Name: CISO Panel: Best Practices and Emerging Trends in Supply Chain Risk Management
Start: 2024-10-02T15:06:00Z
End: 2024-10-02T15:06:59.000Z
Location: BrightTALK
Rating: 0

A global leader in cybersecurity ratings, SecurityScorecard's mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

Thousands of organizations leverage our patented rating technology for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. But we don’t stop there. Through a customer-centric, solution-based commitment to our partners, SecurityScorecard is transforming the digital landscape by building a path toward cyber resilience. 

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

“There is no machine unlearning.” 

Data sits at the intersection of privacy, security, and trust, and in the AI era, this is more important than ever. Accordingly, people, processes, and technology are crucial to the more responsible use of data and AI governance. Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Kabir Barday (CEO & Founder, OneTrust) as they dive into the:
- Impact of a dynamic regulatory regime and threats on the use of data in AI
- Different “chapters” of how to build and scale an organization, including some caveats around balance and fundamental shifts impacting the state of product-market fit
- Best practices in TPRM, the future of organizations with respect to trust, and more!

Save your seat today!

The Founder’s Take: The Responsible Use Of Data In An AI Era

“Culture” is often thrown around as a differentiator, but for plenty of companies, it’s often ephemeral or just a list of bullets on the website (or the office walls). So it shouldn’t really come as a surprise that the tech industry has long been known for its high turnover. 

However, there are cultures that have clearly driven companies to success; NetApp was recognized as one of the Best Companies to Work For® consistently for many years. Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Tom Mendoza (former President and Vice Chairman, NetApp) as they dive into:
- Tenets of culture that bring teams together and incentivize the behaviors that drive success for the business
- How the focus of an organization should shift as it gets off the ground and scales
- Best practices to prepare for and work with your Board, and more!

Save your seat today!

Creating A Culture That Drives Success

Are you ready to step into the future of supply chain security? Join us for an exciting announcement that will shape how you protect your organization from cyber threats.

The Future of Supply Chain Security Is Here

Building a start-up – cybersecurity or otherwise – has plenty of ups and downs. 

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Ross Haleliuk (Head of Product, LimaCharlie) as they chat about:
- Venture in Security and Cyber for Builders
- Factors of failure (and lessons learned) in building teams and cybersecurity start-ups
- Trends and solutions that might shape the future of cybersecurity

Save your seat today!

The Builder’s Take: Tales from the Crypt & The Future of Cybersecurity

In recent years, the frequency and severity of third-party breaches have highlighted the critical importance of robust Supply Chain Risk Management (SCRM). This webinar will shed light on the recent high-profile breaches, the vulnerabilities within supply chains, and the increasing need for comprehensive risk management strategies. We will explore the technologies for building a resilient program, and how each plays a pivotal role in safeguarding your organization. Join us to gain insights into effective risk management practices and the significance of continuous monitoring and ratings in mitigating third-party risks.

Understanding the Impact of Third-Party Breaches: A Deep Dive into Supply Chain Risk Management

99% of Global 2000 companies are directly connected to vendors that have had recent breaches, per our latest collaboration with the Cyentia Institute. (Isn’t that a thought just in time for spooky season?!)

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Tom Quinn (CISO, T. Rowe Price) as they dive into:
- 3rd-, 4th-, and nth- party risk management with respect to evolving business needs
- Navigating the new normal of CISOs, including compliance and resource constraints
- Metrics that matter and the future of cybersecurity

Save your seat today!

The CISO’s Take: Navigating Risk, Resource Constraints, Compliance, & More

Join us for the next installment in our "Crafting Your Compliance Blueprint" series as we delve into two critical regulatory frameworks: DORA and NIS2. As regulatory requirements continue to evolve, cybersecurity leaders must stay ahead—not just by adapting to the latest threat actor tactics, but also by navigating the complexities of compliance.

In this webinar, Andy Barratt (VP, Technology & Enterprise, Coalfire) and Christopher Strand (Global Risk Officer) will break down DORA and NIS2, highlighting the key differences, similarities, and overall scope of these frameworks.

Key topics include:
- How applying these themes will help more effectively measure your security posture
- Actionable steps to prioritize before the critical deadlines of January 17th and October 18th
- Best practices to build a future-proof compliance strategy that enhances your organization’s operational cyber resilience

Save your seat today!

Final Countdown: Critical Themes for DORA & NIS2 Compliance

Join Cyentia Institute and SecurityScorecard for a deep dive into the critical issue of third-party cyber risk facing the Global 2000. As economic powerhouses, these companies are prime targets for cybercriminals exploiting vulnerabilities within their complex supply chains.

This webinar will explore the key findings from a comprehensive report analyzing the cyber risk landscape of the Global 2000. We'll delve into:

- An overview of recent breaches the Global 2000 has experienced.
- How the Global 2000 compares to SMBs as it relates to the likelihood of suffering a breach and the cost of a breach.
- The complex ecosystem of the Global 2000, including its vulnerabilities and the potential risks posed by breaches within this network.
- Practical strategies and best practices that companies can implement to protect themselves from third-party cyber threats and minimize the potential impact of such breaches.

Supply Chain Cyber Risk in the Global 2000

Between malicious threat actors (cue data breaches and cyber attacks) and risk concentration of vendors within the technology landscape (cue cascading cyber incidents), having a resilient cybersecurity supply chain is more important than ever.

But first, you need to know and understand your cybersecurity supply chain.

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard), Ofer Klein (CEO & Co-Founder, Reco), and Andrea Bailiff-Gush (Head of Marketing, Reco) for this webinar, where they’ll discuss:
- Best practices for detecting connected nth-party and shadow IT and securing them
- How to protect your organization with a holistic – inside-out and outside-in – cybersecurity approach
- Metrics that matter and promising solutions within the cybersecurity landscape

Breaches Beyond Borders: Securing Your SaaS Enterprise & Vendor Ecosystem

99% of Global 2000 companies are directly connected to vendors that have had recent breaches. Given that 150 companies account for 90% of the technology products and services across the global attack surface, this should no longer come as too much of a surprise.

But the risk concentration within the vendor ecosystem – and the potential pitfalls – make it more important than ever to secure your cybersecurity supply chain, which in turn requires security practitioners to prove the impact of their programs to executives and the Board.

Join Sam Kassoumeh (Co-Founder, SecurityScorecard) and guest speakers Cody Scott (Senior Analyst, Forrester) and Rachel Ballard (Senior Consultant, Forrester) as they dive into:
- Underlying trends & themes within the cybersecurity landscape 
- Security ratings, their adoption, common use cases, and their evolution 
- Forrester’s Total Economic Impact™ (TEI) Study and how to prove out the ROI of your cybersecurity program

Save your seat today!

Secure Your Cyber Supply Chain & Prove Out Your Program’s ROI

Únete a nosotros en este webinar para aprender cómo medir y reportar adecuadamente los riesgos cibernéticos al negocio. Descubre cómo alinear los esfuerzos de los equipos que protegen y operan el negocio con los que toman decisiones estratégicas. Gestionar riesgos es una tarea de equipo, donde el CEO actúa como capitán. Este capitán necesita la mejor información disponible para llevar el negocio en un mundo cada vez más desafiante, con recursos limitados y ataques sofisticados.

Cómo comunicar el Riesgo Cibernético al Board en tiempos de tormentas

Il Digital Operational Resilience Act (DORA) dell'Unione Europea è un importante atto legislativo volto a rafforzare la resilienza digitale del settore finanziario.  Le entità finanziarie di tutti i tipi saranno sottoposte a nuovi controlli per garantire la resilienza operativa informatica, la gestione della catena di approvvigionamento e il monitoraggio continuo.  Le sanzioni finanziarie e di reputazione saranno significative. Unitevi a SecurityScorecard per scoprire come mappare e misurare il rischio della catena di fornitura per facilitare la conformità.

Conformità DORA e NIS2 - Gestire la sicurezza della catena di fornitura

Supply chain disruptions can have catastrophic consequences, and recent incidents have shown that knowing your supply chain (KYSC) is a cornerstone of cyber resilience. Security teams need the ability to map dependencies effectively, identify critical vendors, and gain visibility into their extended ecosystem.

Join SecurityScorecard’s CISO, Steve Cobb, in our upcoming webinar to learn how to enhance your organization's cyber resilience, mitigate supply chain risks, and future-proof your organization for incidents. Steve will discuss: 

- The impact of recent outages on the global supply chain
- The critical role of KYSC in managing emerging threats
- How to prioritize vendors based on criticality and business impact
- Best practices for leveraging technology to enhance supply chain visibility
- Actionable recommendations to build a resilient supply chain through proactive measures

Becoming Supply Chain Resilient: Lessons from Recent Cyber Outages

Com a crescente digitalização do setor de saúde, os hospitais estão cada vez mais expostos a ameaças cibernéticas, colocando em risco não só a segurança dos dados dos pacientes, mas também a segurança dos próprios pacientes. Para os profissionais de saúde, um vazamento de dados não só mina a confiança do paciente, mas também expõe a instituição a consequências legais e financeiras severas. A violação da privacidade pode culminar em litígios, prejudicando a reputação do estabelecimento e levando à perda de pacientes. 

O que você vai aprender:
- Identificação de Ameaças Comuns: Conheça as ameaças cibernéticas mais frequentes no setor de saúde, incluindo malware, ransomware e ataques de phishing;
- Práticas de Segurança de Dados: Descubra as melhores práticas para proteger os dados dos pacientes e assegurar a privacidade;
- Políticas de Segurança: Entenda a importância de políticas robustas de segurança cibernética e como implementá-las eficazmente;
- Tecnologias de Proteção: Explore as tecnologias mais recentes em cibersegurança que podem ajudar a proteger os sistemas hospitalares;
- Resposta a Incidentes: Aprenda a desenvolver um plano de resposta a incidentes para minimizar o impacto de um ataque cibernético;
- Compliance e Regulações: Saiba mais sobre as regulações e normativas que afetam a segurança de dados no setor de saúde e como garantir a conformidade;

Palestrantes:
- Dani Pereira - Field Sales Director, Brazil, SecurityScorecard
-  Leandro Ribeiro - Gerente de Segurança da Informação, Hospital Sírio-Libanês

Benefícios da Participação:
Workshop com a SecurityScorecard: Com este webinar, tenha um desconto de 100% num workshop com a SecurityScorecard! O nosso workshop tem um custo de 6000 USD, mas se for umas das cinco (5) primeiras empresas a inscrever-se, durante o live do nosso webinar, terá acesso ao desconto! Não perca a oportunidade de revisar trinta (30) empresas, à sua escolha, que podem impactar a saúde cibernética da sua empresa!

Protegendo o Setor de Saúde Contra Ameaças Cibernéticas

DARPA. Expanse (Qadium). Escape Dynamics. Stanford and Caltech. Google Ventures and Sequoia. From entrepreneurship to academia to VC, there’s a lot to unpack.

Join Shaun Maguire (General Partner, Sequoia Capital) and Aleksandr Yampolskiy (CEO & CO-Founder SecurityScorecard) as they discuss:
- Key things to note within the investment landscape
- How to build and scale businesses that are category creators
- Lessons learned in making and/or taking mentors and opportunities

Save your seat today!

The Investor-Operator’s Take: Irrational Motivation to Build & Scale Businesses

Supply chains are prime targets for cyberattacks. Join this webinar to delve into the world of supply chain cyber risk managed services and discover what they are and how they can safeguard your entire supply chain.  

Some of the topics our experts will cover include: 

-  Understanding the Threat: What is a supply chain cyber risk managed service and why is it crucial for your business?
-  Building a Secure Foundation: Explore the key components of a comprehensive supply chain cyber risk managed service.
-  Implementation Roadmap: Learn a practical approach to implementing a managed service, ensuring a smooth and successful integration.
-  Best Practices & Real-World Insights: Gain valuable knowledge from industry experts through "tales from the trenches," including best practices and potential pitfalls to avoid.

Best Practices for Implementing a Cyber Risk Managed Service

Are your vendors putting your organization at risk? You may not be aware of various supply chain cyber risks lurking within your network, most of which are difficult to detect, manage, and mitigate. 

Introducing Supply Chain Cyber Risk Managed Services: a powerful solution that can revolutionize your approach to TPRM. Learn how managed services can:

-  Automate Third-Party Risk Assessments: Streamline the process and free up resources.
-  Gain Continuous Monitoring: Stay informed about evolving threats within your supply chain.
-  Prioritize Critical Risks: Leverage expert insights and data to focus on the biggest threats.
-  Improve Communication & Collaboration: Enhance communication with your vendors for better security.

Don't let limited resources or expertise hold you back. Register today to learn how to achieve a more secure and resilient supply chain!

Third-Party Risk Management: Detecting and Responding to Supply Chain Cyber Risks

Over the last 2 years, 98% of organisations globally have had a 3rd party in their ecosystem that has experienced a breach. This coupled with increasingly stringent regulatory mandates such as DORA, NIS2, Cyber Resilience Act and SEC Materiality have made making cyber supply chain risk actionable a must.

In this webinar, you will have the opportunity to learn what approaches your peers at Shell and Petronas have taken to build a more secure and resilient supply chain.

Using real-world insights, this session will explore best practices for supply chain risk management, including:

● How to prioritise cyber risk in the supply chain and eliminate alert noise
● How organisations are getting ahead of requirements related to NIS2, DORA, Cyber Resilience Act and SEC Materiality
● How to leverage AI to automate workflows and free up resources
● How far downstream in the supply chain to address risk and the type of solutions leaders in Supply Chain Assurance look for to give them an edge

This webinar was hosted in partnership with the Information Security Forum (https://www.securityforum.org/)

CISO Panel: Best Practices and Emerging Trends in Supply Chain Risk Management

Supply Chain

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

CISO Panel: Best Practices and Emerging Trends in Supply Chain Risk Management

Presented by

About this talk

More from this channel