Name: Prepare for PCI DSS v4.0 with Confidence
Start: 2024-06-26T16:00:00Z
End: 2024-06-26T16:00:56.000Z
Location: BrightTALK
Rating: 0

A global leader in cybersecurity ratings, SecurityScorecard's mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

Thousands of organizations leverage our patented rating technology for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. But we don’t stop there. Through a customer-centric, solution-based commitment to our partners, SecurityScorecard is transforming the digital landscape by building a path toward cyber resilience. 

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

Únete a nosotros en este webinar para aprender cómo medir y reportar adecuadamente los riesgos cibernéticos al negocio. Descubre cómo alinear los esfuerzos de los equipos que protegen y operan el negocio con los que toman decisiones estratégicas. Gestionar riesgos es una tarea de equipo, donde el CEO actúa como capitán. Este capitán necesita la mejor información disponible para llevar el negocio en un mundo cada vez más desafiante, con recursos limitados y ataques sofisticados.

Cómo comunicar el Riesgo Cibernético al Board en tiempos de tormentas

Com a crescente digitalização do setor de saúde, os hospitais estão cada vez mais expostos a ameaças cibernéticas, colocando em risco não só a segurança dos dados dos pacientes, mas também a segurança dos próprios pacientes. Para os profissionais de saúde, um vazamento de dados não só mina a confiança do paciente, mas também expõe a instituição a consequências legais e financeiras severas. A violação da privacidade pode culminar em litígios, prejudicando a reputação do estabelecimento e levando à perda de pacientes. 

O que você vai aprender:
- Identificação de Ameaças Comuns: Conheça as ameaças cibernéticas mais frequentes no setor de saúde, incluindo malware, ransomware e ataques de phishing;
- Práticas de Segurança de Dados: Descubra as melhores práticas para proteger os dados dos pacientes e assegurar a privacidade;
- Políticas de Segurança: Entenda a importância de políticas robustas de segurança cibernética e como implementá-las eficazmente;
- Tecnologias de Proteção: Explore as tecnologias mais recentes em cibersegurança que podem ajudar a proteger os sistemas hospitalares;
- Resposta a Incidentes: Aprenda a desenvolver um plano de resposta a incidentes para minimizar o impacto de um ataque cibernético;
- Compliance e Regulações: Saiba mais sobre as regulações e normativas que afetam a segurança de dados no setor de saúde e como garantir a conformidade;

Palestrantes:
- Dani Pereira - Field Sales Director, Brazil, SecurityScorecard
-  Leandro Ribeiro - Gerente de Segurança da Informação, Hospital Sírio-Libanês

Benefícios da Participação:
Workshop com a SecurityScorecard: Com este webinar, tenha um desconto de 100% num workshop com a SecurityScorecard! O nosso workshop tem um custo de 6000 USD, mas se for umas das cinco (5) primeiras empresas a inscrever-se, durante o live do nosso webinar, terá acesso ao desconto! Não perca a oportunidade de revisar trinta (30) empresas, à sua escolha, que podem impactar a saúde cibernética da sua empresa!

Protegendo o Setor de Saúde Contra Ameaças Cibernéticas

Join Dr. Jared Smith for this talk on boosting SecOps and TPRM with Signals Intelligence. In this webinar, he’ll cover:

- the basics of signals intelligence (a quick introduction and history)
- technology application (including a dive into active scanning vs. passive collections)
- tracking adversaries using SIGINT techniques (Volt Typhoon)

Save your seat today!

Elevating Cyber Defenses: Boost SecOps & TPRM with Signals Intelligence

In order to safeguard sensitive data, maintain customer trust, and avoid costly penalties, cybersecurity leaders must continue to adapt to more than just the latest threat actor TTPs. 

Next up in our “Crafting Your Compliance Blueprint” series: Future-proofing your organization's cybersecurity compliance program.

Join Christopher Strand (Global Risk Officer) and Devaney Devoe (Senior Product Marketing Manager) as they discuss:
- Key differences and similarities between emerging frameworks, regulations, and mandates
- Overview of recent cybersecurity themes and real-world examples (DORA, SEC, NIST CSF 2.0, etc)
- Actionable recommendations to accelerate collection of security controls and posture 
- Best practices for risk assessment and compliance to effectively communicate risk to the board and future-proof your organization

Save your seat today!

Future-proof Your Organization’s Compliance Program

Cybersecurity is increasingly a team sport; you aren’t going to boost your cyber resilience without engaged executives and secure suppliers.

To that end, join SecurityScorecard’s Aleksandr Yampolskiy and the Cyber Rescue Alliance’s Kevin Duffey for this discussion on:
- Benefits of a more collaborative cybersecurity community
- Building on highly predictive cyber risk scores to improve security posture 
- Best practices to engage your executives, employees, and vendor ecosystem to move the dial on managing (and reducing!) cyber supply chain risk 

Save your seat today!

Engage Executives & Support Suppliers to Boost Cyber Resilience

It wouldn’t be a webinar in 2024 if we didn’t talk about AI. 

But we’re going beyond the hype and taking a more practical approach. Join Aleksandr Yampolskiy (CEO and Co-Founder, SecurityScorecard) and Michael Schrage (Visiting fellow, Imperial College Business School; Research fellow, MIT Sloan Initiative on the Digital Economy) for this discussion on how AI-powered:
- Selvesware and recommendation engines will shape the future of self-improvement
- KPIs can continuously learn and improve an organization’s growth
- Data-curation can drive both insights and security in the future

Save your seat today!

Selvesware, Enhanced Metrics, and The Future of Advice

As notable cyber security breaches – including zero-days – feel like they’re only increasing in frequency, Purple Teaming emerges as a strategic approach that surpasses the traditional Red Teaming paradigm. 

Join SecurityScorecard’s David Mound as he chats through the benefits of Purple Teaming. Learn how to
- Foster a more collaborative environment (with Red and Blue teams working in tandem)
- Fortify the cybersecurity posture of the organization (with a combination of offensive and defensive strategies)
- Facilitate deeper insights into adversary tactics and strengthen incident response capabilities (with more structured, tailored campaigns that ensure ongoing refinement of defense mechanisms)

Save your seat today!

Elevate Your Cyber Defense: The Power of Purple Teaming

When start-ups scale-up, their cybersecurity -- or lack thereof -- is increasingly viewed as the backdoor into the larger organizations they serve.

Join Aleksandr Yampolskiy (CEO and Co-Founder of SecurityScorecard) and Harry Moseley (former CIO at Zoom, KPMG, and more) for a conversation on the:
- evolution of the C-Suite's interest in cybersecurity and data within an organization
- strategies to emulate (and avoid) in scaling up the security architecture of a growing organization
- key things to think about in scaling the security of organizations in an era where third-party breaches are on the rise

Save your seat today!

Cybersecurity In An Era of Scaling Start-Ups & Data Breaches

Saiba como podemos entender os desafios que envolvem a gestão de riscos de terceiros, que acabam por afetar  e impactar a saúde cibernética de uma organização, atuar sobre estes desafios com inteligência e automatização, criando um processo vivo, inteligente e colaborativo com os terceiros.

Com esta sessão aprenda como:
- criar processos inteligentes de gestão de riscos de terceiros;
- usar uma solução de TPRM para dar visibilidade ao compliance;
- a automatização é a regra do sucesso;
- otimizar seus recurso de tempo, de equipes e financeiros.

Os desafios da gestão de riscos de terceiros

Notre dernière analyse révèle que les 100 plus grandes entreprises françaises ont toutes été exposées à une faille de sécurité au cours des douze derniers mois. En cause, leur chaîne d’approvisionnement.

Pour parer à ces menaces, découvrez comment optimiser et automatiser la gestion des risques cyber pour l’ensemble de votre écosystème (fournisseurs, filiales, partenaires, M&A...) :
- Analyse complète de la surface d’attaque de votre supply chain
- Surveillance en continu de vos tiers
- Détection automatique des nouveaux fournisseurs
- Identification et correction des vulnérabilités
- Réponse aux nouvelles réglementations (NIS2, DORA)

Nos experts seront à disposition pour répondre à toutes vos questions en direct à la fin de la session.

Cybersécurité des tiers: Automatiser la gestion des risques

Change. Ascension. It hasn’t exactly been a great year to date for healthcare cybersecurity.

In this 20-minute talk, SecurityScorecard’s Matthew Ancellin highlights the healthcare findings from our report on Global Third-Party Cybersecurity Breaches (an in-depth analysis of the most significant third-party cyber risks and incidents in 2023) released earlier in the year. 

Questions we’ll address:
- What are 3rd party breaches?
- Who are the prime perpetrators of 3rd party breaches? 
- Why does healthcare get more than their fair share of third party breaches?
- What is the nature of B2B relationships involved in supply chain breaches?
- How can the healthcare industry make their supply chains more resilient?

2023 Supply Chain Breach Analysis in Healthcare

現代企業面對來自全球的數位供應商，供應鏈千絲萬縷。
可是未知、不安全、不斷變化的供應鏈攻擊面讓 CISO 夜不能寐。

根據估計，超過 70% 的漏洞都是供應鏈攻擊造成的： MOVEit 和 SolarWinds 就是很好的例子。
有些公司的資安團隊不具備評估和保護供應鏈的工具和專業知識，不足夠應付日新月異的供應鏈
攻擊。又或是 TPRM 團隊使用過時的基於問卷的解決方案，同樣，他們不具備安全專業知識。
現實情況是，大多數公司甚至不知道誰是他們的供應鏈供應商：供應鏈供應商的違規行為總是出
乎意料。我們看到，出現漏洞的公司會向客戶解釋，真正被入侵的其實是供應商。不幸地，他們
的聲譽已經受損了。

供應鏈安全領域需要徹底的模式轉變!

是次線上講座，我們將分享SecurityScorecard MAX解決方案如何:
● 識別並修復可能使您暴露的網路關鍵漏洞
● 解決網路安全人才缺口問題，使您能夠將團隊投入到其他關鍵專案中去
● 做到客戶供應商監控的同時, 讓我們負責供應商管理和溝通，節省時間和金錢
● 利用易於理解的即時報告，讓您的安全領導者能夠交流成功經驗

請立即登記參加

新世代供應鏈網路風險管理

Critical infrastructure services in North America face accelerating threats from both nation-states and other sophisticated threat actors. Governments globally are grappling with how to best balance incentives, support, and direct oversight. Meanwhile, critical infrastructure owners and operators face significant challenges with technology, staff resources, and expertise to better manage cyber resilience.

Join Cheri Caddy (Senior Technical Advisor for Cybersecurity, US Department of Energy), Brendan Peter (VP, Global Government Affairs, SecurityScorecard), and John Breeden II (Moderator & Contributing Editor, FedInsider) as they discuss:

- Trends in cyber threat activities that organizations may see
- Metrics to determine the cyber resilience in different critical infrastructure sectors
- Tools available to address these kinds of threat activities
- Actionable recommendations to build flexibility to respond to evolving threats

Metrics That Matter for Critical Infrastructure Cyber Resilience

Missed us at RSAC? Join SecurityScorecard's Dr. Jared Smith, Distinguished Engineer, Threat Research in this session, where he'll discuss:
- the symbiotic relationship between Threat Intelligence, Security Operations, and Third-Party Risk Management
- outcome-driven metrics for Supply Chain Cyber Risk Management
- real-world examples and strategies to mature your cybersecurity posture and increase collaboration across security teams

Save your seat today!

Mature Your Cyber Defenses: Are You Smarter Than Your Third-Party Risks?

DoubleClick. MongoDB. Gilt Groupe. Business Insider. Zola.com. Nomad Health. And so many more. 

Join Kevin Ryan (the “Godfather” of NYC Tech) and Aleksandr Yampolskiy (CEO & CO-Founder SecurityScorecard) for this webinar discussing the:
- Ideas worth incubating in the NYC tech space in 2024 and beyond
- Broader trends to note in what may be the next innovative start-ups
- Lessons learned in scaling up across various stages of building an enterprise

Save your seat today!

The Founders’ Take: Strategies for Start-Ups & Scaling Up

¡Descubre cómo la automatización puede cambiar la forma en que manejamos los riesgos en empresas con pocos recursos! Aprende cómo la inteligencia artificial puede hacer más simple nuestros procesos y cómo trabajar juntos puede reducir los riesgos.

Aprende a comunicar los riesgos de manera efectiva a tu empresa y descubre cómo nuestro programa de gestión de riesgos de terceros de SSC puede ser implementado fácilmente. ¡No te pierdas esta oportunidad de mejorar la gestión de riesgos en tu empresa! ¡Regístrate ahora para asegurar tu lugar!

Automatizando la gestión de riesgo de terceros

As regulatory mandates and frameworks continue to emerge, cybersecurity leaders must continue to adapt to more than just the latest threat actor TTPs. 

Next up in our “Crafting Your Compliance Blueprint” series: Implementing the updated NIST Cybersecurity Framework. NIST CSF 2.0 empowers cybersecurity leaders to proactively address evolving threats and safeguard their organization's assets, operations, and reputation.

Join Adam Bixler (Principal, Squadra Ventures), Christopher Strand (Global Risk Officer), and Steve Cobb (CISO, SecurityScorecard) as they dissect the latest updates for NIST CSF 2.0, focusing on the five key updates, including core framework revisions, organizational profiles, and tier structures. 

In this webinar, you will:
- Better understand how the NIST CSF 2.0 framework impacts risk management processes across departments to assess, prioritize, and mitigate risks effectively
- Hear from cybersecurity leaders on how they predict these updates will impact policy management, reporting, and boardroom discussions 
- Walk away with actionable recommendations and best practices to implement the NIST CSF 2.0 framework effectively, enable better communication and collaboration, and strengthen your cybersecurity posture

Save your seat today!

Implementing NIST CSF 2.0 Controls with Confidence

As regulatory mandates and frameworks continue to emerge, cybersecurity leaders must continue to adapt to more than just the latest threat actor TTPs. 

Next up in our “Crafting Your Compliance Blueprint” series: complying with PCI DSS v4.0. 

Implementing the new PCI DSS v4.0 assessment and reporting requirements can be challenging, but are in place to empower cybersecurity leaders to proactively address evolving threats to card data and payment systems while ensuring proper scrutiny on the organization's critical controls, assets, operations, and security posture.

Join Christopher Strand (Global Risk Officer) and Brian Contos (Chief Strategy Officer, Sevco Security) as they discuss:
- How PCI DSS v4.0 assessment themes differ from its predecessor’s (3.2.1) and what to prioritize in the lead up to March 2025 when new requirements become mandatory
- Best practices for analyzing your attack surface, prioritizing the gaps you find, and conducting risk assessments as a process
- Actionable recommendations to help enforce and prove controls within PCI DSS v4.0 assessments to enable better and accelerated collection and communication of compliance and security policy

Save your seat today!

Prepare for PCI DSS v4.0 with Confidence

Cyber Security

Compliance

Cyber Resilience

PCI Compliance

PCI DSS

PCI Standards

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Prepare for PCI DSS v4.0 with Confidence

Presented by

About this talk

More from this channel