Name: Navigating Supply Chain Cyber Hygiene: DORA & NIS2 in the Spotlight
Start: 2025-04-24T12:00:00Z
End: 2025-04-24T12:00:45.000Z
Location: BrightTALK
Rating: 0

A global leader in Supply Chain Detection and Response,  SecurityScorecard empowers swift management and mitigation of critical third-party risks.

Our mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

As cyber threats continue to grow in complexity, organizations are more vulnerable to significant risks. Yet, many struggle to measure and manage these unseen dangers effectively.

On this CPE webinar our panel of subject matter experts will explore the essentials of cyber risk quantification - a transformative approach that translates technical cybersecurity risks into business terms. Attendees will discover how organizations can assess their financial exposure to cyber threats, prioritize critical vulnerabilities, and demonstrate the ROI of their cybersecurity investments. Join us for insights on:
• Establishing an acceptable risk threshold to align security efforts with business objectives.
• Leveraging data-driven metrics and frameworks to quantify cyber risk.
• Communicating risk in financial terms to engage executives and secure buy-in for security initiatives.
• Identifying resource allocation strategies to maximize the impact of your cybersecurity program.

Cyber Risk Quantification: Measuring and Managing the Unseen Threats

150 companies account for 90% of the technology products and services across the global attack surface. 

In this webinar, join Nishant Taneja (VP Product Marketing, SecurityScorecard), Avesta Hojjati (CTO, SecurityScorecard), and guest speaker Alla Vallente (Senior Analyst, Forrester) as they break down key findings from the report The Top Systemic Risks, 2024, highlighting how systemic risk forces—such as concentration risk, supply chain interdependencies, and cascading failures—are reshaping business resilience. Through real-world case studies and expert analysis, they’ll explore how security and risk leaders can integrate real-time risk intelligence, security ratings, and proactive mitigation strategies to reduce exposure and improve business continuity.

Expect takeaways on how to:
– Identify the top systemic risks and their impact on the third-party ecosystem.
– Understand the role of risk intelligence and security ratings in proactively surfacing these risks.
– Learn best practices for integrating risk insights into business continuity strategies.

Save your seat today!

Navigating Systemic Risks: Strengthening Third-Party & Supply Chain Resilience

Supply chain disruptions can have catastrophic consequences, and recent incidents have shown that knowing your supply chain (KYSC) is a cornerstone of cyber resilience. Security teams need the ability to map dependencies effectively, identify critical vendors, and gain visibility into their extended ecosystem.

Join our upcoming webinar to learn how to enhance your organization's cyber resilience, mitigate supply chain risks, and future-proof your organization for incidents. Steve and Gian will discuss:

- The impact of recent outages on the global supply chain
- The critical role of SCDR in mapping dependencies and safeguarding your extended ecosystem
- How to prioritize vendors based on criticality and business impact
- Best practices for leveraging technology to enhance supply chain visibility
- Actionable recommendations to build a resilient supply chain through proactive measures

Strengthening Vendor Relationships and Building Cyber Resilience

“Doing well by doing good” – there’s something to be said for that.

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Craig Newmark (Founder, craigslist, Craig Newmark Philanthropies) for this discussion on:
-- Building craigslist and some of the decisions made along the way
-- Philanthropic efforts to bolster U.S. cybersecurity and resilience
-- Initiatives to improve cyber civil defense and discerning use of AI

Save your seat today!

The Philanthropist's Take: Bolstering Cyber Civil Defense

Too often, vendor risk management operates in a silo, focused on compliance checkboxes, while the SOC team is on the frontlines of threat intelligence and response. These two groups should be allies, but instead, they’re often working in isolation. That’s a problem because cyber risk isn’t just a compliance issue… it’s a threat issue.

Join Steve Cobb for this talk on:
-- the current state of TPRM within most organizations
-- how to us SOC intelligence to address TPRM challenges
-- tools, strategies, and best practices to overcome silos and boost your organization's cyber resilience.

Breaking Silos with SCDR: How SOCs & TPRM Teams Drive Integrated Cyber Strategies

“150 companies account for 90% of the technology products and services across the global attack surface. 41% of those companies had evidence of at least one compromised device in the past year.”

With organizations as interconnected as they are, even organizations who “have” good cybersecurity are only as good as their weakest link. 

Join Aleksandr Yampolskiy (SecurityScorecard) and Joe Levy (Sophos) for their take on:
-- Shifts in the cybersecurity landscape (past, present, and future)
-- Nth party risk and the importance of bridging the cybersecurity divide
-- Digital detritus and bolstering cyber resilience within the ecosystem

Save your seat today!

The CEO's Take: Bridging the Cybersecurity Divide To Address Cyber Risk

New year, new threats… Except some aren’t so new; they’ve been years in the making. As the future of financial services evolves from relying on traditional banking to other platforms, securing our future requires practitioners to be more strategic than the threat actors after our assets.

Join Aleksandr Yampolskiy and Jeff Lunglhofer for their take on:
-- The evolution of the threat landscape and financial services
-- Best practices around MFA and boosting cyber resilience
-- Predictions for 2025

Save your seat today!

The CISO's Take: Securing the Future of Financial Services & More

Cyber Santa is back! This year, we’re going beyond cyber hygiene and taking a look at the naughty list. 

Join Steve Cobb (Cyber Santa, CISO, SecurityScorecard) for this look at:
-- Notable cyber incidents and threat actors in 2024 (we’re making a list)
-- Similar threat actors and TTPs in recent months (we’re checking it twice)
-- Repercussions, some predictions, a peek at the nice list, and more!

Save your seat today!

Cyber Santa: 2024’s Naughty List

Supply chain security is no longer an afterthought. With increasing threats and the potential for devastating consequences, organizations must proactively address supply chain risks. 

In this webinar, we will discuss how a well-structured supply chain incident response team can address these challenges and mitigate risks. Whether you're starting from scratch or enhancing an existing team, this session will provide practical tools to strengthen your organization’s resilience. Join us to discover: 

- The core components of an effective supply chain incident response team.
- How to identify and recruit the right skill sets for your team.
- Best practices for creating clear roles, responsibilities, and escalation protocols.
- Real-world case studies of successful incident response in action.
- Insights into leveraging technology and data for faster, smarter decision-making.

Join us to learn how to protect your organization from supply chain threats and build a resilient, future-proof security strategy.

Building a High-Performing Supply Chain Incident Response Team

99% of Global 2000 companies are directly connected to vendors that have had recent breaches, per our latest collaboration with the Cyentia Institute. (Isn’t that a thought just in time for spooky season?!)

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Tom Quinn (CISO, T. Rowe Price) as they dive into:
- 3rd-, 4th-, and nth- party risk management with respect to evolving business needs
- Navigating the new normal of CISOs, including compliance and resource constraints
- Metrics that matter and the future of cybersecurity

Save your seat today!

The CISO’s Take: Navigating Risk, Resource Constraints, Compliance, & More

Supply chain cyber attacks pose significant risks to businesses of all sizes. A managed service for supply chain detection and response (SCDR) offers a proactive and efficient solution to mitigate these threats. Join this webinar to learn how to:

- Understand the Evolving Threat Landscape: Explore the latest tactics, techniques, and procedures cybercriminals use to target supply chains.
- Leverage Advanced Technologies: Discover how AI-powered tools and automation can enhance your security posture.
- Optimize Your Security Operations: Learn how a managed service can streamline security processes and reduce operational costs.
- Benefit from Expert Guidance: Gain insights from industry experts on best practices for implementing and managing a successful supply chain security program.
- Enhance Visibility: Gain deep insights into your supply chain, identifying potential vulnerabilities and risks.
- Accelerate Incident Response: Implement rapid response strategies to minimize the impact of cyberattacks.

Securing Your Supply Chain with a Managed Service for Supply Chain Detection and Response

The healthcare industry faces significant supply chain cybersecurity challenges, including vulnerabilities in medical devices, pharmaceutical supply chains, and third-party vendors, which can lead to data breaches, disruptions in patient care, and financial losses.

Supply chain detection and response (SCDR) is a new cybersecurity solution for supply chain incident responders that reduces supply chain breaches and increases remediation speed. In this webinar, we will explore what you need to know to make an informed decision when evaluating SCDR solutions. 

Key topics covered in this webinar include:

- The Healthcare Threat Landscape: Cybersecurity hygiene and risks in the U.S. healthcare industry. 
- Justifying SCDR investment: Learn about building the business case for investing in this new type of solution.
- Determining SCDR criteria: Discover the ways SCDR fits in your organization and the capabilities required to achieve desired outcomes.
- Evaluating SCDR alternatives: Explore the difference between SCDR and alternatives.
- Implementing SCDR: Consider the range of implementation options and how to determine which one is best for your organization.

Fortifying the Healthcare Supply Chain: Tips for Deciding on Supply Chain Detection and Response

“If it walks like a panda, I'm going to call it panda, right? But at the end of the day, the confidence level – I still question that. Because I can make it look like a panda, right? I mean, it could be a cat.” 

We’re bringing it back! Threat Talk Thursday is having a bit of a redux, and we’re having some fun with it.

Join Steve Cobb (CISO, SecurityScorecard) and Tarek Marji (Senior Staff Engineer, SecurityScorecard) as they chat about:
-- Cyber incidents in 2024, potential ramifications, and practical guidance
-- Threat actors to keep an eye on – and some of the tricky bits of attribution
-- Predictions for 2025, and more! 

Save your seat today!

2024 in Review

Supply chain detection and response (SCDR) is a new cybersecurity solution for supply chain incident responders that reduces supply chain breaches and increases remediation speed. In this webinar, we will explore what you need to know to make an informed decision when evaluating SCDR solutions. 

Key topics covered in this webinar include:

- Justifying SCDR investment: Learn about building the business case for investing in this new type of solution.
- Determining SCDR criteria: Discover the ways SCDR fits in your organization and the capabilities required to achieve desired outcomes.
- Evaluating SCDR alternatives: Explore the difference between SCDR and alternatives.
- Implementing SCDR: Consider the range of implementation options and how to determine which one is best for your organization.

Join us to gain valuable insights and practical advice on how to navigate the organizational challenges that are needed to achieve the goal of safeguarding your digital supply chain and protecting your business from cyberattacks.

From Justification to Implementation: Tips for Deciding on Supply Chain Detection and Response

Healthcare organizations face growing cyber threats, including ransomware, data theft, and other malicious attacks. As digital systems and supply chains become increasingly interconnected, the risk of falling victim to these attacks rises.

Join SecurityScorecard and Zivaro to learn about the latest cyber risks impacting the healthcare sector. We’ll discuss vulnerabilities, potential threats, and effective strategies to protect sensitive data and strengthen your organization’s security posture.

Haunting Healthcare: Unmask Vulnerabilities and Banish Supply Chain Risks

SaaS applications are transforming business operations, but they also introduce new security risks that many organizations aren’t fully addressing. Traditional third-party risk management (TPRM) focuses on vendor security, and we are finding that combining this information with how the vendors’ SaaS tools are being used in our organizations provide even more insights. 

Join Sachin Bansal (President, SecurityScorecard) and Lior Yaari (CEO and Co-Founder, Grip Security) for this webinar exploring the: 
-- Intersection of TPRM and SaaS identity risk management (SIRM)
-- Insights into the challenges security teams face today, and 
-- Best practices to address these challenges and strengthen your security program

Save your seat today!

TPRM Meets SIRM – Why Both Matter

¿Por qué la evaluación de riesgos de ciberseguridad se convierte en una base fundamental para llevar a cabo su viaje de seguridad con éxito?

En el entorno digital actual, las amenazas cibernéticas aumentan tanto en complejidad como en frecuencia. Las organizaciones se enfrentan a desafíos constantes para proteger sus activos críticos, datos y operaciones. Una evaluación de riesgos de ciberseguridad no solo identifica vulnerabilidades, sino que también establece una base sólida para implementar una estrategia de seguridad eficaz.

En este webinar, exploraremos por qué la evaluación de riesgos es una herramienta esencial para cualquier organización que busque fortalecer su postura de ciberseguridad. Abordaremos los siguientes temas clave:
 • ¿Qué es una evaluación de riesgos de ciberseguridad?
 • Identificación de vulnerabilidades y amenazas
 • Cómo la evaluación de riesgos ayuda a priorizar las inversiones en seguridad
 • Casos prácticos de cómo las empresas han fortalecido su seguridad mediante evaluaciones
 • Herramientas y metodologías para realizar evaluaciones efectivas

Este webinar está dirigido a profesionales de TI, gerentes de seguridad, consultores de ciberseguridad y cualquier persona interesada en mejorar la postura de seguridad de su organización.

Evaluación de Riesgo de Ciberseguridad

DORA and NIS2 reinforce best practices for managing supply chain cyber hygiene, emphasizing a structured and compliant approach to information security. Join SecurityScorecard as we explore how these frameworks guide organizations in strengthening third-party risk management, enhancing resilience, and ensuring compliance. Gain practical insights on implementing effective security measures that align with regulatory expectations while proactively safeguarding your business.

Navigating Supply Chain Cyber Hygiene: DORA & NIS2 in the Spotlight

supply chain risk management

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Navigating Supply Chain Cyber Hygiene: DORA & NIS2 in the Spotlight

Presented by

About this talk

More from this channel