Name: Why Your Risk Quantification Method Limits Your Board’s Understanding of Cyber
Start: 2021-11-10T18:00:00Z
End: 2021-11-10T18:00:37.000Z
Location: BrightTALK
Rating: 0

Webinars, panels, and commentary for cutting-edge CISOs, cybersecurity teams, IT compliance professionals, and risk management experts.

Cybercriminals constantly develop and enhance their tradecraft to maximize the likelihood of success in their operations. At times, this evolution manifests in an expanded target set, while at other times, it includes changing operational outcomes. However, tradecraft evolution mostly involves revising the TTPs that cyber adversaries deploy. Despite several cybercriminals diligently updating their TTPs, many still rely on different implementations of social engineering to obtain initial access to enterprise and personal networks or to steal sensitive information. Specifically, the threat landscape has witnessed a growing number of malvertising and job recruitment scams over the last four years. 

How can enterprises protect their personnel and clients from these attacks? How can cybersecurity practitioners track these campaigns for analysis? Search engine results pages (SERP) are one efficient means to systematically identify and mitigate these threats. 

This talk from STRONGER 2024 highlighted how threat actors of varying sophistication are weaponizing malvertising and job recruitment scams in the wild and targeted attacks. The presentation explored how organizations can leverage SERP data to scope for malvertising activity and suspicious job recruiter impersonation for their enterprise. The presentation also addressed opportunities for automating the use cases and discussed the limitations of said opportunities.

STRONGER 2024: Threat Detection Breakfast: I'll Have Waffles with Extra SERP Please - APAC

STRONGER 2024: Threat Detection Breakfast: I'll Have Waffles with Extra SERP Please - EMEA

This session from STRONGER 2024 explored how realistic but fabricated audio and video content transform the cyber threat landscape. Deepfakes are increasingly used to manipulate public perception, perpetrate fraud, and commit identity theft, creating new challenges for security professionals and individuals alike. 

Gain a comprehensive understanding of the deepfake threat, learn about the latest developments in detection and prevention, and acquire actionable strategies to safeguard their digital environments. This talk will equip cybersecurity professionals, C-suite, and general users with the knowledge to navigate and respond to the growing risks posed by AI-driven cyber threats.

STRONGER 2024: Top Cybersecurity Threats in 2024: Emerging Cybersecurity Trends & How to Mitigate Them - APAC

STRONGER 2024: Top Cybersecurity Threats in 2024: Emerging Cybersecurity Trends & How to Mitigate Them - EMEA

Drawing from their extensive experiences as Board members and cybersecurity leaders, Larry Whiteside and Shamla Naidoo, discussed the Board's pivotal role in shaping and prioritizing cyber risk management. This fireside chat explored real-world challenges and successes in integrating cyber risk into corporate strategy, highlighting how boards can influence a top-down security culture. The speakers discussed their experiences navigating complex regulatory landscapes, driving strategic investments in cybersecurity, and driving practical collaboration between boards and executive teams. 

Gain actionable insights into how board members can lead transformative change in cybersecurity practices, ensuring their organizations are prepared to manage current and future risks.

STRONGER 2024: Cyber Risk Leadership: Insights from the Frontlines of Board Governance - APAC

STRONGER 2024: Cyber Risk Leadership: Insights from the Frontlines of Board Governance - EMEA

In an era of escalating cyber threats, the demand for skilled cyber security professionals has never been greater. This session offered a comprehensive exploration of the growing career opportunities in cyber security. Attendees gained valuable insights into cyber security organizations' structure and success metrics, essential skill sets required for various roles, and the industry's evolving landscape. From understanding the implications of high-profile cyber attacks to grasping the importance of protecting data, this presentation equips aspiring professionals with the knowledge to thrive in this critical field.

STRONGER 2024: Emerging Careers in Cyber Security - APAC

STRONGER 2024: Emerging Careers in Cyber Security - EMEA

From STRONGER 2024: Join Patrick Wright, Chief Information Security & Privacy Officer for the State of Nebraska, as he dove into the critical elements of designing an effective cyber risk management program at the state level. Patrick shared his journey from establishing a foundational security framework to achieving significant milestones in gaining stakeholder buy-in. 

Learn how he implemented strategies that transitioned Nebraska’s cybersecurity efforts from reactive to proactive, risk-based approaches. This discussion provided valuable insights into the practical challenges and key success factors in building a robust cyber risk management program tailored to the unique needs of state government.

STRONGER: Cyber Risk in the Heartland: Nebraska’s Path to Statewide Resilience - APAC

STRONGER: Cyber Risk in the Heartland: Nebraska’s Path to Statewide Resilience - EMEA

See how Rob Nolan, CISO at Expeditors, built the company's cyber risk management strategy in this session from STRONGER 2024. Rob discussed his challenges and successes while building a comprehensive cyber risk program. He dove into the critical role of quantifying risk and scenario planning, which paved the way for effective risk management and communication with his C-Suite and Board of Directors. Rob highlighted how Expeditors aligns cyber initiatives with business growth goals, and how he used cyber as a competitive advantage to grow the business. Learn from Rob's experience turning cybersecurity from a necessary safeguard into a strategic business enabler at a Fortune 300, with learnings that apply to companies of all stages.

STRONGER 2024: Building an Effective Cyber Risk Program to Drive Business Growth - APAC

Join Padraic O'Reilly, Founder of CyberSaint, and Mike Donaldson, Senior Director of Cyber Risk Services at CyberSaint, as they explore key findings from the Gartner® Innovation Insight: Cyber GRC Streamlines Governance report.

With 85% of organizations struggling with fragmented GRC systems, Padraic will discuss why this is a persistent issue and how companies can consolidate efforts for a unified view of cyber risk. We’ll dive into the rising importance of cyber risk quantification, spurred by new regulations like the SEC rule, and how continuous control monitoring (CCM) is reshaping compliance strategies.

We’ll conclude by discussing how CyberSaint’s unique platform addresses GRC integration challenges, improves efficiency, and delivers measurable outcomes.

Dive In: Gartner® Innovation Insight: Cyber GRC Streamlines Governance - APAC

Dive In: Gartner® Innovation Insight: Cyber GRC Streamlines Governance - EMEA

As AI transforms business and cyber processes across all industries, it is imperative to understand the intersection of the new NIST CSF “Govern” function and AI governance. This webinar will provide a comprehensive overview of how the principles of governance within the NIST CSF can be effectively aligned with AI governance practices to enhance organizational security and compliance.

We will begin by exploring the key components of the NIST CSF “Govern” function, focusing on developing and implementing governance policies, processes, and procedures. Following this, we will delve into the principles of AI governance, emphasizing ethical AI, risk management, and the need for fairness, accountability, and transparency in AI systems.

The core of the webinar will examine the intersection of the NIST CSF “Govern” function and AI governance, discussing how AI technologies can be seamlessly integrated into existing cybersecurity governance frameworks. We will address the unique challenges and opportunities that arise from this integration, providing insights into best practices and strategies for managing AI-related risks within the broader context of cybersecurity.

Transforming Cyber Risk Operations and Board Oversight with the Govern Function - APAC

In the evolving landscape of cybersecurity, integrating AI tools such as Microsoft Copilot and ChatGPT offers promising enhancements for cyber risk management and compliance. This discussion from STRONGER 2024, featuring Dr. Fortune Onwuzuruike, provided an in-depth discussion on the strategic implementation of AI in cybersecurity programs. Attendees gained valuable insights into common pitfalls to avoid alongside actionable best practices to optimize the effectiveness of AI tools. The session covered critical areas, including ethical considerations, vulnerability management, identity isolation, and continuous monitoring, ensuring that AI-driven solutions are leveraged to strengthen cyber resilience and compliance efforts. Explore the intersection of AI and cybersecurity, and learn how to harness the potential of advanced AI technologies while mitigating associated risks.

STRONGER 2024: Leveraging AI Tools in Cyber Risk and Compliance: Pitfalls to Avoid and Best Practices to Embrace - APAC

STRONGER 2024: Building an Effective Cyber Risk Program to Drive Business Growth - EMEA

Transforming Cyber Risk Operations and Board Oversight with the Govern Function - EMEA

STRONGER 2024: Leveraging AI Tools in Cyber Risk and Compliance: Pitfalls to Avoid and Best Practices to Embrace - EMEA

The CyberInsight Model: Quantifiable, Transparent, and a Driver of Success

STRONGER 2022: Model to Quantify Cyber Security Risks

FAIR 101 & 102 - The Basics and Beyond

Live Demo: Leveraging the FAIR Model with CyberStrong

Leveraging FAIR to Unite IT, Cyber, and Vendor Risk Management

Enabling Risk Register Benchmarking with CyberStrong

Risk Modeling: Quantify Cyber Insights for Effective Risk Management

As boards demand greater insight into their cyber posture, CISOs are being expected to dive deeper into the enterprise's exposure to and management of cyber and IT risk. Black-box risk analysis and quantification products and processes don't hold up in these circumstances and, in some cases, can severely limit a security leader’s ability to explain cyber risk to the Board. Join CyberSaint Enterprise Account Executive Patrick O’Brien and Booz Allen Hamilton Senior Associate for Commercial Cyber Strategic Consulting Christopher White as we dive into why opaque risk quantification is limiting your Board’s understanding of cyber and what methodologies enhance their understanding instead of hinder it.

Why Your Risk Quantification Method Limits Your Board’s Understanding of Cyber

risk quantification

fair

NIST

cybersecurity program management

CISO

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

The IT project management community on BrightTALK includes thousands of IT project and portfolio management professionals. Find relevant webinars and videos on agile methodologies, scrum strategy, project management processes and more. Attend live webinars or view on demand content presented by recognized thought leaders in the IT project management industry.

IT Project Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Why Your Risk Quantification Method Limits Your Board’s Understanding of Cyber

Presented by

About this talk

More from this channel