Name: Strengthening Cyber Resilience: Navigating Third-Party Risk Management
Start: 2024-11-07T18:00:00Z
End: 2024-11-07T18:01:13.000Z
Location: BrightTALK
Rating: 4.7

The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.

Earn 1.5 CPE credits on this webinar

As cloud adoption accelerates, managing vendor risks is more crucial than ever. Join our panel discussion webinar with Paul McKay, Principal Analyst at Forrester, and subject matter experts as we explore strategies for overseeing vendor relationships in the cloud. This session will provide practical guidance and exclusive research to strengthen your approach.

Attendees will earn CPE credit and can engage directly with the panel by submitting questions, participating in interactive polls, and accessing cutting-edge insights.

Learning Objectives:
• Identify Critical Risks – Recognize key vendor risks in cloud environments and their impact on security and compliance.
• Enhance Oversight Strategies – Discover best practices for monitoring and managing vendor performance in the cloud.
• Understand the Internal Audit Role – Explore how internal audit can assess and strengthen vendor risk management.
• Gain Expert Insights & Practical Solutions – Learn from Forrester’s Paul McKay and other experts while applying actionable steps to improve vendor accountability and resilience

CPE | Managing Vendor Risks in the Cloud: Insights for Internal Oversight

Earn 1.5 CPE credits on this webinar.

Managing identity governance effectively is a critical challenge for organizations balancing cybersecurity, regulatory, and operational needs with budget constraints. Traditional identity governance and administration (IGA) projects often face high costs, lengthy deployment timelines, and complex integrations, making it difficult to achieve security and compliance objectives efficiently.

This CPE accredited webinar will explore practical strategies for modernizing identity governance to reduce total cost of ownership (TCO) while improving security and operational efficiency. Our subject matter experts will discuss and demonstrate how organizations can:

- Streamline identity governance processes to accelerate implementation and optimize access controls.
- Reduce business disruptions with adaptable workflows that seamlessly integrate into existing environments.
- Improve security by minimizing excessive permissions and enforcing robust separation of duties (SoD).
- Adopt low-code/no-code solutions to simplify integrations and eliminate costly vendor dependencies.

Join us to gain actionable insights on enhancing identity governance while keeping costs in check, ensuring a more secure and efficient approach to access management.

CPE | Identity Governance 101: Reduce Costs & Strengthen Security

Earn 1.5 CPE credits on this webinar

Securing the software supply chain has become a mission-critical priority for organizations across industries. With increasing cyber threats targeting risks and threats in software development and delivery, businesses must adopt proactive strategies to safeguard their operations, ensure compliance, and maintain customer trust. Join us for an insightful webinar featuring  Janet Worthington, a renowned Forrester analyst with extensive expertise in cybersecurity and software supply chain resilience.

This CPE accredited session will provide actionable insights and best practices to help you build a secure, resilient, and future-proof software supply chain. Attendees will gain insights on:

- Proactive Risk Mitigation: Learn how to identify and assess malware and vulnerabilities across your software supply chain, from third-party components to internal development processes, and implement strategies to mitigate risks before they escalate.

- Secure Development Practices: Discover the principles of secure coding, code review tools, and DevSecOps integration to ensure security is embedded throughout the software development lifecycle.

- Incident Response and Recovery: Gain insights into developing robust incident response plans to detect, respond to, and recover from supply chain disruptions effectively.

- Automation and Compliance: Explore how automation can enhance supply chain security by enabling continuous monitoring, vulnerability patching, and alignment with industry standards like NIST and FedRAMP.

- Securing Third-Party Commercial Software - Discover how cybersecurity and TPCRM teams can identify risks in the commercial software they use before they purchase or deploy.

CPE | Critical Steps for a Secure and Resilient Software Supply Chain

Today’s interconnected organizations face a rapidly evolving risk landscape where enterprise, cyber, operational, and third-party risks are increasingly intertwined. The growing reliance on critical IT systems, both internally managed and outsourced to third and fourth parties, has expanded the attack surface, leaving firms vulnerable to cyber incidents, downtime, and operational disruptions. Studies reveal that 87% of Fortune 1000 companies experienced a significant cyber incident involving a third party in the past year, highlighting the urgent need for a more robust and unified approach to risk management.  
 
This webinar will explore how you can consolidate your view of risk to enhance business resilience, mitigate vulnerabilities, and align with emerging regulatory requirements. You will gain up-to-date insights on: 

- Integrating risk management for better resilience: Learn how consolidating enterprise IT, cyber, operational, and third-party risks into a unified framework enhances risk identification, prioritization, and mitigation. 
- Enhancing threat detection with real-time insights: Discover how real-time monitoring, data analytics, and cross-functional collaboration can improve incident response and reduce vulnerabilities. 
- Aligning with regulatory requirements: Gain insights into key regulations like DORA, NIS2, and CPS 230, and understand how a consolidated risk approach ensures compliance. 
- Strengthening proactive risk management: Explore how leveraging NIST frameworks can help you anticipate, protect against, and respond to risks in a structured, resilient manner.

Consolidating Risk Visibility to Build Business Efficiency & Resilience

As cyber threats continue to grow in complexity, organizations are more vulnerable to significant risks. Yet, many struggle to measure and manage these unseen dangers effectively.

On this CPE webinar our panel of subject matter experts will explore the essentials of cyber risk quantification - a transformative approach that translates technical cybersecurity risks into business terms. Attendees will discover how organizations can assess their financial exposure to cyber threats, prioritize critical vulnerabilities, and demonstrate the ROI of their cybersecurity investments. Join us for insights on:
• Establishing an acceptable risk threshold to align security efforts with business objectives.
• Leveraging data-driven metrics and frameworks to quantify cyber risk.
• Communicating risk in financial terms to engage executives and secure buy-in for security initiatives.
• Identifying resource allocation strategies to maximize the impact of your cybersecurity program.

Cyber Risk Quantification: Measuring and Managing the Unseen Threats

It's not getting any easier. Every time we turn around there seems to be another attack or threat that demands our attention. While each event is unique, they all result in third-party risk management teams scrambling to ensure their organizations are protected. Rapid responses and emergency assessments can be knee-jerk, stressful and distracting. It doesn't have to be that way.
 
Join us for a discussion on the best practices to responding to zero-day vulnerability attacks and conducting emergency assessments. We'll outline what's required to prepare in advance so you're ready to execute when the time comes. From establishing solid communication channels to leveraging automation, we'll cover the necessary steps and considerations for an effective response plan.
 
Session attendees will learn:

- How to gain visibility into your entire vendor ecosystem and prepare in advance to reduce both reaction time and exposure to loss
- How to quickly identify which third parties require follow-on action based on each specific threat actor or vulnerability
- How quick-assess campaigns can automatically scope, distribute, and score responses

Best Practices for Threat and Vulnerability Response & Emergency Assessments

In a world surrounded by data, the interplay between identity management and data security has become paramount. This webinar will explore the concept of a layered approach to identity and data security, emphasizing its critical role in safeguarding sensitive information. We will examine how multiple layers - ranging from authentication to advanced identity lifecycle - work in tandem to create a robust security framework. By integrating technologies such as privileged access management, access controls, and user behavior analytics, organizations can enhance their resilience against evolving cyber threats. 

Attendees will gain insights into:

- Best practices for implementing a layered security strategy, 
- The importance of continuous monitoring, and the need for user education in maintaining data integrity,
- Real-world case studies and expert recommendations,  
- Actionable strategies to fortify their identity and data security measures in an ever-changing landscape.

Identity and Data Security: A Layered Approach

In the rapidly evolving digital landscape, the journey from Identity and Access Management (IAM) to a fully matured Identity and Access Governance solution is no longer a luxury - it’s a necessity. As organizations grapple with hybrid environments, cross-application risks, and increasing compliance pressures, advancing governance maturity can be your secret weapon to reducing costs, mitigating risks, and maximizing IT ROI.

This webinar will guide you through the governance maturity journey, leveraging insights from the latest advancements in Governance, Risk, and Compliance (GRC). You’ll learn how to evolve from manual, fragmented processes to integrated, automated governance solutions that deliver real business value.

Join this session to explore:
• Practical steps to align your governance initiatives with compliance goals while driving efficiency and cost savings.
• Strategies for managing complex challenges like cross-application access, elevated permissions, and audit preparation.
• How to integrate continuous monitoring and risk quantification for enhanced visibility and control.

Packed with actionable strategies, this webinar will empower you to move beyond basic IAM practices to a governance model designed for today’s complex IT ecosystems. Secure your spot and take the first step toward optimizing governance maturity for sustainable success.

Raise Your Governance Maturity: Unlock ROI, Mitigate Risk, and Reduce Audit Costs

As cyber threats evolve, organizations must strengthen their defenses with a balanced cybersecurity approach, integrating people, processes, and technology. Yet, finding this balance is often challenging. Some focus on tech investments but lack the skilled personnel, while others have strong teams but lack strategic processes or advanced technology.

Join this interactive panel discussion with experts from Netwrix, Scrut Automation, and KnowBe4, and explore how to build a comprehensive cybersecurity strategy. Participants will:

- Understand how the three pillars—people, processes, and technology—interconnect to form a strong security framework.
- Learn common challenges and strategies to balance these pillars.
- Explore how managed services can enhance cybersecurity.
- Gain actionable insights for developing a well-rounded security program to protect against emerging threats.

Fortifying the 3 Pillars of Cybersecurity: People, Processes, and Technology

In today’s rapidly evolving digital landscape, protecting sensitive data is more challenging than ever. Data Security Posture Management (DSPM) offers organizations a proactive approach to safeguarding data by providing continuous visibility into security risks, vulnerabilities, and compliance gaps across diverse environments. This webinar will dive deep into the core principles of DSPM, exploring how organizations can effectively implement a comprehensive strategy to mitigate risks, maintain compliance, and secure their most valuable data assets.

Attendees will learn best practices for identifying and classifying sensitive data, automating security measures using AI, and continuously monitoring access to critical information. Whether your organization operates on-premises, in the cloud, or in a hybrid setup, this session will offer actionable insights and real-world examples to help you build and maintain a robust data security posture. Attendees will earn 1.5 CPE credits and gain insights on:

- The fundamental components of Data Security Posture Management (DSPM) and its importance in today’s cybersecurity landscape.
- How to identify, classify, and secure sensitive data across on-premises, cloud, and hybrid environments.
- The role of automation, AI, and real-time monitoring in improving data security and mitigating risks.
- Strategies for maintaining compliance with industry regulations and continuously improving your organization's security posture.

Enhancing Cybersecurity with Data Security Posture Management

In today's data-driven world, many companies struggle with data spread across various systems, leading to inefficiencies, poor data quality, and compliance risks. This session will delve into the role of a unified data repository in overcoming these challenges, offering a comprehensive approach to managing and securing organizational data. We will discuss how consolidating data into a single, well-governed source of truth can empower organizations to make more informed, timely, and compliant decisions.

Join us on this CPE accredited webinar where we will explore how organizations can leverage centralized data repositories to enhance decision-making and ensure regulatory compliance. Learn how data repositories can transform your compliance efforts and drive better business outcomes, including:

- How to centralize and standardize data across your organization for improved data quality and integrity.
- Strategies for enhancing data security and ensuring compliance with industry regulations.
- The role of data repositories in reducing redundancy and promoting data reusability.
- Best practices for implementing data repositories that scale with your organization’s needs.

Driving Compliance Decisions by Using Data Repositories Effectively

**Notice for on-demand viewers**
CPE credit is now available on the self-study program for this webinar at: https://www.itcpeacademy.org/course/meeting-pci-requirements-in-a-cloud-driven-world

The accelerated shift to the cloud as well as new PCI DSS 4.0 requirements coming into effect by March 2025, present several challenges for financial institutions, ecommerce merchants, and others subject to its regulations. And as IT teams have lost control of their digital environments due to an increased reliance on cloud computing and remote work, the process of solving challenges to meet compliance requirements has become more complex. As a result, it is more essential than ever for organizations to find a way to streamline compliance.

Join this conversation to learn about:

• What’s new and what’s driving PCI DSS 4.0
• Challenges of PCI compliance for today's digital world
• Strategies and tools for organizations to address PCI requirements in a scalable and programmable way

A Strategic Approach to Meeting PCI DSS 4.0 Requirements in a Cloud-Driven World

**Notice for on-demand viewers**
CPE credit is now available on the self-study program for this webinar at: https://www.itcpeacademy.org/course/real-time-detection-response-to-active-directory-threats

Join us as we delve into the critical challenges of protecting Active Directory (AD) environments from identity-based threats. As cybercriminals increasingly target identities and systems, it's essential for organizations to adapt by enhancing their detection, response, and mitigation strategies in real time. Protecting your key on-premises identity infrastructure — Active Directory — is crucial because it remains the backbone of many organizations' access control and authentication processes. When Active Directory is not secure, nothing is. 

This session will provide you with the knowledge and tools needed to strengthen your AD security posture, ensuring your organization is prepared to combat the ever-evolving identity threat landscape.

Learning Objectives:

- Understand the key risks and vulnerabilities specific to AD attacks.
- Discover best practices for reducing your identity attack surface and remediating misconfigurations.
- Learn how to implement real-time detection and response strategies to safeguard your on-premises identity infrastructure.
- Explore the latest technologies and techniques to prevent credential theft and privilege abuse within your AD environment.

Fortifying On-Premises Identity Systems: Active Directory Threat Prevention, Detection & Response

Navigating the complex landscape of software supply chain compliance is more critical than ever. With evolving legislative mandates and stringent mandatory requirements, staying compliant can seem daunting. This session will help teams cut through the red-tape by providing valuable insights into key legislative requirements and mandatory standards to ensure your organization is well-prepared to meet these challenges head-on, and attendees will:

• Gain a comprehensive overview of Executive Order 14028 and OMB Memo 22-18, and learn how these directives impact software supply chain compliance.
• Explore the critical requirements of PCI-DSS 4.0 and other industry standards, ensuring your software supply chain adheres to the highest security protocols.
• Discover effective tools and techniques to streamline compliance processes, reduce risks, and maintain a robust security framework within your organization.
• Learn from case studies and practical examples of successful compliance management in various industries, gaining insights into overcoming common challenges and implementing effective solutions.

Who Should Attend?
This webinar is ideal for compliance officers, IT managers, software developers, cybersecurity professionals, and anyone involved in the software supply chain who wants to stay ahead of regulatory requirements and ensure their organization remains compliant.

Prevent an SBOM F-Bomb: Streamlining Compliance in Your Software Supply Chain

Risk is a word that permeates every aspect of an organization’s GRC practices, and as businesses scale, the complexity of managing risks escalates. But how we assess and manage risk is rapidly evolving. Artificial intelligence (AI) is emerging as a powerful tool that enables a more efficient approach to risk management and compliance. By unleashing the potential of AI, your organization can transform challenges into opportunities, driving growth, resilience, and and strategic decision-making.

In this webinar, we will share valuable insights and best practices on integrating AI technologies to optimize risk management processes and streamline compliance efforts, including:

- How AI-infused risk assessment tools can identify, assess, and mitigate risks more effectively than traditional methods.
- The various applications of AI in automating compliance tasks, monitoring regulatory changes, and ensuring adherence to regulatory standards.
- The benefits of collaborative intelligence and AI-enhanced internal reporting systems in fostering a unified approach to risk management.
- The strategic use of cutting-edge risk analytics and machine learning solutions to turn data into actionable insights for optimizing business processes.

Unleashing the Potential of AI in Risk Management & Compliance

**Notice for on-demand viewers**
CPE credit is now available on the self-study program for this webinar at: https://www.itcpeacademy.org/course/harnessing-ai-to-enhance-third-party-risk-management-1

As organizations increasingly adopt AI technologies like Microsoft Copilot, it is crucial to understand the associated security challenges. This session will provide valuable insights into the profound impact of modern technologies on IT environments and offer practical solutions to address the security risks involved.

Join us for a webinar on navigating the evolving landscape of cybersecurity amidst today’s rapid technological advancements. We will cover a broad range of essential topics, including:

- The impact of AI, cloud computing, IoT and big data on organizations’ IT environments
- The security risks and vulnerabilities posed by these technologies
- How to mitigate common security risks when implementing AI
- Essential tools and methodologies

Don't miss this opportunity to learn how to safeguard your IT environment while harnessing the power of AI!

Overcoming the Challenges in Implementing AI in Your Audit Processes

Organizations expect to share 41% of critical data with third parties in the next five years, resulting in an exponential increase in vendor evaluation tasks. Ponemon research reveals that third parties spend an average of 15,000 hours annually on assessments, often characterized by length and redundancy.

In a landscape saturated with bespoke security questionnaires, the efficiency gains of a risk Exchange are often overlooked. On this webinar this webinar we will delve into the tangible challenges of legacy systems and offer practical insights into gaining support for a risk Exchange. Attendees will learn how to:

- Grasp the overwhelming volume and redundancy challenges of third-party risk assessments.
- Transform the vendor assessment process, focusing on time-saving and reducing friction for both assessors and assesses.
- Learn strategies to foster internal adoption of a risk Exchange by emphasizing near and long-term benefits, particularly the time and energy saved.
- Discover key success metrics for measuring the effectiveness of a risk assurance program, including quantifying time savings, streamlining assessment processes, and accelerating purchasing decisions for both vendors and customers.

Time is Money: Accelerating Vendor Risk Assessment Times with Exchanges

In today's hyper connected digital landscape, organizations are heavily reliant on third-party partnerships to drive business growth and innovation. However, this dependency comes with significant risks. According to Gartner, breaches involving third parties cost 40% more than internal breaches, highlighting the critical need for robust Third-Party Risk Management (TPRM).

On this webinar we will explore the essentials of developing a cyber resilience strategy that balances trust and risk mitigation with business objectives. By leveraging TPRM, organizations can effectively reduce, share, or transfer risks associated with third-party engagements, securing their operations and maintaining stakeholder confidence. Attendees will gain insights into:

- The impact of third-party breaches on organizational cyber resilience.
- How to conduct comprehensive risk assessments and due diligence for third-party vendors.
- Best practices for onboarding and monitoring third-party relationships, including regulatory compliance.
- The role of technology and automation in strengthening Third-Party Risk Management strategies.

Strengthening Cyber Resilience: Navigating Third-Party Risk Management

TPRM

Cyber Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Strengthening Cyber Resilience: Navigating Third-Party Risk Management

Presented by

About this talk

More from this channel