You've requested...

Creating a Proactive, Risk-Aware Defense in Today’s Dynamic Risk Environment

If a new window did not open, click here to view this asset.

Download this next:

Cyber Risk IS Business Risk

The recent new SEC rules around cyber-risk governance, management, and disclosure have reverberated across all echelons of American corporations. In this webinar, three seasoned cybersecurity executives discuss the implications for today’s information security professionals, their leaders, and what can be done to address the new requirements using an integrated risk management and reporting approach that appeals to all stakeholders. Join us on February 14th at 1pm EST for this ISSA webinar, sponsored by AuditBoard, where we will explore time tested strategies for getting it right the first time.

These are also closely related to: "Creating a Proactive, Risk-Aware Defense in Today’s Dynamic Risk Environment"

  • Cyber Risk IS Business Risk

    The recent new SEC rules around cyber-risk governance, management, and disclosure have reverberated across all echelons of American corporations. In this webinar, three seasoned cybersecurity executives discuss the implications for today’s information security professionals, their leaders, and what can be done to address the new requirements using an integrated risk management and reporting approach that appeals to all stakeholders. Join us on February 14th at 1pm EST for this ISSA webinar, sponsored by AuditBoard, where we will explore time tested strategies for getting it right the first time.

  • What Is Risk?

    Watch this 5-minute video to learn from risk management expert Alex Sidorenko about the nature of risk and approaches to managing risk. For more information, visit https://www.archerirm.com/archer-insight-risk-quantification

Find more content like what you just read:

  • The Risks We Cannot See

    Crisis management is at the core of business resilience. Unfortunately, most organizations take a reactive approach when an incident occurs. But taking a proactive approach to head off crises or — even better — a preemptive approach that anticipates them and bakes resiliency into the business as a whole can have a big payoff. Hear how Howard Mannella, Senior Staff of Global Business Continuity and Security at Udemy stays ahead of risks by focusing on their impact and how organizations of all sizes can evolve their GRC programs. Highlights include: - The difference between reactive, proactive, and preemptive crisis management - How organizations can preemptively improve business resilience - Why you should focus on the impact, not the cause

    Download

  • Risk Appetite - How Precise Should the Risk Model Be?

    Watch this 5-minute video featuring risk management expert Alex Sidorenko to learn how risk appetite should be considered in your risk model. For more information, visit https://www.archerirm.com/archer-insight-risk-quantification

    Download

  • Active Directory Security Risk: How High is the Risk?

    Risk is calculated as the intersection between threat, vulnerability, and asset value. When it comes to Active Directory risk is extremely high, based on the three components that risk is based on being so high. As Active Directory is responsible for controlling access to most of the corporate assets, it is usually the target for most attacks, making the threat extremely high. Due to the age, lack of knowledge, lack of attention, and many other factors, Active Directory is riddled with vulnerabilities. In this webinar 17X Microsoft MVP will give you clear and direct actions that you can take to reduce your Active Directory security risk. In this webinar you will learn: - Where the threat against AD come from - Why there are so many vulnerabilities in AD - How AD controls access to corporate assets - What steps to take to reduce AD security risk

    Download

  • Risk and Relationship Series: FFIEC IT Risk Management

    The operating state of many financial institutions will vary over the coming years and may never return completely to the ’old normal’. Learn best practices to address the ‘new normal’ of Business Continuity Management (BCM) focusing on operational and cyber resilience per the changing financial services regulatory requirements, specifically FFIEC. vArmour security leaders Marc Woolward, CTO & CISO and Colin Ross, Sr. Director of Systems Engineering, Americas will also demonstrate the importance of a resilient, flexible architecture to achieve IT risk management with a continuous data-driven solution called Continuous Application Relationship Management (CARM). The session will address changing FFIEC requirements, including: -Shifting from static, event-based planning to continuous resilience for BCM -Understanding critical functions and their interdependencies for operational resilience -Developing continuous capabilities to monitor, test, and document environments for cyber resilience

    Download

  • De-risking AI: Risk Management Essentials

    Artificial Intelligence (AI) has moved beyond hype and unrealistic expectations. Organizations are increasingly embracing AI yet its adoption is both promising and perilous. To harness its potential while mitigating risks, organizations must cultivate a forward-looking AI risk management strategy. In this session, experts from Coalfire, AWS, and CSA will provide practical guidance and best practices to navigate the complexities of responsible AI adoption. From identifying potential risks to implementing safeguards, we’ll discuss how to ensure businesses can embrace AI innovation securely and safely. Key topics discussed will include: • The evolution of risk management to address the unique risks AI poses. • How to develop and implement a program for mitigating risks specific to AI. • Practical strategies for integrating AI into your existing risk management program.

    Download

  • Maturing your Risk Program with ServiceNow Advanced Risk

    Risk leaders continue to feel pressure from both regulators requiring more sophisticated and advanced risk reporting and from senior execs to reduce costs due to the economic downturn, as a result, risk leaders are required to mature their programs quickly with budget constraints. Without a proper plan including processes and technology with consistent and efficient RCSAs, leaders are stuck in manual and tactical execution without an accurate view of risk across the organization. Subject matter experts, Andrew Vesay, GM of Operations at Iceberg and Alison Musci, Director of Risk Solution Sales at ServiceNow discuss advancing your risk maturity across the organization with ServiceNow’s Advanced Risk solution. This session will be of interest if your organization is striving to: 1. Automate work using common tools and centralized processes: using advanced risk assessments to drive common workflow, interface and forms. 2. Manage Multiple Risk Methods across the organization, allowing departments to keep their unique processes. 3. Address Diverse Risk Factors within your organization and assess risks based on factors and scale that work for you. 4. Easily Aggregate data: Allow automation to pull from the unique risk systems to ensure risk data is accurately aggregated and summarized for automated dashboards and presentation with transparent drill downs.

    Download

  • The Role of Risk Quantification in Integrated Risk Management

    As both internal and external business pressures continue to heighten the focus on the Risk Management function, the interest in improving the executive level understanding of risk reporting is also rapidly growing. Typically, the gap that exists stems from the lack of a common language for risks and mitigating or compensating controls that is based on quantitative financial impact. So, why does this gap exist when the tools to translate risks and treatments into financial impact and value are available? What holds most organizations back from leveraging quantitative risk analysis to ultimately help ensure success of their most important strategic initiatives? For many organizations it is a perception that they lack the underlying data to support advanced quantitative tools. But in reality, modern and leading Integrated Risk Management platforms provide most if not all of the data needed. For other organizations, the fear is that they need a team of math PhD’s to advance this quantitative analysis. In truth, some risk quantitative tools don’t require any in-depth expertise, and when paired with a foundational Integrated Risk Management platform can deliver simple answers to simple questions. Join Archer’s leading experts on Quantitative Risk analysis to learn more about how your organization can benefit from some of the tools and techniques already in use. In this session, you will learn about: • The ways quantitative risk analysis is bridging the gap between the Risk Management function and Executive Leadership and Boards of Directors • How and why risk quantification is advancing beyond an initial focus on Cyber Security threat and risk management to include broader Operational Risk areas • The limitations of qualitative risk analysis, but also why qualitative helps faster development of quantitative • Why you don’t need to hire a squad of “quants” in order to translate risks and controls into financial impact

    Download

  • Beyond Digital Risk – Addressing Operational Risk

    Once you’ve conquered the challenge of managing your digital risks you may want to embark on the journey of addressing your operational risks. Operational risks are the uncertainties and hazards a company faces in its day-to-day business activities. It can result from breakdowns in internal procedures, people and systems. Taking the approach we’ve outlined of crawl, walk, run please watch to learn how you can: - Implement a program that engages your front line to identify the small control failures that if left unchecked—can lead to greater risk materialization and firm-wide failures. - See ServiceNow GRC Advanced Risk and user-friendly capabilities in action

    Download

  • Are Your APIs at Risk?

    Enterprises are rapidly implementing API-first strategies to open up access to data, services and applications as part of digital transformation initiatives. While providing tremendous value, most organizations still are not aware of the number of APIs in use in their environments, thus not fully appreciating the risk associated with API manipulation and compromise. You'll hear about: - Some attacks that are attributed to API insecurity - The impact and implications as a result of an API attack for an organization - AI-based solutions which can provide increased visibility into API traffic - How AI-based solutions can work together with existing API security tools to extend security posture

    Download

  • The DNA of Risk

    Companies that don't solve for privacy are missing the bigger picture about business risk. This panel discussion features former Levi's CISO Steve Zalewski and Drata's GRC Office lead, Ari Mojiri. Join as they explore business risks and highlight brand-new research about data privacy trends for 2023 and beyond. Moderated by Privacy Consultant Merry Marwig and State Senator DeAndrea Salvador.

    Download

  • The DNA of Risk

    Companies that don't solve for privacy are missing the bigger picture about business risk. This panel discussion features former Levi's CISO Steve Zalewski and Drata's GRC Office lead, Ari Mojiri. Join as they explore business risks and highlight brand-new research about data privacy trends for 2023 and beyond. Moderated by Privacy Consultant Merry Marwig and State Senator DeAndrea Salvador.

    Download

  • Risk and Reward - This is Me

    This is Me (2015)

    Download

  • Cyber Risk in 2024: Combatting Third-Party Risk

    Join experts from Bitsight, Google, and Salesforce for a discussion on the current state of cybersecurity performance and how it impacts third-party risk management and cyber risk in general. This conversation comes shortly after Bitsight and Google collaborated to study global organizational performance across the Minimum Viable Secure Product (MVSP) framework, a minimalistic security checklist for B2B software and business process outsourcing suppliers. The findings? • There are critical areas where organizations are falling short across MVSP security controls. • An industry we expected to be a leader in improvements is actually lagging behind the macro improvements we observed. • There’s good news! Every industry in 2023 has a high Pass rate for 10 of the 16 MVSP controls we studied. Join us for a discussion between Stephen Boyer, Founder at Bitsight, Chris John Riley, Staff Security Engineer at Google, and Marat Vyshegorodtsev, Lead Security Engineer, Enterprise Security at Salesforce, moderated by Jeff Barnett, Senior Director, Strategic Alliances at Bitsight, as they cover the research, the importance of security frameworks, and discuss how you can empower your organization’s cybersecurity strategy to combat the latest risks.

    Download

  • Cyber Risk in 2024: Combatting Third-Party Risk

    Join experts from Bitsight, Google, and Salesforce for a discussion on the current state of cybersecurity performance and how it impacts third-party risk management and cyber risk in general. This conversation comes shortly after Bitsight and Google collaborated to study global organizational performance across the Minimum Viable Secure Product (MVSP) framework, a minimalistic security checklist for B2B software and business process outsourcing suppliers. The findings? • There are critical areas where organizations are falling short across MVSP security controls. • An industry we expected to be a leader in improvements is actually lagging behind the macro improvements we observed. • There’s good news! Every industry in 2023 has a high Pass rate for 10 of the 16 MVSP controls we studied. Join us for a discussion between Stephen Boyer, Founder at Bitsight, Chris John Riley, Staff Security Engineer at Google, and Marat Vyshegorodtsev, Lead Security Engineer, Enterprise Security at Salesforce, moderated by Jeff Barnett, Senior Director, Strategic Alliances at Bitsight, as they cover the research, the importance of security frameworks, and discuss how you can empower your organization’s cybersecurity strategy to combat the latest risks.

    Download

  • Today’s Risk Landscape: High Risk Customer Groups

    Presented by Verafin FinCEN’s final rule on Customer Due Diligence Requirements has brought increased scrutiny on compliance programs to understand the nature and purpose of customer relationships on an ongoing basis. With this increased regulatory pressure, it is more important than ever that financial institutions adopt an end-to-end, risk-based approach to their due diligence and risk management processes.   Join us for this educational webinar as we discuss challenges facing financial institutions in navigating today’s risk landscape, with a focus on High-Risk Customer categories, such as NRAs, MSBs, MRBs, ATM Owners, PEPs, and NGOs. We will also provide an overview of steps to adopting a risk-based approach including identification, assessment, monitoring and review of these high-risk customer groups. Highlights of this webinar: - Examine regulatory requirements and obligations related to ongoing customer due diligence, and the potential impact on financial institutions’ processes and procedures. - Outline industry approaches to managing high-risk customer categories, and the potential impact from de-risking groups of customers. - Learn best practices for meeting due diligence requirements for ongoing monitoring and reviewing high-risk customers. - Review of how a risk-based approach can strengthen your AML program, by identifying, assessing, monitoring and reviewing high-risk customers.

    Download

  • Blue Team Academy: Risk and Risk Notables for Analysts

    Are your security teams drowning in data and overwhelmed with alerts? Are you thinking that there must be a better way, some esoteric or forbidden knowledge, to produce higher-fidelity alerts and keep your team from burning out? Join the Blue Team Academy for a discussion on the amazing potential that Risk-Based Alerting (RBA) brings to analysis with Splunk® Enterprise Security. In this webinar, we’ll cover basics and more all from the SOC analyst perspective, such as: - What you can expect to see when RBA is implemented. - What are risk objects and risk events. - How you can encourage your own team to implement RBA. Speakers: Haylee Mills Staff Security Strategist, Splunk Megan Parsons Principal, Global Security Enablement, Splunk

    Download

  • Why Lead with Risk? Defining a Risk-Based Cybersecurity Strategy

    Some approaches to information security simply won’t deliver the results required for effective governance. Addressing head-on the primary issue—risk—is the key to a successful strategy. In this session, Doug Landoll, CEO of information security compliance consulting firm Lantego, will discuss how to take a risk-first approach to addressing information security. Specific topics include: - How to define cybersecurity success - Common approaches that fall short - Risk-based cybersecurity strategy planning Find out how a proactive approach to information security now can help your organization avoid compliance issues later.

    Download

  • Why Lead with Risk? Defining a Risk-Based Cybersecurity Strategy

    Effective governance requires a proactive approach. So when creating a cybersecurity strategy, it’s best to address the primary issue–risk–head on. Watch this webcast to learn: - How to define cybersecurity success - Steps you can take now to help avoid compliance issues later - Common approaches that fall short

    Download

  • Why Lead with Risk? Defining a Risk-Based Cybersecurity Strategy

    Effective governance requires a proactive approach. So when creating a cybersecurity strategy, it’s best to address the primary issue–risk–head on. Watch this webcast to learn: - How to define cybersecurity success - Steps you can take now to help avoid compliance issues later - Common approaches that fall short

    Download

  • Why Should Mean Time to Remediate Risk be So High? Rapidly Reduce Risk

    60 days is the average time organizations take around the world to patch a risk after it is detected. Is that how long you take to remediate a risk? If yes, things are not looking good. In 60 days, a cyber attacker can wreak havoc on your network and completely destroy your security posture. So, that begs the question, how do you reduce the mean time to remediate a risk (MTRR)? Join our live webinar we discuss: - The importance of reducing MTRR - Must-have strategies to speed up risk remediation - The easiest way to rapidly reduce risks

    Download

  • Enterprise Risk Management: Pragmatic risk quantification for the enterprise

    The objective of quantified risk is to make better business decisions for the enterprise. Join Steve Schlarman, Integrated Risk Management Strategist at Archer IRM as he discusses Enterprise Risk Management and the pragmatic risk quantification approaches that organisations can take. Every business decision your organisation undertakes has some element of risk, be that a product launch or an acquisition. However, a recent survey of executive teams found that they are dissatisfied with current approaches to evaluating risk. The assessment of risk cannot be taken lightly, risk quantification represents a new, very effective, approach to measuring risk. Join our webinar to find out more.

    Download

  • How to Incorporate Quantitative Risk Assessment in Enterprise Risk Management

    Organizations have long recognized the need to standardize risk management practices for consistency in identifying and analyzing risks in enterprise risk management (ERM) programs. Today, most organizations currently use qualitative or semi-quantitative assessments, which are repeatable and scalable, but can be coarse, unauditable, highly subjective, and ambiguous. This results in a highly fragmented representation of the organization’s risk landscape. Quantitative risk assessments provide a more detailed and auditable representation of risk. They can be easily aggregated and help to address the costs and benefits of mitigating risks in economic terms. However, incorporating quantitative assessments can be challenging for many organizations, as they may not see the value and think it is only for those with extensive data and experience. Join Archer experts Graeme Keith, Shelley Migliore and Steve Schlarman for this webinar to learn practical methods for adopting quantitative risk assessment into your ERM program. • Learn the important role and benefits of risk quantification in assessing, representing, and analyzing risks. • Discover how you can make informed decisions at an enterprise level through quantification. • Get practical steps to merge quantification techniques into your existing programs and workflows.

    Download

  • Risk is the Reality: Securing Applications with Business Risk Observability

    Applications are the business, and every organization must deliver always-on, secure, exceptional application experiences to win in today’s experience economy. Join this webinar to learn how Cisco is enhancing its Full-Stack Observability offer by introducing business risk observability, and new levels of security intelligence capability that brings business context into application security.

    Download

  • Using Cyber Risk Quantification to Make the Right Risk Decisions

    Cybersecurity programs involve lots of moving parts, and they only grow more complex over time as technology becomes more advanced and cyber threats become more numerous and sophisticated. Cyber risk quantification can be a crucial tool for keeping up with shifting cybersecurity landscapes. On this episode of GRC & Me, Chris Clarke is joined by Protiviti’s Daniel Stone, Director, and Tim Kelly, Associate Director, to discuss how cyber risk quantification can lead to better risk decision-making, how to beat analysis paralysis when you’ve got reams of risk data in front of you, and the best ways to use risk quantification to reduce reactivity and improve communication across your organization.

    Download

  • [Panel Discussion] Future of Insurance Risk: Transforming Insurance Risk Capability to Truly Embed Risk Culture

    AI in insurance risk management empowers insurers to make data-driven decisions, enhance operational efficiency in underwriting, pricing, and claims processing, and respond more effectively to emerging risks. This session will explore how AI/ML plays a transformative role in insurance business processes and risk management, revolutionizing how insurers assess, mitigate, and manage risks.

    Download

  • Cyber Talks: Risk is Risk Is Cloud Security The Journey or The Destination?

    When it comes to cloud migration, do you view security as a destination or a journey? Regardless of your answer, robust cloud security posture management means having visibility across your attack surface, the ability to identify and prioritize the most critical security violations and misconfigurations, and most of all, proactive response. Join eSentire & Lacework for this fireside chat with two Bad SaaS Women talking all things cloud security. Tia Hopkins, Field CTO & Chief Cyber Risk Strategist at eSentire, will host a special edition of eSentire’s Cyber Talks series with Erin K. Banks, Senior Director of Product Marketing at Lacework, to share their unique perspectives on how cloud security and business strategy converge. This Cyber Talks session will also cover key considerations around Platform, Application and Infrastructure protection and focus on recommendations from eSentire & Lacework on how to best secure your cloud ambitions. Key conversation topics will include: - Are all cyber risks equal? - The dynamic vocabulary of cloud security - Matching cloud security models to business innovation strategies - How to think about the detection and response of cloud based threats

    Download

  • Enhance Your Conduct Risk Management Strategy, The financial industry is at risk

    Hear Chief Security and Trust Officer, Myrna Soto discuss these challenges with 2 leading cybersecurity strategists, Homayun Yaqub, and James Wilde. Are you facing challenges related to: -Covid-19 impact and the need for insider risk management in the financial services industry. -Modern conduct risk and how organizations can evolve their strategies. -Using continuous risk monitoring to stay ahead of breaches.

    Download

  • Evaluate accurate exposure and accumulation risk through cyber risk modelling

    As the demand for capacity within the cyber insurance market continues to grow, pressure is increasing for insurers and reinsurers to improve their understanding of the accumulation and catastrophe exposure within their portfolios. As a result, insurers are looking for more accurate insights and alternative modelling options. Predictive modelling is currently the prevalent approach, however its weaknesses could mean carriers are missing out on the highly valuable scenario-driven insights that can be provided by a more definitive, technologically driven approach. In this webinar, Intelligent Insurer brings together industry experts to discuss how cyber risk modelling will need to change to adapt to the dynamic nature of the risk, enabling the insurance industry to better quantify cyber exposure. In this 1-hour webinar, our panel of experts will discuss how to: Examine the evolving cyber risk environment and the growing concerns in the insurance world about accumulation risk. Explore the limitations of traditional catastrophe modelling in the context of today’s threat landscape. Leverage more definitive, tech-driven modelling approaches in cyber catastrophe scenarios to effectively identify loss drivers and areas of risk accumulation. Unlock alternative capacity in the market by gaining insights into more accurate and evidence-based catastrophe modelling. How utilising definitive catastrophe modelling can contribute to overall market stability in cyber insurance and satisfying future regulatory evolution

    Download

  • Risk & Rewards: Risk Profiling to Meet Today’s Demands

    Getting to know your clients – their goals, risk comfort, values, and goal timelines – has always been important to ensure your clients stay invested for the long term. Increasing demands from regulations, ever-rising client expectations, the latest meme stock and overall economic uncertainty now require an even more holistic understanding of your clients. Join our Director of Product Management, Jason Stipp, and our Vice President of Business Development, Thomas Aviles, as we discuss how risk profiling can be thorough, yet efficient ... and integrated to provide your clients with a truly personalized investment plan. We will discuss: 1. Why risk profiling is necessary 2.  How to know if your current profiling system is doing its job 3. Why now is the best time to standardize your process 4. How an integrated approach can save your firm time and money, while powering better outcomes for your clients

    Download

  • From Millions to Minimal Risks via SSVC-based Risk Prioritization

    Whether you are a small or medium-sized business or a large enterprise, this live webinar will show ways on how to use the solution to reduce security risks. Join our upcoming webinar to discover an all-in-one risk remediation solution designed to scan, prioritize, and remediate vulnerabilities & misconfigurations. We will cover : · The need to modernize SecOps · SSVC-based risk prioritization methods · Risk remediation solution – an intelligent way to empower IT teams · Solution modules & workflow

    Download

  • STRONGER 2023: Cyber Risk Renaissance and The Blueprint for Integrated Risk

    Now that Gartner has retired the last of the risk management magic quadrants, what’s next for risk management? Security is a risk discipline, but where do you get guidance on how to build an integrated risk management program? In this breakout session from STRONGER 2023, John Wheeler, Founder and CEO of Wheelhouse Advisors, and Jeff Recor, Global Integrated Risk Management (IRM) Lead at Accenture, discussed the future of integrated risk management with Matt Alderman, Host of Business Security Weekly.

    Download

  • Mastering Risk & Regulatory Change with AI Automation & Risk Quantification

    Managing risk effectively can be challenging due to changing laws and rules, scattered information across the organization, and the challenge of providing useful information for decision-making while relying on manual tasks. Mistakes can be costly, in both time and money. Yet, you can better adhere to laws and reduce risks by adopting a simpler and more efficient approach to risk management. Creating a strong risk management strategy and plan enables the consolidation of risk information, enhancing value and compliance with regulations. Archer’s Graeme Keith, Steve Schlarman, and Kayvan Alikhani share insights about how an end-to-end assurance program, automated regulatory change management, and quantitative enterprise risk management can create value for your risk management efforts. Watch to learn how to get a complete view of risk across your organization, meet regulatory requirements, and lower risks. ● Learn how a unified view of your company allows you to effectively understand the risks your company faces ● Discover how automatically monitoring new and upcoming regulations can save you time and money ● Learn how quantitative assessments can enable you to focus on the most important and expensive risks.

    Download

  • Crash-risk controlled equities: Risk Management = Opportunity Management?

    The monetary and fiscal policy measures to combat the Covid-crisis have led to major distortions in financial markets: In their portfolios, institutional investors are confronted with the dilemma of being increasingly dependent on stock market returns despite higher risks and record valuations. Finreon is a Spin-Off from the University of St.Gallen (HSG). In this webinar, Dr. Julius Agnesens, Head of Investment Solutions & Member of the Executive Board will present the Finreon Tail Risk Control® methodology to profit from equity market opportunities while substantially reducing crash risks: - Focus on tail risks: The Finreon Tail Risk Indicator systematically measures regimes of low or high crash risks on a daily basis and free of any forecasts - Efficient use of the risk budget: Finreon Tail Risk Control® solutions allow to efficiently utilize a risk budget by increasing/decreasing equity risks in quiet/turbulent times - Risk Management = Opportunity Management! >10 years of track record show substantial outperformance coupled with systematic hedging in high-risk regimes. Join us in discussing the following topics: - Why is the management of equity risks of more importance than in the past? - What is the difference between “good” and “bad” risks? - How can regimes of high respective low tail risks be identified? - What are realistic expectations, does tail risk hedging come at a price? - What role can tail risk controlled equity play in a portfolio context? - How can a tail risk management strategy be implemented?

    Download

  • Enriching Third-Party Risk Processes with Targeted Risk Intelligence

    With organizations having an average of over 5500 third parties in their vendor ecosystem, third-party risk management (TPRM) can be overwhelming and costly. Manual approaches to TPRM research and analysis are no longer appropriate. Targeted risk intelligence and automated data feeds can enable organizations to recognize risk sooner and respond with increased operational resilience, reducing the manual burden and cost. Attend this webinar to learn how to incorporate targeted risk intelligence end enrich your TPRM program, including how to: - Identify and prioritize the gaps in your security posture - Link data feeds to your TPRM platform and enable real-time visibility - Automatically validate information provided in risk assessments - Understand inherent risk across third-parties and make Nth party risk more discoverable - Automate continuous monitoring by setting up risk intelligence feeds to detect changes in a vendor’s risk status, triggering workflow action

    Download

  • Taming the Elusive Risk: Bracing for Risk Exposure With Audit Transformation

    Learn from audit and professional practice leaders about how they’re redefining and bolstering their internal audit departments’ role, function, and processes. They’ll share how they’ve adopted new strategies, technologies, and methodologies to improve effectiveness, efficiency, and value-added capabilities. What to gain from this session: - Describe the factors influencing the need for internal audit transformation. - Identify critical components of internal audit transformation. - Explain potential advantages of internal audit transformation. - Develop a roadmap for internal audit transformation within their organizations. - Foster a culture of continuous improvement within the internal audit function, including strategies for engaging stakeholders to gain support for internal audit transformation initiatives. * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

    Download

  • Transform the way you manage vendor risk with ServiceNow Vendor Risk Management

    82% of digital business relies on third parties, opening the door for risk. ServiceNow Vendor Risk Management cant help.

    Download

  • Building Robust Risk Cultures Through Collaborative Cyber Risk Management

    Oftentimes, cyber risk teams are viewed as reactive “audit police,” swooping into projects to flag risks and forcing changes at key points. This approach can generate a resentful — even toxic — risk culture. There’s a better way to build healthier risk cultures: Taking a more collaborative, embedded approach to cyber risk management by positioning cyber risk leaders as advisors and partners, working side-by-side with project teams from the start. On this episode of GRC & Me, Chris Clarke is joined by GEICO's Former Head of Cybersecurity Risk and current Cyberpink Advisors Founder & Owner, Praj Prayag-Deb, to discuss how to shift your organization’s risk culture toward this new approach, her formula for building successful cyber risk programs from scratch, how leveraging the right technology makes it all possible, and why adopting a growth mindset is critical for every cyber risk leader.

    Download

  • Unified Risk Posture: A CISO's Guide To Reducing Risk And Complexity

    As cybersecurity risks expand, CISOs need a unified approach to evaluate, exchange, and enforce risk posture across users, apps, and data. Learn how to simplify risk management and optimize security investments in this e-book.

    Download

  • Managing Risk the ISF Way

    Information risk assessments enable organisations to select controls or other treatment options that are commensurate with risk in order to reduce the frequency and impact of information security incidents. ISF materials, including the SOGP, have been developed to support the risk assessment process of identifying business impacts, assessing key threats and vulnerabilities, in addition to treating information risks. These materials complement organisational approaches to information risk assessment and, when used in conjunction with ISF Risk methodologies such as IRAM2 or QIRA, enables an organisation to keep information risk within acceptable limits. Join Gareth Haken, Principal Analyst at the ISF, for our final webinar in the ISF Cyber Security Showcase Week, where he considered all these different materials, and presented how they can be combined and used to effectively manage risk. Protect your data and defend against cybercriminals. Download your FREE ISF cyber security awareness month resource kit today - https://bit.ly/3r0kHPs

    Download

  • Manage Risk the ISF Way

    Information risk assessments enable organisations to select controls or other treatment options that are commensurate with risk in order to reduce the frequency and impact of information security incidents. ISF materials, including the SOGP, have been developed to support the risk assessment process of identifying business impacts, assessing key threats and vulnerabilities, in addition to treating information risks. These materials complement organisational approaches to information risk assessment and, when used in conjunction with ISF Risk methodologies such as IRAM2 or QIRA, enables an organisation to keep information risk within acceptable limits. Join Benoit Heynderickx, Principal Analyst and Hui Shan, Senior Analyst, at the ISF, for our final webinar in the ISF Cyber Security Showcase Week, where they consider all these different materials, and present how they can be combined and used to effectively manage risk.

    Download

  • How to Navigate Insider Risk

    In a work-from-anywhere and data-is-everywhere world, security leaders are having to rethink their security programs to manage the risk of external attacks as well as manage the risk from within. Watch Proofpoint’s experts Brian Reed, Cyber Evangelist, and Sai Chavali, Sr. Product Marketing Manager, as they discuss how a people-centric approach will help you strengthen resilience and navigate insider risk. We'll cover: ● The 2020 Gartner Market Guide for Insider Risk Management Solutions ● The three main types of insider threat profiles and how to address each ● How to deploy an insider threat management program comprising people, processes, and technology *Gartner Market Guide for Insider Risk Management Solutions, Jonathan Care, Brent Predovich, Paul Furtado, 20 December 2020

    Download

  • Manage Cyber Risk

    Learn how BitSight helps you to identify, manage and reduce cyber risk. Pioneering security ratings in 2011, BitSight provides trusted, time-tested and actionable security ratings that enable organizations to effectively measure cyber risk. With BitSight Security Ratings, companies can: * Monitor and benchmark their cybersecurity performance against industry peers and competitors * Build and strengthen their vendor risk management program * Report cybersecurity program effectiveness to the Board of Directors and executives * Leverage ratings to underwrite cyber insurance policies * Evaluate merger and acquisition activities

    Download

  • Quantifying Cloud Risk

    Business executives are unlikely to ever really understand risk statements like “High risk”, “Medium risk” and “Low risk”. As a result, they sometimes discount higher risk situations as “infosec conservatism.” Risk quantification can be a powerful tool to help them better understand and appropriately prioritize infosec risk scenarios. In this session, Jack will walk participants through an analysis of a specific cloud service leveraging the Factor Analysis of Information Risk (FAIR) framework. The analysis results will be described in business terms that any executive would understand. This session will demonstrate a pragmatic approach to quantifying cloud-related risk.

    Download

  • Compliance Risk In a New Paradigm

    Since the COVID pandemic began, many organisations have identified a need to make changes in their compliance processes. Regulators still expect institutions comply with their requirements, and keep on top of changes – which is difficult when everything is fast-paced and often changing on a daily basis. During this webinar, Dun & Bradstreet outline how to approach compliance risk in the new paradigm, including streamlining your compliance processes and improving resilience – ultimately helping you manage the risk associated with whom you’re doing business.

    Download

  • Automate Your Risk Management

    In this session we will explain how enterprises are handling the quantification and resolution of technology risks by leveraging the integration of existing tools and data. (No big bang!) Attendees will be provided with practical advice on how to implement cyber risk management in their organizations. Join us for an insightful discussion on how to identify and resolve the risks that matter, at scale. Moderator: Joanne McKenzie, Technical Account Manager, Qualys Panel Members: 1. Paul Baird, CTSO, Qualys EMEA 2. Damian Skeeles, Security Solutions Architect, Qualys

    Download

  • Supply Chain Risk

    The global supply chain is vulnerable to cyberattacks due to its diverse and multifaceted aspects. Cybersecurity supply chain risk management guidance is essential for businesses to protect themselves, their partners, and their consumers. They must assess cybersecurity risks at all levels of their organization and consider the vulnerabilities of all players involved in creating a product or service, particularly in light of increasing incidences of cyberattacks carried on on supply chains. Threat Actors have shifted their tactics to compromise firms via their supply chains in an attempt to identify and exploit the weakest links, requiring organizations to reevaluate their cybersecurity approach accordingly.

    Download

  • The Importance of Positive Risk

    Depending on the industry you’re in, managing risk may be a topic you’re very familiar with. It has definitely become a business-level discussion in the last few years as external and even internal risks and threats – along with uncertainty, has increased. During this 15-minute video, we explore how businesses perceive risk and the importance of positive risk. Speakers: - Ben Cole, Executive Editor, TechTarget Custom Media - Valerie Spillman, Sr Director, Internal Audit & Enterprise Risk, ServiceNow

    Download