Name: Transforming Third-Party GRC Strategies with Executive Buy-in
Start: 2023-12-14T18:00:00Z
End: 2023-12-14T18:01:11.000Z
Location: BrightTALK
Rating: 4.7

The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.

Earn 1.5 CPE Credits on this webinar

As cyber threats evolve, organizations must strengthen their defenses with a balanced cybersecurity approach, integrating people, processes, and technology. Yet, finding this balance is often challenging. Some focus on tech investments but lack the skilled personnel, while others have strong teams but lack strategic processes or advanced technology.

Join this interactive panel discussion with experts from Netwrix, Scrut Automation, and KnowBe4, and explore how to build a comprehensive cybersecurity strategy. Participants will:

- Understand how the three pillars—people, processes, and technology—interconnect to form a strong security framework.
- Learn common challenges and strategies to balance these pillars.
- Explore how managed services can enhance cybersecurity.
- Gain actionable insights for developing a well-rounded security program to protect against emerging threats.

CPE | Fortifying the 3 Pillars of Cybersecurity: People, Processes, and Technology

Earn 1.5 CPE Credits on this Webinar

In today’s rapidly evolving digital landscape, protecting sensitive data is more challenging than ever. Data Security Posture Management (DSPM) offers organizations a proactive approach to safeguarding data by providing continuous visibility into security risks, vulnerabilities, and compliance gaps across diverse environments. This webinar will dive deep into the core principles of DSPM, exploring how organizations can effectively implement a comprehensive strategy to mitigate risks, maintain compliance, and secure their most valuable data assets.

Attendees will learn best practices for identifying and classifying sensitive data, automating security measures using AI, and continuously monitoring access to critical information. Whether your organization operates on-premises, in the cloud, or in a hybrid setup, this session will offer actionable insights and real-world examples to help you build and maintain a robust data security posture. Attendees will earn 1.5 CPE credits and gain insights on:

- The fundamental components of Data Security Posture Management (DSPM) and its importance in today’s cybersecurity landscape.
- How to identify, classify, and secure sensitive data across on-premises, cloud, and hybrid environments.
- The role of automation, AI, and real-time monitoring in improving data security and mitigating risks.
- Strategies for maintaining compliance with industry regulations and continuously improving your organization's security posture.

CPE | Enhancing Cybersecurity with Data Security Posture Management

In today's hyper connected digital landscape, organizations are heavily reliant on third-party partnerships to drive business growth and innovation. However, this dependency comes with significant risks. According to Gartner, breaches involving third parties cost 40% more than internal breaches, highlighting the critical need for robust Third-Party Risk Management (TPRM).

On this webinar we will explore the essentials of developing a cyber resilience strategy that balances trust and risk mitigation with business objectives. By leveraging TPRM, organizations can effectively reduce, share, or transfer risks associated with third-party engagements, securing their operations and maintaining stakeholder confidence. Attendees will gain insights into:

- The impact of third-party breaches on organizational cyber resilience.
- How to conduct comprehensive risk assessments and due diligence for third-party vendors.
- Best practices for onboarding and monitoring third-party relationships, including regulatory compliance.
- The role of technology and automation in strengthening Third-Party Risk Management strategies.

Strengthening Cyber Resilience: Navigating Third-Party Risk Management

In today's data-driven world, many companies struggle with data spread across various systems, leading to inefficiencies, poor data quality, and compliance risks. This session will delve into the role of a unified data repository in overcoming these challenges, offering a comprehensive approach to managing and securing organizational data. We will discuss how consolidating data into a single, well-governed source of truth can empower organizations to make more informed, timely, and compliant decisions.

Join us on this CPE accredited webinar where we will explore how organizations can leverage centralized data repositories to enhance decision-making and ensure regulatory compliance. Learn how data repositories can transform your compliance efforts and drive better business outcomes, including:

- How to centralize and standardize data across your organization for improved data quality and integrity.
- Strategies for enhancing data security and ensuring compliance with industry regulations.
- The role of data repositories in reducing redundancy and promoting data reusability.
- Best practices for implementing data repositories that scale with your organization’s needs.

Driving Compliance Decisions by Using Data Repositories Effectively

**Notice for on-demand viewers**
CPE credit is now available on the self-study program for this webinar at: https://www.itcpeacademy.org/course/meeting-pci-requirements-in-a-cloud-driven-world

The accelerated shift to the cloud as well as new PCI DSS 4.0 requirements coming into effect by March 2025, present several challenges for financial institutions, ecommerce merchants, and others subject to its regulations. And as IT teams have lost control of their digital environments due to an increased reliance on cloud computing and remote work, the process of solving challenges to meet compliance requirements has become more complex. As a result, it is more essential than ever for organizations to find a way to streamline compliance.

Join this conversation to learn about:

• What’s new and what’s driving PCI DSS 4.0
• Challenges of PCI compliance for today's digital world
• Strategies and tools for organizations to address PCI requirements in a scalable and programmable way

A Strategic Approach to Meeting PCI DSS 4.0 Requirements in a Cloud-Driven World

**Notice for on-demand viewers**
CPE credit is now available on the self-study program for this webinar at: https://www.itcpeacademy.org/course/real-time-detection-response-to-active-directory-threats

Join us as we delve into the critical challenges of protecting Active Directory (AD) environments from identity-based threats. As cybercriminals increasingly target identities and systems, it's essential for organizations to adapt by enhancing their detection, response, and mitigation strategies in real time. Protecting your key on-premises identity infrastructure — Active Directory — is crucial because it remains the backbone of many organizations' access control and authentication processes. When Active Directory is not secure, nothing is. 

This session will provide you with the knowledge and tools needed to strengthen your AD security posture, ensuring your organization is prepared to combat the ever-evolving identity threat landscape.

Learning Objectives:

- Understand the key risks and vulnerabilities specific to AD attacks.
- Discover best practices for reducing your identity attack surface and remediating misconfigurations.
- Learn how to implement real-time detection and response strategies to safeguard your on-premises identity infrastructure.
- Explore the latest technologies and techniques to prevent credential theft and privilege abuse within your AD environment.

Fortifying On-Premises Identity Systems: Active Directory Threat Prevention, Detection & Response

Navigating the complex landscape of software supply chain compliance is more critical than ever. With evolving legislative mandates and stringent mandatory requirements, staying compliant can seem daunting. This session will help teams cut through the red-tape by providing valuable insights into key legislative requirements and mandatory standards to ensure your organization is well-prepared to meet these challenges head-on, and attendees will:

• Gain a comprehensive overview of Executive Order 14028 and OMB Memo 22-18, and learn how these directives impact software supply chain compliance.
• Explore the critical requirements of PCI-DSS 4.0 and other industry standards, ensuring your software supply chain adheres to the highest security protocols.
• Discover effective tools and techniques to streamline compliance processes, reduce risks, and maintain a robust security framework within your organization.
• Learn from case studies and practical examples of successful compliance management in various industries, gaining insights into overcoming common challenges and implementing effective solutions.

Who Should Attend?
This webinar is ideal for compliance officers, IT managers, software developers, cybersecurity professionals, and anyone involved in the software supply chain who wants to stay ahead of regulatory requirements and ensure their organization remains compliant.

Prevent an SBOM F-Bomb: Streamlining Compliance in Your Software Supply Chain

Risk is a word that permeates every aspect of an organization’s GRC practices, and as businesses scale, the complexity of managing risks escalates. But how we assess and manage risk is rapidly evolving. Artificial intelligence (AI) is emerging as a powerful tool that enables a more efficient approach to risk management and compliance. By unleashing the potential of AI, your organization can transform challenges into opportunities, driving growth, resilience, and and strategic decision-making.

In this webinar, we will share valuable insights and best practices on integrating AI technologies to optimize risk management processes and streamline compliance efforts, including:

- How AI-infused risk assessment tools can identify, assess, and mitigate risks more effectively than traditional methods.
- The various applications of AI in automating compliance tasks, monitoring regulatory changes, and ensuring adherence to regulatory standards.
- The benefits of collaborative intelligence and AI-enhanced internal reporting systems in fostering a unified approach to risk management.
- The strategic use of cutting-edge risk analytics and machine learning solutions to turn data into actionable insights for optimizing business processes.

Unleashing the Potential of AI in Risk Management & Compliance

**Notice for on-demand viewers**
CPE credit is now available on the self-study program for this webinar at: https://www.itcpeacademy.org/course/harnessing-ai-to-enhance-third-party-risk-management-1

As organizations increasingly adopt AI technologies like Microsoft Copilot, it is crucial to understand the associated security challenges. This session will provide valuable insights into the profound impact of modern technologies on IT environments and offer practical solutions to address the security risks involved.

Join us for a webinar on navigating the evolving landscape of cybersecurity amidst today’s rapid technological advancements. We will cover a broad range of essential topics, including:

- The impact of AI, cloud computing, IoT and big data on organizations’ IT environments
- The security risks and vulnerabilities posed by these technologies
- How to mitigate common security risks when implementing AI
- Essential tools and methodologies

Don't miss this opportunity to learn how to safeguard your IT environment while harnessing the power of AI!

Overcoming the Challenges in Implementing AI in Your Audit Processes

Organizations expect to share 41% of critical data with third parties in the next five years, resulting in an exponential increase in vendor evaluation tasks. Ponemon research reveals that third parties spend an average of 15,000 hours annually on assessments, often characterized by length and redundancy.

In a landscape saturated with bespoke security questionnaires, the efficiency gains of a risk Exchange are often overlooked. On this webinar this webinar we will delve into the tangible challenges of legacy systems and offer practical insights into gaining support for a risk Exchange. Attendees will learn how to:

- Grasp the overwhelming volume and redundancy challenges of third-party risk assessments.
- Transform the vendor assessment process, focusing on time-saving and reducing friction for both assessors and assesses.
- Learn strategies to foster internal adoption of a risk Exchange by emphasizing near and long-term benefits, particularly the time and energy saved.
- Discover key success metrics for measuring the effectiveness of a risk assurance program, including quantifying time savings, streamlining assessment processes, and accelerating purchasing decisions for both vendors and customers.

Time is Money: Accelerating Vendor Risk Assessment Times with Exchanges

**Notice for on-demand viewers**
CPE credit is now available on the self-study program for this webinar at: https://www.itcpeacademy.org/course/unlocking-pam-power-a-roadmap-to-deployment-success

Ready to unlock the full potential of Privileged Access Management (PAM)? Join us for an immersive webinar where we'll navigate the twists and turns of PAM deployment with expert precision. Discover common pitfalls, gain actionable insights, and explore innovative strategies to ensure a flawless rollout. Plus, don't miss our exclusive product demo of Netwrix Privilege Secure, showcasing its power in action. From tackling deployment challenges to crafting a roadmap for success, this session is your ticket to mastering PAM deployment and fortifying your organization's security.

Secure your spot now and pave the way to unlocked success!

Join the session to learn how to:

- Identify common pitfalls hindering PAM deployment
- Gain actionable insights and best practices for seamless implementation
- Explore innovative strategies to maximize the effectiveness of your PAM solution
- Witness the power of Netwrix Privilege Secure in an exclusive product demo

Unlocking PAM Power: A Roadmap to Deployment Success

Understanding the intricacies of nth party relationships is paramount for effective risk management. Optimizing risk classification in nth party relationships entails a multifaceted approach geared towards enhancing visibility, comprehending dependencies, and implementing proactive risk management strategies. 

In this webinar we will delve into the concept of nth party relationships, the inherent risks involved, and strategies for optimizing risk classification in these relationships. Attendees will gain insights on:

- Advanced machine learning methodologies and how they can enhance risk scoring and classification systems. 
- Strategies to integrate risk scoring and classification systems with diverse data sources, including fraud detection systems, ICT systems, and transactional systems, to foster a comprehensive view of data. 
- The benefits of implementing ongoing monitoring processes and increasing automation in forensic analytics processes, as well as integrating with blockchain technology for heightened security and data integrity.
- How social media and text analytics can help augment risk scoring and classification systems by providing valuable insights into individual behaviors, entity interactions, and emerging events.

Optimizing Risk Classification in Nth Party Relationships

In today's fast-paced digital landscape, businesses face numerous challenges in achieving security, compliance, and operational efficiency. While Governance, Risk, and Compliance (GRC) processes are critical for success, effective collaboration between InfoSec and GRC teams often proves elusive for many organizations. This lack of collaboration leads them to miss out on improvements in risk management, compliance, and resilience against cyber threats. On this webinar our panel of experts will delve into the symbiotic relationship between InfoSec and GRC, exploring strategies to unlock their full potential, and attendees will gain insights on:

- The interconnected roles of InfoSec and GRC within an organization's risk management framework.
- Common challenges and barriers to effective InfoSec and GRC collaboration, along with practical solutions for overcoming them.
- Strategies for fostering communication and collaboration between InfoSec and GRC teams to enhance overall cybersecurity posture.
- How to leverage integrated tools and technologies to streamline processes and facilitate seamless cooperation between InfoSec and GRC functions.

Unlocking the Potential of InfoSec & GRC Collaboration

Today, most security and IT teams are dealing with an attack surface that is exponentially larger than it used to be, and many organizations lack full visibility into their entire asset landscape. Networks often include hundreds or thousands of networking devices, security products, IoT devices, and connected OT systems; and businesses are relying more and more on third-party code and apps to get their work done.

On this webinar we will explore actionable strategies for reducing your attack surface and defending against third-party risks, and attendees will gain insights on:

- The different types of attack surfaces, including digital, social engineering, and physical. 
- Common attack vectors utilized by threat actors, such as vulnerable web components, phishing emails, weak credentials, malware, and misconfiguration exploits. 
- Innovative approaches to attack surface reduction, including meticulous inventory management, access restriction, network segmentation, and comprehensive employee cybersecurity training.
- Effective strategies to combat threats and mitigate third-party risks.

Fortifying Your Attack Surface: How to Defend Against Third-Party Risks

In today's complex threat landscape, cyberattacks are inevitable. Malicious actors are becoming increasingly sophisticated, financially motivated attacks are becoming more widespread, and new malware families are being discovered daily, making it even more important for organizations — of all sizes and across industries — to have a plan of attack in place.

On this webinar, we will explore essential CISO strategies aimed at preventing surprises before, during, and after a cyber incident. Attendees will have the opportunity to earn 1.5 CPE credits while learning how to:

- Develop a comprehensive cyber incident response plan complete with detailed frameworks that delineate roles and responsibilities. Participants will also discover methods for continuously testing and refining these plans to effectively counter evolving threats.
- Cultivate engagement with business leaders to nurture a culture of cybersecurity awareness. This includes ensuring stakeholders grasp their roles and responsibilities should an attack occur.
- Prioritize effective communication strategies during a cyberattack.
- Harness postmortem analyses to fine-tune response strategies and bolster cybersecurity resilience.

Join us as we equip you with the necessary tools and insights to navigate the complex landscape of cyber threats and emerge stronger in the face of adversity. Don't miss this opportunity to enhance your organization's cybersecurity readiness and resilience. Register now!

CISO Strategies to Manage Cyberattacks in the Age of Vulnerabilities

The clock is ticking on PCI DSS v3.2.1. On 31 March 2024, PCI DSS v3.2.1 will be retired, making the transition to PCI DSS v4.0 essential for organizations involved in payment data security. 

Join us to gain valuable insights, practical tips, and expert guidance to ensure your organization's successful transition to PCI DSS v4.0. Our panel of experts including the PCI Security Standards Council will guide you through the essential steps for a seamless transition, including:

- The importance of starting the transition process now to ensure a smooth and efficient shift to PCI DSS v4.0 before the retirement of v3.2.1.
- The significance of maintaining existing security controls, even as you implement changes for PCI DSS v4.0, to ensure ongoing protection of payment data.
- How to navigate the changes in PCI DSS v4.0 by understanding the requirements, mapping them against current security controls, and analyzing their impact on your organization.
- Customized approaches for PCI DSS v4.0 validation, considering your organization's security strategy and risk management approach.

Live attendees will earn 1.5 CPE credits on this webinar. Register now to secure your spot and prepare your organization for the future of PCI DSS!

Preparing for PCI DSS 4.0: What You Need to Know

In today's data-driven landscape, safeguarding sensitive information and mitigating the risk of data breaches and compliance violations is paramount. Organizations grapple with the ever-evolving challenges of managing data access while ensuring the utmost security for their vital data assets. 
We invite you to join us with Scott Augenbaum, a retired FBI Supervisory Special Agent and cybersecurity expert. 

Scott will share  real-life case studies, emphasizing the importance of robust Data Access Governance in the digital age, and we will delve into the following key topics:

- The Four Truths About Cybersecurity
- The Significance of Data Access Governance in Today's Business Environment
- The Essential Components of a Robust Data Access Governance Program
- Navigating a Full-Cycle Data Access Governance Program: A Comprehensive Approach
 
Join us to gain a deeper understanding of data access governance best practices and discover how to empower your organization to navigate the complexities of data security with confidence.

Data Access Governance in Action: Ensuring Data Security

As technology continues to advance, the critical necessity of investing in robust cybersecurity measures becomes increasingly clear, ensuring the integrity of our digital society. On this webinar we will address the key components of cybersecurity risk management, understanding that organizations cannot eliminate all vulnerabilities but can prioritize and mitigate the most critical threats promptly. 

Attendees will gain valuable insights into the practices for seamlessly integrating cybersecurity into the enterprise risk management framework, and learn how to:

- Implementing a risk management approach that identifies and addresses the most critical vulnerabilities first, ensuring timely and effective responses.
- Identify value-creating workflows that generate the greatest business value and define their associated risks. 
- Conduct effective cybersecurity risk assessments and equip participants to make informed decisions about risk mitigation measures.
- Navigate common threat vectors, and discover effective mitigation strategies to minimize the impact of these threats on organizational security.

*As per NASBA requirements attendees must attend the LIVE webinar for CPE credit.

Cybersecurity 101: How to Manage IT Risk like a Pro

In today's complex business landscape, effective Third-Party Governance, Risk Management, and Compliance (GRC) strategies are paramount for organizations seeking to thrive and maintain trust in the global marketplace. However, without the support of executive leadership, implementing and maintaining a robust third-party risk management program (TPRM) can be an uphill battle. On this webinar we will address strategies to secure executive buy-in and ensure the success of your third-party risk management program.

Attendees will learn how to showcase the substantial ROI that investing in third-party risk management can yield, reducing annual loss expectancy from third-party-related adverse events, including how to:

- Craft a persuasive business case that emphasizes the financial benefits of a TPRM program,
- Enlist an executive sponsor from the C-suite and equip them with the knowledge and enthusiasm needed to champion your TPRM program effectively,
- Build alliances across various organizational functions and align your third-party GRC program with the broader strategic objectives of your organization,
- Integrate your TPRM processes into official company policies.

Transforming Third-Party GRC Strategies with Executive Buy-in

TPRM

Risk Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Transforming Third-Party GRC Strategies with Executive Buy-in

Presented by

About this talk

More from this channel