Name: A CISO’s Guide to Demystifying Cyber Risk for the Board
Start: 2024-01-25T17:00:00Z
End: 2024-01-25T17:00:53.000Z
Location: BrightTALK
Rating: 4.9

A global leader in Supply Chain Detection and Response,  SecurityScorecard empowers swift management and mitigation of critical third-party risks.

Our mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

99% of Global 2000 companies are directly connected to vendors that have had recent breaches, per our latest collaboration with the Cyentia Institute. (Isn’t that a thought just in time for spooky season?!)

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Tom Quinn (CISO, T. Rowe Price) as they dive into:
- 3rd-, 4th-, and nth- party risk management with respect to evolving business needs
- Navigating the new normal of CISOs, including compliance and resource constraints
- Metrics that matter and the future of cybersecurity

Save your seat today!

The CISO’s Take: Navigating Risk, Resource Constraints, Compliance, & More

SaaS applications are transforming business operations, but they also introduce new security risks that many organizations aren’t fully addressing. Traditional third-party risk management (TPRM) focuses on vendor security, and we are finding that combining this information with how the vendors’ SaaS tools are being used in our organizations provide even more insights. 

Join Sachin Bansal (President, SecurityScorecard) and Lior Yaari (CEO and Co-Founder, Grip Security) for this webinar exploring the: 
-- Intersection of TPRM and SaaS identity risk management (SIRM)
-- Insights into the challenges security teams face today, and 
-- Best practices to address these challenges and strengthen your security program

Save your seat today!

TPRM Meets SIRM – Why Both Matter

¿Por qué la evaluación de riesgos de ciberseguridad se convierte en una base fundamental para llevar a cabo su viaje de seguridad con éxito?

En el entorno digital actual, las amenazas cibernéticas aumentan tanto en complejidad como en frecuencia. Las organizaciones se enfrentan a desafíos constantes para proteger sus activos críticos, datos y operaciones. Una evaluación de riesgos de ciberseguridad no solo identifica vulnerabilidades, sino que también establece una base sólida para implementar una estrategia de seguridad eficaz.

En este webinar, exploraremos por qué la evaluación de riesgos es una herramienta esencial para cualquier organización que busque fortalecer su postura de ciberseguridad. Abordaremos los siguientes temas clave:
 • ¿Qué es una evaluación de riesgos de ciberseguridad?
 • Identificación de vulnerabilidades y amenazas
 • Cómo la evaluación de riesgos ayuda a priorizar las inversiones en seguridad
 • Casos prácticos de cómo las empresas han fortalecido su seguridad mediante evaluaciones
 • Herramientas y metodologías para realizar evaluaciones efectivas

Este webinar está dirigido a profesionales de TI, gerentes de seguridad, consultores de ciberseguridad y cualquier persona interesada en mejorar la postura de seguridad de su organización.

Evaluación de Riesgo de Ciberseguridad

Comprendemos los desafíos que enfrentan nuestros clientes y alineamos esfuerzos para alcanzar sus objetivos empresariales, enfrentando los cada vez mayores retos de proteger sus organizaciones.
Acompáñanos en este webinar y descubre cómo uno de nuestros clientes ha encontrado en SecurityScorecard la brújula ideal para navegar en estos tiempos de tormenta.

Contenido:
• El contexto actual de la transformación digital;
• Desafíos actuales en ciberseguridad;
• Alineando la estrategia empresarial con la protección organizacional;
• Claves para anticipar y automatizar en medio de la tormenta.

Navegando las tormentas de la Ciberseguridad

99% of Global 2000 companies are directly connected to vendors that have had recent breaches. Coupled with the concentration risk of just a fragment of these vendors across the supply chain, understanding your vendor ecosystem is more important than ever.

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard), Oleg Stryzhak (Digital Supply Chain Risk Manager) and Tom Thimot (CEO, Supply Wisdom) as they dive into:
-- Key trends and threats within the cybersecurity landscape
-- Multi-domain risk monitoring and benefits of a holistic TPRM approach
-- Predictions for the 2024 security landscape, and more!

Save your seat today!

Secure Your Supply Chain: Expanding Your Risk Horizon Beyond Cybersecurity

“There is no machine unlearning.” 

Data sits at the intersection of privacy, security, and trust, and in the AI era, this is more important than ever. Accordingly, people, processes, and technology are crucial to the more responsible use of data and AI governance. Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Kabir Barday (CEO & Founder, OneTrust) as they dive into the:
- Impact of a dynamic regulatory regime and threats on the use of data in AI
- Different “chapters” of how to build and scale an organization, including some caveats around balance and fundamental shifts impacting the state of product-market fit
- Best practices in TPRM, the future of organizations with respect to trust, and more!

Save your seat today!

The Founder’s Take: The Responsible Use Of Data In An AI Era

Neste webinar, vamos explorar os principais desafios que o setor financeiro enfrenta em termos de cibersegurança. Discutiremos as ameaças mais recentes, as vulnerabilidades mais comuns e as melhores práticas para proteger dados sensíveis. Iremos compartilhar insights sobre como mitigar riscos cibernéticos em um ambiente de ameaças em constante evolução, garantindo a integridade e a confiança no sistema financeiro. Este webinar é essencial para profissionais que desejam fortalecer suas estratégias de segurança digital.

O que você vai aprender?
• As ameaças cibernéticas mais recentes e como elas impactam o setor financeiro.
• As vulnerabilidades mais comuns em sistemas financeiros e como mitigá-las.
• Estratégias eficazes para proteger dados sensíveis e manter a confiança dos clientes.
• As melhores práticas e tendências emergentes em cibersegurança.
• Casos de uso e soluções para fortalecer a infraestrutura de segurança.

Público-Alvo - Este webinar é ideal para:
• Profissionais de TI e segurança da informação que atuam no setor financeiro.
• Executivos de bancos e instituições financeiras responsáveis pela segurança de dados.
• Gestores de risco, compliance e segurança digital.
• Consultores e auditores de cibersegurança.
• Todos os interessados em cibersegurança voltada ao setor financeiro.

Benefícios da Participação:
• Atualização sobre as últimas tendências e ameaças em cibersegurança financeira.
• Aprendizado direto com especialistas da área.
• Dicas práticas para reforçar a proteção dos dados da sua organização.
• Oportunidade de networking com outros profissionais do setor.

Não perca essa oportunidade de se aprofundar nas melhores práticas de cibersegurança e proteger sua instituição frente aos crescentes riscos digitais! Esperamos contar com a sua presença!

Desafios da Cibersegurança no Setor Financeiro: Protegendo Dados e Mitigando Riscos

“Culture” is often thrown around as a differentiator, but for plenty of companies, it’s often ephemeral or just a list of bullets on the website (or the office walls). So it shouldn’t really come as a surprise that the tech industry has long been known for its high turnover. 

However, there are cultures that have clearly driven companies to success; NetApp was recognized as one of the Best Companies to Work For® consistently for many years. Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Tom Mendoza (former President and Vice Chairman, NetApp) as they dive into:
- Tenets of culture that bring teams together and incentivize the behaviors that drive success for the business
- How the focus of an organization should shift as it gets off the ground and scales
- Best practices to prepare for and work with your Board, and more!

Save your seat today!

Creating A Culture That Drives Success

"And it's at that point you realize you're not the only one on that network that maybe hasn't been invited in."

Join SecurityScorecard's Steve Cobb, Josh Fazio, Larry Slusser, and David Mound in this Halloween special, where they chat about some of the spookier experiences they've had in their careers. Expect to hear a little bit about:
- some concerning notes on dwell time
- the benefits of cybersecurity awareness training
- how very *not* private some of your information is, and more.

Save your seat today!

Tales from the Crypt

99% of Global 2000 companies are directly connected to vendors that have had recent breaches.

That’s a scary thought for this spooky season! But fear not, because you can improve the resilience of your organization by building your software supply chain with the help of trusted technology partners like AWS and SecurityScorecard.

Join Dylan Souvage (Partner Solutions Architect, AWS) and Bennett Morrison (Senior Vice President, Product Management, SecurityScorecard) in this discussion moderated by Charles Perschon (Director, Alliances, SecurityScorecard), where they’ll cover:
-- How to leverage the AWS Marketplace to access vetted security tools and services
-- The importance of continuous monitoring, threat detection, and supply chain security in the cloud and application dependency era
-- How SecurityScorecard can provide visibility into 3rd and nth-party risks 

Save your seat today!

Mitigate Supply Chain Risk with AWS & SecurityScorecard

The complexity and impact of technology supply chains creates challenges in operationalizing supply chain cybersecurity. There is a lack of visibility, actionality, and ownership that results in suppliers with weak security postures and more breaches in the supply chain. 

Introducing Supply Chain Detection and Response (SCDR), a proactive approach to identifying and resolving these risks. Exclusively offered by SecurityScorecard, SCDR is a solution for supply chain incident responders that drives critical issue identification, vendor responsiveness, and time to incident resolution. 

By leveraging risk intelligence, AI-driven workflows, and incident response capabilities, SCDR enables organizations to:
-- Detect zero days and active infections in your supply chain and remediate them within 48 hours
-- Remove friction in the vendor collaboration process and reduce issue resolution time by 90%
-- Reduce third-party breaches by 75% and elevate supply chain cybersecurity postures 

Join us for this webinar to learn more about how SCDR can help you prevent third-party breaches, reduce operational expenses, and improve relationships with suppliers.

Transform Supply Chain Security Into Proactive Detection and Incident Response

Building a start-up – cybersecurity or otherwise – has plenty of ups and downs. 

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Ross Haleliuk (Head of Product, LimaCharlie) as they chat about:
- Venture in Security and Cyber for Builders
- Factors of failure (and lessons learned) in building teams and cybersecurity start-ups
- Trends and solutions that might shape the future of cybersecurity

Save your seat today!

The Builder’s Take: Tales from the Crypt & The Future of Cybersecurity

In recent years, the frequency and severity of third-party breaches have highlighted the critical importance of robust Supply Chain Risk Management (SCRM). This webinar will shed light on the recent high-profile breaches, the vulnerabilities within supply chains, and the increasing need for comprehensive risk management strategies. We will explore the technologies for building a resilient program, and how each plays a pivotal role in safeguarding your organization. Join us to gain insights into effective risk management practices and the significance of continuous monitoring and ratings in mitigating third-party risks.

Understanding the Impact of Third-Party Breaches: A Deep Dive into Supply Chain Risk Management

Over the last 2 years, 98% of organisations globally have had a 3rd party in their ecosystem that has experienced a breach. This coupled with increasingly stringent regulatory mandates such as DORA, NIS2, Cyber Resilience Act and SEC Materiality have made making cyber supply chain risk actionable a must.

In this webinar, you will have the opportunity to learn what approaches your peers at Shell and Petronas have taken to build a more secure and resilient supply chain.

Using real-world insights, this session will explore best practices for supply chain risk management, including:

● How to prioritise cyber risk in the supply chain and eliminate alert noise
● How organisations are getting ahead of requirements related to NIS2, DORA, Cyber Resilience Act and SEC Materiality
● How to leverage AI to automate workflows and free up resources
● How far downstream in the supply chain to address risk and the type of solutions leaders in Supply Chain Assurance look for to give them an edge

This webinar was hosted in partnership with the Information Security Forum (https://www.securityforum.org/)

CISO Panel: Best Practices and Emerging Trends in Supply Chain Risk Management

Join us for the next installment in our "Crafting Your Compliance Blueprint" series as we delve into two critical regulatory frameworks: DORA and NIS2. As regulatory requirements continue to evolve, cybersecurity leaders must stay ahead—not just by adapting to the latest threat actor tactics, but also by navigating the complexities of compliance.

In this webinar, Andy Barratt (VP, Technology & Enterprise, Coalfire) and Christopher Strand (Global Risk Officer) will break down DORA and NIS2, highlighting the key differences, similarities, and overall scope of these frameworks.

Key topics include:
- How applying these themes will help more effectively measure your security posture
- Actionable steps to prioritize before the critical deadlines of January 17th and October 18th
- Best practices to build a future-proof compliance strategy that enhances your organization’s operational cyber resilience

Save your seat today!

Final Countdown: Critical Themes for DORA & NIS2 Compliance

Join Cyentia Institute and SecurityScorecard for a deep dive into the critical issue of third-party cyber risk facing the Global 2000. As economic powerhouses, these companies are prime targets for cybercriminals exploiting vulnerabilities within their complex supply chains.

This webinar will explore the key findings from a comprehensive report analyzing the cyber risk landscape of the Global 2000. We'll delve into:

- An overview of recent breaches the Global 2000 has experienced.
- How the Global 2000 compares to SMBs as it relates to the likelihood of suffering a breach and the cost of a breach.
- The complex ecosystem of the Global 2000, including its vulnerabilities and the potential risks posed by breaches within this network.
- Practical strategies and best practices that companies can implement to protect themselves from third-party cyber threats and minimize the potential impact of such breaches.

Supply Chain Cyber Risk in the Global 2000

Between malicious threat actors (cue data breaches and cyber attacks) and risk concentration of vendors within the technology landscape (cue cascading cyber incidents), having a resilient cybersecurity supply chain is more important than ever.

But first, you need to know and understand your cybersecurity supply chain.

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard), Ofer Klein (CEO & Co-Founder, Reco), and Andrea Bailiff-Gush (Head of Marketing, Reco) for this webinar, where they’ll discuss:
- Best practices for detecting connected nth-party and shadow IT and securing them
- How to protect your organization with a holistic – inside-out and outside-in – cybersecurity approach
- Metrics that matter and promising solutions within the cybersecurity landscape

Breaches Beyond Borders: Securing Your SaaS Enterprise & Vendor Ecosystem

99% of Global 2000 companies are directly connected to vendors that have had recent breaches. Given that 150 companies account for 90% of the technology products and services across the global attack surface, this should no longer come as too much of a surprise.

But the risk concentration within the vendor ecosystem – and the potential pitfalls – make it more important than ever to secure your cybersecurity supply chain, which in turn requires security practitioners to prove the impact of their programs to executives and the Board.

Join Sam Kassoumeh (Co-Founder, SecurityScorecard) and guest speakers Cody Scott (Senior Analyst, Forrester) and Rachel Ballard (Senior Consultant, Forrester) as they dive into:
- Underlying trends & themes within the cybersecurity landscape 
- Security ratings, their adoption, common use cases, and their evolution 
- Forrester’s Total Economic Impact™ (TEI) Study and how to prove out the ROI of your cybersecurity program

Save your seat today!

Secure Your Cyber Supply Chain & Prove Out Your Program’s ROI

It’s no surprise that one of the most daunting challenges faced by CISOs is the task of persuading their organization to invest in security capabilities. Security experts often focus on very granular, technical details, while boards want ROI and risk quantified in dollars and cents. 

But in an era of increasing regulations, cost-cutting measures, and a surge in third-party cyber risk at the enterprise level, how can cybersecurity practitioners and CISOs better translate cyber risk into the language of their board and stakeholders? 

Join distinguished CISO and security leader, Jim Routh and Aleksandr Yampolskiy, CEO and Co-founder of SecurityScorecard, as they discuss strategies on how CISOs can: 
- Demonstrate ROI in cybersecurity, aligning priorities of the security organization to broader business goals
- Identify KPIs that matter, including the benefits and pitfalls of security ratings
- Understand your audience and speak the same language as the board, opting for the economics and storytelling over tech talk
- Navigate the evolving cybersecurity landscape, including how the new SEC regulations and increased C-level personal liability will change the way CISOs communicate with the board

About Jim Routh
Jim Routh is a distinguished CISO and security leader with over 3 decades of experience at Fortune 500 companies, including American Express, Aetna, CVS Health, JPMorgan Chase, and MassMutual. He also serves as an Advisor and Board Member at multiple companies, including SecurityScorecard.

About Aleksandr Yampolskiy
Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard, is a globally recognized cybersecurity innovator, leader, and expert. Yampolskiy has served as CTO at BlogTalkRadio and was also CISO at Gilt Groupe, overseeing IT infrastructure security, fraud, application development, and PCI compliance.

A CISO’s Guide to Demystifying Cyber Risk for the Board

Cyber Security

Board Reporting

Security Ratings

Cyber Risk Management

Vendor Resiliency

Cyber Resilience

Trust

KPIs

Risk Management

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

A CISO’s Guide to Demystifying Cyber Risk for the Board

Presented by

About this talk

More from this channel