Recorded: February 5 | 2014 Play
Providing services and features to website visitors often requires deploying many third party service providers for analytics, marketing, payment processing, and data management. Managing risk from these third parties is vitally important in a landscape filled with new threats and regulations. The nature of these relationships requires that information be shared, and risk accrues whenever sensitive information is shared with or processed by third parties.
During this webcast our panel will specifically address the practical 'how to's' around managing website data to reduce corporate risk, and we'll look at some cost effective third party due diligence solutions.
Speakers
Brandon Dunlap is the Managing Director of research at Brightfly. He has more than 15 years of experience managing business technology risk in large and small organizations. He has served in a variety of roles across heavily regulated industries, successfully leading all aspects of IT security programs, including policy and procedure management, oversight and control, strategy, architecture, development, and training. Currently, he is the Managing Director of Research of Brightfly, an independent, advisory and research firm that focuses on building a collaborative IT practitioner communities and bridging the gaps within information technology, security, risk, compliance, and audit disciplines.
Ed Ferrara is Principal Analyst for Security and Risk at Forrester Research. He contributes to Forrester's offerings for the Security & Risk Professional, leading the company's coverage of security metrics, security program effectiveness, security awareness, and enterprise security information architecture. Ed's research builds on his work as a highly experienced in-program manager for the design and delivery of secure information technology solutions, including strategy, process, applications, and infrastructure. He has consulted with Fortune 50 companies in the area of solution determination based on understanding the needs and the skills required to create a successful security posture for organizations.
Kevin Trilli is the VP of Product Management at TRUSTe. He brings over 15 years of high–tech product management and entrepreneurial experience to TRUSTe and is an industry thought leader around online identity, reputation and trust. Prior to TRUSTe, Kevin founded AssertID, a technology company that provides identity– and age–verification services for social networks. Previously, Kevin spent eight years at VeriSign, including as director of product management for the SSL, authentication and security services business units. Kevin holds multiple patents and patent applications in online identity. Before joining the Internet industry, Kevin held positions in the semiconductor and chemical industries in product management, product development, engineering and operations.000Kevin has a Master's of Science in Management from the Stanford Graduate School of Business, where he is a Sloan Fellow. Kevin also holds a Bachelors of Science in Chemical Engineering from the University of Illinois at Urbana–Champaign, where he concurrently served as a lab administrator for the University Computer Services Organization.
Yo Delmar is the Vice President of GRC Solutions, MetricStream. Ms. Delmar comes to MetricStream with over 30 years of experience in Information Technology and Management, with a focus on Governance, Risk and Compliance over the past 10 years. Most recently, as Director, GRC, EMC Consulting, Ms. Delmar was responsible for launching GRC Advisory Services for the Security and Risk Management Practice of EMC's consulting division.Prior to EMC, through her own company, Delmar Consulting, Ms. Delmar held interim executive positions at GRC and Security Risk Management companies and provided advisory services to F1000 on the implementation of GRC programs. Ms. Delmar holds a B.Sc. (Honors) in Mathematics and Computer Science and an M.B.A. from Dalhousie University in Canada. She is also a Certified Management Consultant (CMC), Certified in Governance of Enterprise IT (CGEIT), and a Certified Information Security Manager (CISM).