Name: Standing Up Your 1st Compliance Framework: Misconceptions and Best Practices
Start: 2021-10-28T18:00:00Z
End: 2021-10-28T18:01:02.000Z
Location: BrightTALK
Rating: 4.9

We seek to empower compliance officers and everyone who participates with compliance efforts. With our content, we aim to help these professionals guide organizations toward correct actions, a more ethical culture, fairness and greater transparency. 

Headquartered in Bellevue, WA, Hyperproof serves as a system of record for an organization’s compliance data and gives teams involved the tools they need to collaborate with stakeholders in and outside of their organization. With this innovative approach, we’re able to help organizations meet their highest aspirations and demonstrate their commitment to protecting their customers, shareholders, partners and suppliers along with the greater community.

Check it out for yourself at hyperproof.io.

In an increasingly complex regulatory and legal environment, the misconception that security alone suffices or that compliance is merely a checkbox exercise can lead organizations into a false sense of security. To plan for the future, we must create a partnership between these two silos and align security and compliance efforts.

Join experts Shehnila Manzoor, Sr. Manager, Product Security Engineering Global at Red Hat, and Kayne McGladrey, Field CISO from Hyperproof to learn more about:

- How non-compliance can result in significant penalties
- How to implement a holistic approach to risk management by integrating security and compliance
- How to strengthen legal accountability and data protection through compliance and security alignment

Why Compliance is as Critical as Security in Cyber Risk Management

Beyond Checking the Box: Implementing a Pragmatic Risk Management Program

How To Build a Compliance Strategy vs. Transactional Compliance

Fast Forward Compliance: Operationalizing StateRAMP, HITRUST &  SOC 2 in Hyperproof

SEC Cybersecurity Rule: Continued Risk Focus

Join Hyperproof’s product showcase session where we’ll explore how Hyperproof transforms compliance and risk management into streamlined, scalable operations. This engaging session will dive into three key product functions of Hyperproof including Scalable Control Operations, Integrated Risk Management, and Adaptive Control Testing. Attendees will gain a comprehensive understanding of how Hyperproof’s unique solutions can increase compliance productivity, improve stakeholder visibility into risk and compliance, and reduce evidence collection time.

Hyperproof Product Showcase

Join the concluding webinar in our GRC Maturity Model series, where we’ll help you get started on self-assessing your organization’s maturity across Governance, Risk, and Compliance (GRC). Led by Kayne McGladrey, Field CISO at Hyperproof, this session provides a comprehensive step-by-step guide to understanding your company’s maturity levels. By the end of this webinar, you’ll have a clear understanding of how to improve your company’s resource allocation to enhance maturity.

In today’s session, we’ll discuss:

- How to conduct a thorough self-assessment of GRC maturity within your organization
- Who in your organization you can turn to for help
- How to drive improvements through informed resource allocation

How to Conduct a Self-Assessment for GRC Maturity

Join us for the second installment of our GRC Maturity Model series, featuring a panel discussion with industry experts on their perspectives on refining your approach to GRC maturity. In this interactive webinar, our expert panel will explore topics that can help you evaluate and accelerate your GRC maturity.

We’ll discuss: 

- Practical approaches to assess your current maturity level and align GRC initiatives with broader organizational goals
- How to identify key stakeholders and build the business case for change 
- Effective strategies to identify and engage key stakeholders across your organization

Navigating GRC Maturity: Insights and Strategies

Join our Field CISO, Kayne McGladrey, as he kicks off our GRC Maturity Model series. After in-depth conversations with CISOs worldwide, Kayne realized something was missing in the GRC world: the ability to truly understand an organization’s GRC maturity and the steps it would take to build the business case for change. In this webinar, Kayne will unveil Hyperproof’s GRC Maturity Model, an extensive guide he crafted using over 30 years of experience in GRC,  in-depth conversations with CISOs, and a thorough literature review. Discover how this model represents a pivotal advancement in the GRC landscape and get insights that will empower your organization's governance, risk, and compliance strategies. 

During this session, we will provide a foundational understanding of the GRC Maturity Model and explore its parts. We’ll discuss:

- Understanding the fundamentals of the GRC Maturity Model
- Why the GRC Maturity Model is significant for your organization
- The components and application of the GRC Maturity Model

Introduction to Hyperproof’s GRC Maturity Model

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels.

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Bryan Fisher, Staff Risk Manager at Ironclad, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne, Bryan will share insights into his current work and past experiences in the field.

In this episode, we will be covering topics from certifications, GRC benchmarking, AI governance, and third-party risk management. We will also be taking questions live from the audience.

InfoSec Pros: Bryan Fisher on the Modern GRC (Recording)

Join us for a webinar featuring Hyperproof and their impactful work with Artemis Health by Nomi Health. Discover how Hyperproof's solutions helped Artemis Health streamline their compliance processes, ensuring a smooth and efficient journey towards achieving HITRUST e1 certification.

We will delve into the specifics of how Hyperproof's products and services facilitated Artemis Health's preparation for the HITRUST e1 assessment and their ongoing efforts towards a HITRUST r2 assessment. Learn about the challenges faced by Artemis Health, the strategies implemented by Hyperproof, and the results that underscored their successful compliance journey.

Key takeaways include:

- Understanding the critical role of HITRUST certification in healthcare data security and compliance.
- Insights into Hyperproof's unique approach to compliance management and its application in real-world scenarios.
- Detailed exploration of the Artemis Health case study, highlighting the process towards achieving HITRUST e1 certification.
- Best practices and practical tips for organizations aiming to streamline their compliance efforts and achieve HITRUST certification.

Streamlining HITRUST Compliance with Hyperproof: Case Study with Artemis Health

Join us for a panel discussion on how organizations can transition from ad-hoc audit processes to a proactive approach to acing your audits. Our speakers will dive into the nuances of continuous monitoring, strategies for implementation, and the future landscape of audit and compliance.

In this webinar, we’ll discuss:
- Understanding continuous control monitoring: Learn how to differentiate frameworks, build a business case, gain executive buy-in, and get real-world examples of risk mitigation.
- Getting started: Explore initial steps, setting up systems, early issue detection, key metrics, and selecting the right compliance platform.
- Ethical considerations: Understand the ethical considerations and potential risks associated with AI throughout the audit process and how organizations can address them.
- Planning for the future: Discover best practices for maintaining audit readiness, addressing potential issues preemptively, and navigating the evolving landscape of automation and AI in the GRC space. 

Don't miss this opportunity to gain insights from industry experts and take your audit processes to the next level.

Streamlining Audits Year-Round: Transitioning from Ad-Hoc to Proactive Processes

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels.

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Carmen Marsh, President and CEO at United Cybersecurity Alliance, Confidence Staveley, Founder & Executive Director at CyberSafe Foundation, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Carmen and Confidence will share insights into their current work and past experiences in the field. Register now for your chance to learn from two of today’s top InfoSec pros.

Topics covered include:
- Cybersecurity Accelerator Program
- API Security
- Cybersecurity Woman of the Year

InfoSec Pros: Carmen Marsh and Confidence Staveley (Recording)

In today’s ever-evolving GRC landscape, organizations face multifaceted challenges in ensuring compliance, managing risks, and addressing security reviews efficiently. To tackle these hurdles effectively, businesses need a robust tech stack that works together to not only assess their compliance and risk posture but also streamlines the process of responding to security reviews. That's why the Safebase and Hyperproof teams are excited to announce their partnership, creating better access to the tools that make this possible. Through this partnership, our mutual customers will have the tools they need for their compliance management and trust center visibility. In doing so, users will be able to confidently build trust with their customers through transparency and demonstrated security commitment.

Join our experts, Lisa Hall, CISO at SafeBase and Kayne McGladrey, Field CISO at Hyperproof, to learn more about:
- Identifying common challenges associated with compliance and security posture
- How to transform your approach to security to save time by automating your compliance and security-related tasks
- Learn how SafeBase and Hyperproof combined can transform your compliance programs
- Learn how to increase customer trust and improve the customer experience

Elevating Trust Together: The Hyperproof and SafeBase Partnership

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels.

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Jim Rutt, CIO/CISO of The Dana Foundation, and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Jim will share insights into his current work and past experiences in the field. Register now for your chance to learn from one of today’s top InfoSec pros.

Topics covered include:
- Artificial Intelligence
- NIST AI Risk Management Framework
- Deepfakes

InfoSec Pros: Jim Rutt, CIO/CISO of The Dana Foundation (Recording)

This event was previously recorded live on Hyperproof's LinkedIn and YouTube channels.

During this Hyperproof live stream series, leaders in information security shed light on crucial topics that shape the modern cybersecurity landscape. This month’s episode features Jeff Costlow, Security Architect at Pryon, Inc., and our host, Kayne McGladrey, Field CISO at Hyperproof. Guided by Kayne and audience questions, Jeff will share insights into his current work and past experiences in the field. Register now for your chance to learn from one of today’s top InfoSec pros.

Topics covered include:
- Deputy CISOs
- Security Philosophy
- Complexity/History
- CSRB Report on Microsoft 
- CISA Reporting Requirements

Infosec Pros: Jeff Costlow, Security Architect at Pryon, Inc. (Recording)

Is your IT risk and compliance program ready for 2024 and beyond? 

For the last five years, Hyperproof has asked over 1,000 GRC professionals about their pain points, IT risk and compliance budgets, staffing, risk management best practices, and much more. We then compare results from the previous year, and provide an in-depth view of the market’s current state in our annual benchmark report. The 2024’s IT Risk and Compliance Benchmark report highlights a fascinating change in the overarching narrative of cybersecurity: respondents and key stakeholders from other departments are thinking about cybersecurity compliance as a key competitive differentiator rather than just a cost center.  

Join Hyperproof and ISC2 April 9, 2024 at 1:00 p.m. Eastern/10:00 a.m. Pacific to learn: 
-How unifying risk and compliance data affected survey respondents’ ability to mitigate risk, improve cybersecurity, and avoid breaches   
-Key trends for cybersecurity in 2024   
-How the market has responded to AI risks in 2023 and how cybersecurity professionals plan on leveraging AI in 2024   
-Why cybersecurity decision-making is becoming more collaborative with an integrated view of risk and compliance data.

Trends from Hyperproof's 2024 IT Risk and Compliance Benchmark Report

Enterprise GRC professionals are often pressured to minimize spend on risk and compliance initiatives while still maximizing their efficiency and keeping their organizations secure and compliant. Fortunately, there's a growing realization that the right GRC solution, traditionally seen as a cost center, holds untapped potential for better decision-making, unlocking a significant competitive advantage. As a result, they need to break down the data silos between risk and compliance activities to get a transparent, holistic view of their compliance and risk postures, but they aren’t always sure where to start.  

Join our experts Cheri Hotman, Partner, vCISO, Hotman Group and Kayne McGladrey, Field CISO from Hyperproof to learn more about:

- The drivers creating a growing need for transition from viewing GRC as a compliance obligation to operationalizing it as a strategic solution
- Practical strategies for transforming GRC operations, with a focus on breaking down silos
- Best practices for unifying risk and compliance data
- How to best prioritize GRC initiatives

From Cost Center to Competitive Edge: Operationalizing GRC

If your organization is trying to adhere to a compliance framework (e.g. SOC 2, ISO/IEC 27000 series, PCI, HIPAA) for the very first time, it’s normal to have questions and feel confused about many aspects of the project. Here at Hyperproof, we get a lot of questions from organizations new on the compliance journey, such as: 
What are risk assessments?
Can you give us security policy templates?
What controls do I need to implement to be SOC 2 compliant? 
What’s a gap assessment? 
Can I put SOC 2 and ISO 27001 compliance on auto-pilot with software? 

In this webinar, Aaron Poulsen, Hyperproof’s senior director of Security, Risk, and Compliance, and Charlie Wood, EVP at the Bonadio Group (a top 50 CPA firm) will discuss the most confusing aspects of standing up a security compliance program. They’ll address why it’s dangerous to take a “box-ticking” approach to compliance and why you can’t rely 100% on software to do all the work. Additionally, they’ll share ideas on how organizations can operate a rigorous compliance program and avoid adding a burden to their staff.  

Attendees will receive a Certificate of Completion, which can be used for CPE credit.

Standing Up Your 1st Compliance Framework: Misconceptions and Best Practices

Compliance

Cyber Security

Risk Management

Risk Framework

SOC 2

ISO 27001

Cloud Security

Risk Assessment

Policy Compliance

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Standing Up Your 1st Compliance Framework: Misconceptions and Best Practices

Presented by

About this talk

More from this channel