Name: Leveraging FAIR to Unite IT, Cyber, and Vendor Risk Management
Start: 2021-11-03T16:00:00Z
End: 2021-11-03T16:00:38.000Z
Location: BrightTALK
Rating: 5

Webinars, panels, and commentary for cutting-edge CISOs, cybersecurity teams, IT compliance professionals, and risk management experts.

This STRONGER 2024 session explored how automated control assurance revolutionizes managing and protecting our security posture more efficiently. We can achieve significant improvements over traditional methods by continuously monitoring and testing security controls through APIs, machine learning, and real-time analytics. Automated testing covers a broader scope, allowing for the testing of larger sample sizes or even entire environments. Leonard explored how automated testing applies to various control types, including patch management, network monitoring, and access controls. 

As regulatory requirements become more complex, the ability to automatically monitor and ensure compliance will become integral to cybersecurity strategies. Automation tools will increasingly handle security tasks and compliance duties, ensuring organizations meet all legal and regulatory standards without intensive labor. Leonard discussed the rise of adaptive security architectures that dynamically change configurations based on real-time threat analysis and emerging risk factors. This adaptability allows security systems to respond to current threats and evolve as new threats emerge, providing resilient security measures.

STRONGER 2024: It's Time to Move On (from Manual Controls Testing)

With the latest outage led by Crowdstrike, it is evident that even a mature organization may lead to an outage if not managed well. We provide insights to organizations by leveraging risk management frameworks; however, if the people, processes, and technology are not managed as required, there could be significant impacts. Join Priya Pandey for this breakout session from STRONGER 2024 as she explored the latest supply chain risk management trends and uncovers the importance of monitoring.

STRONGER 2024: Securing the Supply Chain: Trends, Risks, and Strategies

As cybersecurity becomes a boardroom imperative, the role of the Security Leader is rapidly transforming. This session from STRONGER 2024 explored the impact of recent SEC regulations on corporate governance and how to communicate to business executives in tangible, impactful terms. Padraic discussed the implications of the AI revolution on security leaders and the challenge of deploying and securing AI as both a business and technical leader. 

Learn how to effectively communicate cyber risk to board members, integrate AI-driven solutions for proactive risk management, and navigate the complexities of AI risk management with agility. This presentation is designed for security executives looking to turn regulatory challenges into opportunities for leadership and innovation in the boardroom and beyond. The session promises to equip security leaders with the knowledge and tools needed to elevate their role and influence at the executive table, ensuring that cybersecurity is a cornerstone of corporate strategy.

STRONGER 2024: The Evolving Boardroom: CISOs, SEC Rules, and the AI Revolution

This session from STRONGER 2024 explored how realistic but fabricated audio and video content transform the cyber threat landscape. Deepfakes are increasingly used to manipulate public perception, perpetrate fraud, and commit identity theft, creating new challenges for security professionals and individuals alike. 

Gain a comprehensive understanding of the deepfake threat, learn about the latest developments in detection and prevention, and acquire actionable strategies to safeguard their digital environments. This talk will equip cybersecurity professionals, C-suite, and general users with the knowledge to navigate and respond to the growing risks posed by AI-driven cyber threats.

STRONGER 2024: Top Cybersecurity Threats in 2024: Emerging Cybersecurity Trends & How to Mitigate Them

Join Jonathan Chan, Head of Global IT & Security at a leading healthcare technology company, for an insightful breakout session that explored the recent healthcare hack and its extensive implications for the cybersecurity landscape in healthcare and critical infrastructure at large. Jonathan dissected the attack, discussed the lessons learned, and shared actionable strategies to bolster security defenses. 

Gain a deeper understanding of the evolving threat landscape and discover best practices to protect your organizations from similar cyber threats by implementing risk management best practices.

STRONGER 2024: Preventing the Next Breach: Key Takeaways from the Healthcare Cyber Attack

Cybercriminals constantly develop and enhance their tradecraft to maximize the likelihood of success in their operations. At times, this evolution manifests in an expanded target set, while at other times, it includes changing operational outcomes. However, tradecraft evolution mostly involves revising the TTPs that cyber adversaries deploy. Despite several cybercriminals diligently updating their TTPs, many still rely on different implementations of social engineering to obtain initial access to enterprise and personal networks or to steal sensitive information. Specifically, the threat landscape has witnessed a growing number of malvertising and job recruitment scams over the last four years. 

How can enterprises protect their personnel and clients from these attacks? How can cybersecurity practitioners track these campaigns for analysis? Search engine results pages (SERP) are one efficient means to systematically identify and mitigate these threats. 

This talk from STRONGER 2024 highlighted how threat actors of varying sophistication are weaponizing malvertising and job recruitment scams in the wild and targeted attacks. The presentation explored how organizations can leverage SERP data to scope for malvertising activity and suspicious job recruiter impersonation for their enterprise. The presentation also addressed opportunities for automating the use cases and discussed the limitations of said opportunities.

STRONGER 2024: Threat Detection Breakfast: I'll Have Waffles with Extra SERP Please

This fireside chat featuring Rinki Sethi and Casey Essay, CISO and Deputy CISO of BILL.com, explored their successful partnership in leading a cybersecurity team and securing a leading technology enterprise in the age of AI. 

Learn from their experiences and strategies for managing cyber risk and leading secure AI implementation across the enterprise. This session discussed the critical nature of strong relationships security leaders must nurture to successfully ensure strong, secure growth in an ever-evolving threat and technology landscape.

STRONGER 2024: Leading Together: Collaborative Success in Cybersecurity Leadership

With critical infrastructure increasingly targeted by cyber threats, the need for resilient security strategies has never been greater. In this session from STRONGER 2024, David Mussington, Executive Assistant Director for Infrastructure Security at CISA, provided insights into the evolving threat landscape and shared best practices for fortifying vital systems. Attendees learned actionable approaches to safeguarding critical infrastructure, enhancing collaboration across sectors, and preparing for future challenges in an era of heightened cyber risk. 

Discover how to build a proactive defense and ensure the continuity of essential services in this pivotal discussion.

STRONGER 2024: Infrastructure Under Siege: Strategies for Robust Security with CISA's David Mussington

This final keynote panel from STRONGER explored the emerging technologies and platforms that security practitioners need to monitor to effectively counter the next generation of cyber threats. The discussion covered advancements in key areas such as artificial intelligence, machine learning, cloud security, IoT security, and zero trust architecture, offering insights into how these innovations can be integrated into security strategies. Additionally, the panel highlighted relevant certifications and educational opportunities that attendees can pursue to stay current with these new technologies. 

The panel brought together industry experts to provide a comprehensive view of the evolving technological landscape in cybersecurity, equipping practitioners with the knowledge and tools needed to stay ahead of emerging threats.

STRONGER 2024: Future-Proofing Security: Next-Gen Threats, Innovations, and Certifications

This STRONGER keynote panel focused on the heightened responsibilities and potential personal liabilities that CISOs face in light of the new SEC cyber risk reporting rules. The discussion centered on understanding materiality, the implications of these regulations on executive roles, and strategies for mitigating and effectively communicating company risk to reduce personal liability. The panel brought together leading experts in cybersecurity, legal compliance, and executive leadership to provide comprehensive insights and practical advice for navigating this complex landscape.

STRONGER 2024: Leadership Challenges in the Age of Cyber Regulations and Accountability

Drawing from their extensive experiences as Board members and cybersecurity leaders, Larry Whiteside and Shamla Naidoo, discussed the Board's pivotal role in shaping and prioritizing cyber risk management. This fireside chat explored real-world challenges and successes in integrating cyber risk into corporate strategy, highlighting how boards can influence a top-down security culture. The speakers discussed their experiences navigating complex regulatory landscapes, driving strategic investments in cybersecurity, and driving practical collaboration between boards and executive teams. 

Gain actionable insights into how board members can lead transformative change in cybersecurity practices, ensuring their organizations are prepared to manage current and future risks.

STRONGER 2024: Cyber Risk Leadership: Insights from the Frontlines of Board Governance

Feeling overwhelmed by the endless cybersecurity tools and jargon? You're not alone. In this session, Ashish Garg, Cybersecurity Executive, and Thought Leader cut through the noise and focused on what truly matters for protecting your information. Learn how to confidently navigate the complexities of cybersecurity by understanding the core principles that make a real difference. Ashish shared practical strategies that you can immediately apply to help you prioritize your efforts, streamline your security approach, and build a strong defense—without getting lost in a sea of options. 

Join us to simplify your cybersecurity journey and equip yourself with the essentials for effective protection.

STRONGER 2024: Strategies for Safeguarding in an Evolving Digital Landscape

2024 and 2025 will be busy years for privacy legislation and regulation. On the regulatory front, numerous state and federal agencies have adopted or plan to adopt expanded notification requirements, many of which have stricter and shorter deadlines than existing state law. Notable federal agencies that recently adopted such rules include the FTC, the SEC, and the Federal Housing Administration. On the state level, the NYDFS and several Attorneys General have stepped up reporting requirements and enforcement around data security incidents. 

This presentation provided an overview of the current state data breach notification laws, pending or newly enacted notification requirements adopted by various federal regulatory agencies, and key developments from state agencies and AGs concerning notification duties. Heather then discussed best practices for implementing an incident response plan focusing on preparing for and complying with this complicated web of breach notification requirements.

STRONGER 2024: Legislative and Regulatory Update: Preparing for New and Stricter Notification Requirements

In an era of escalating cyber threats, the demand for skilled cyber security professionals has never been greater. This session offered a comprehensive exploration of the growing career opportunities in cyber security. Attendees gained valuable insights into cyber security organizations' structure and success metrics, essential skill sets required for various roles, and the industry's evolving landscape. From understanding the implications of high-profile cyber attacks to grasping the importance of protecting data, this presentation equips aspiring professionals with the knowledge to thrive in this critical field.

STRONGER 2024: Emerging Careers in Cyber Security

This presentation from STRONGER discussed practical tips for building predictive risk models using Python and open-source libraries. Professor Huwyler explored how these models can detect unusual activity and threats in real-time, providing valuable insights to enhance cybersecurity measures. The session offered practical tips and recommendations, complete with code examples that you can implement immediately. He'll discuss various use cases to illustrate how these predictive risk models can be applied in real-world scenarios. Professor Huwyler demonstrated how to build these models with Python and published this code on a free-to-use platform, ensuring accessibility for all attendees from this session.

STRONGER 2024: Can AI Outsmart Cybercriminals? Building Predictive AI Risk Models in Python

This session explored the critical lessons learned from safeguarding New York City's vast infrastructure and services against evolving cyber threats. Gain a deep understanding of effective cyber risk management strategies, including risk assessment, incident response, and resilience building, with learnings that apply to security programs of all industries. The session highlighted the importance of public-private partnerships, community engagement, and robust policy frameworks in enhancing cyber defense. Learn how proactive cyber risk management can be applied to your organization to mitigate risks and protect critical assets.

STRONGER 2024: Big City, Big Risk: Lesson Learned from Protecting the City of New York

In the evolving landscape of cybersecurity, integrating AI tools such as Microsoft Copilot and ChatGPT offers promising enhancements for cyber risk management and compliance. This discussion from STRONGER 2024, featuring Dr. Fortune Onwuzuruike, provided an in-depth discussion on the strategic implementation of AI in cybersecurity programs. Attendees gained valuable insights into common pitfalls to avoid alongside actionable best practices to optimize the effectiveness of AI tools. The session covered critical areas, including ethical considerations, vulnerability management, identity isolation, and continuous monitoring, ensuring that AI-driven solutions are leveraged to strengthen cyber resilience and compliance efforts. Explore the intersection of AI and cybersecurity, and learn how to harness the potential of advanced AI technologies while mitigating associated risks.

STRONGER 2024: Leveraging AI Tools in Cyber Risk and Compliance: Pitfalls to Avoid and Best Practices to Embrace

See how Rob Nolan, CISO at Expeditors, built the company's cyber risk management strategy in this session from STRONGER 2024. Rob discussed his challenges and successes while building a comprehensive cyber risk program. He dove into the critical role of quantifying risk and scenario planning, which paved the way for effective risk management and communication with his C-Suite and Board of Directors. Rob highlighted how Expeditors aligns cyber initiatives with business growth goals, and how he used cyber as a competitive advantage to grow the business. Learn from Rob's experience turning cybersecurity from a necessary safeguard into a strategic business enabler at a Fortune 300, with learnings that apply to companies of all stages.

STRONGER 2024: Building an Effective Cyber Risk Program to Drive Business Growth

The CyberInsight Model: Quantifiable, Transparent, and a Driver of Success

STRONGER 2022: Model to Quantify Cyber Security Risks

FAIR 101 & 102 - The Basics and Beyond

Live Demo: Leveraging the FAIR Model with CyberStrong

Why Your Risk Quantification Method Limits Your Board’s Understanding of Cyber

Enabling Risk Register Benchmarking with CyberStrong

Risk Modeling: Quantify Cyber Insights for Effective Risk Management

In recent years, the FAIR model for cyber risk quantification has rapidly garnered attention from the industry. From Gartner to NIST, FAIR has emerged as the advanced risk quantification process for cyber risk programs. Too often, though, organizations are unsure if they’re ready for FAIR, how to begin, or even what FAIR is. In this talk, CyberSaint Senior Customer Advisor Hayley Pruett dives into what is FAIR, who should be using it, and how to get started.

Leveraging FAIR to Unite IT, Cyber, and Vendor Risk Management

FAIR Model

Cyber Risk Management

Cyber Risk Quantification

CISO

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

The IT project management community on BrightTALK includes thousands of IT project and portfolio management professionals. Find relevant webinars and videos on agile methodologies, scrum strategy, project management processes and more. Attend live webinars or view on demand content presented by recognized thought leaders in the IT project management industry.

IT Project Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Leveraging FAIR to Unite IT, Cyber, and Vendor Risk Management

Presented by

About this talk

More from this channel