Attend
Many organizations rely on governance, risk, and compliance (GRC) technology to consolidate risk information from internal sources (such as finance, IT, and operations) and external sources to understand their threat landscape. Yet as vendor ecosystems grow in size and complexity, risk management teams are increasingly struggling to procure and maintain high-quality, real-time data to feed their GRC systems.
Recorded: September 24 | 2020 Attend
Third-party risk management (TPRM) programs are designed to offload that risk, but the current approach isn’t providing the intended results. According to the Ponemon Institute, nearly 61% of U.S. companies have experienced a data breach caused by a third party.
Recorded: August 27 | 2020 Attend
Under the weight of new and changing regulations around the world, many organizations struggle to achieve compliance. They often lack a holistic view of their compliance profile and face increasing challenges due to digital transformation. Chief Compliance Officers who take a top-down approach are often met with resistance, but a successful program requires management to actively participate, not just sign off.
Recorded: July 30 | 2020 Watch Now!
In response to the Coronavirus Pandemic, countries are turning to tech to find solutions for containing the spread of the virus. New government initiatives including contact tracing apps are being implemented at lightning speed, and tele-health regulation is being approved in days instead of years. The world is rapidly digitising in response to all users working from home simultaneously, companies are adding network technology to expand coverage and capability, and online video conferencing is exploding.
Recorded: July 15 | 2020 Attend
In response to the COVID-19 pandemic, more employees are working from home than ever before, introducing corporate devices to a variety of new and evolving vulnerabilities. We recently examined the data we routinely collect from Internet traffic to learn more about how this unprecedented shift to remote work changed the security landscape — and the results were alarming.