Name: Using Cyber Risk Quantification to Make the Right Risk Decisions
Start: 2023-09-07T16:00:00Z
End: 2023-09-07T16:00:58.000Z
Location: BrightTALK
Rating: 0

LogicGate offers modern risk management technology empowering businesses to proactively transform risk across their entire enterprise. Because risk is a team sport, we created Risk Cloud® — the most nimble and collaborative GRC solution available. Rapidly adapt to changing business conditions. Confidently innovate and build new processes as you go. Collaborate on risk across your entire organization. Risk Cloud® gives you an interconnected view of risk across the organization that point solutions simply can't provide. After all, great companies are built not by avoiding risks, but by taking the right ones.

Switching from traditional risk analysis methods like ordinal lists or red-yellow-and-green charts to more modern approaches like risk quantification requires a paradigm shift in how you think about measuring risk, but the increased accuracy, specificity, and reliability you’ll gain by doing so pays dividends.

On this episode of GRC & Me, Netflix’s Tony Martin-Vegue joins LogicGate’s Chris Clarke to explore the best ways to navigate this transition, how to learn and leverage popular risk quantification frameworks like Open FAIR, and why you shouldn’t completely throw your colored charts out the window just yet.

Shifting Gears To Quantify Risk with Netflix’s Tony Martin-Vegue

They say it takes a thief to catch a thief, so why not a hacker to catch a hacker? 

That was the premise behind Ted Harrington’s Independent Security Evaluators, a company dedicated to poking holes into other companies’ cyber defenses — for the right reasons, of course. On this episode of GRC & Me, Ted takes LogicGate’s Chris Clarke on a journey down the benevolent hacker’s rabbit hole, where they discuss:

• The difference between white box and black box testing (and which is better.)
• Why carrying these exercises out can build trust and become a competitive advantage in third-party risk assessment.
• Why it’s important to shift your mindset from one that views security as an obstacle to one that views it as an opportunity.
• Uncovering the unknown unknowns in cybersecurity.
• How “defense in depth” strategies can put security teams a step ahead of threat actors.
• The four traits that lead hackers to be successful, and why thinking like one can be an effective way to bolster your cyber defenses.

Please Hack Me: Hacking Companies for Good

Join industry experts from LogicGate, OCEG, Tyler Technology, and Business Solutions, Inc. as they discuss preliminary findings from OCEG's recent survey on the use of artificial intelligence as a support for GRC and review some of the key questions about AI for GRC that every risk professional should be discussing with their leadership team.

Highlights:

• Gain insight from the findings of OCEG's survey on the use of AI for GRC
• Outline the ways that AI benefits GRC capabilities and outcomes, such as time-savings, scalability, and automation
• Review the critical AI for GRC questions that you should be discussing with your leadership team
• Learn how your GRC peers and leaders are strategically vetting, integrating, and planning for AI in risk management

How Are GRC Leaders Using AI?

Few careers involve managing as much risk as one where you’re responsible for launching humans riding gigantic rockets into outer space. That’s exactly what Barrios Technology Chief Strategy Officer Ginger Kerrick did during her three-decade career working for NASA.

On this episode of GRC & Me, Ginger joins LogicGate’s Chris Clarke to discuss methods for developing methodical, standardized thought processes for risk decision-making in high-stakes scenarios, how NASA employees are trained to separate logic from emotion, how disasters can inform future mitigation planning, and why the most important part of managing risk is having the right leaders in place.

Rockets, Radios, and Risk: How NASA Manages Uncertainty in Orbit

In today's cybersecurity landscape, teams dedicate countless hours each year collecting evidence to prove compliance with regulatory and standards mandates. As we face a future with even more regulatory demands, an ever-expanding cyber threat landscape, and a growing number of vulnerable connection points, this burden is set to intensify. This implies that cybersecurity teams will be tasked with more responsibilities, fewer resources, and limited time to guide businesses on harnessing cyber risk for strategic growth.

When you attend this webinar, you'll learn to:

• Elevate regulatory compliance from a mere checklist item to a catalyst for business growth through automation.
• Transform cybersecurity and regulatory compliance teams into strategic advisors rather than just cost centers.
• Improve talent retention, department reputation, time and resource ROI, and more with automated evidence collection.

Automate to Accelerate: Overcoming Challenges in Cyber Risk Management

One of the most high-profile risk events of the last year was the swift collapse of Silicon Valley Bank and other regional banks amid spiking interest rates. Part of the problem? The lack of a complete, comprehensive view of the risks these banks were facing — in particular, liquidity risk.

Allstate Canada's Chief Risk Officer Jason Wang has spent his career assessing and analyzing risk in the financial services space, dedicated to anticipating and mitigating risks just like the one that sank SVB. On this episode of GRC & Me, Jason joins LogicGate’s Chris Clarke to discuss the importance of building a holistic risk register, how to position risk management as a strategic enabler instead of a “revenue prevention” department, why it’s critical to include your chief risk officer on the executive team, and more.

Managing Risk on the Frontlines of the Financial Sector

When doing business with the federal government and its myriad agencies, organizations are bound to run into plenty of mandates, regulations, and other requirements. Navigating them all can cause a headache for even the most detail-oriented compliance managers. 

On this episode of GRC & Me, Chris Clarke is joined by Intel Federal’s Compliance Program Manager, John Griffin. Griffin draws on his decades of experience in federal contracting and working with government agencies at companies like Honeywell and Boeing to explore methods for better managing product development and performing diligence on third-party vendor relationships while operating under strict and stringent government standards and requirements. Plus, learn a few of Griffin’s more creative methods for determining how risky a particular organization might be to work with.

Staying in the Fed’s Favor: Navigating Government Contracts with Intel Federal

The U.S. Securities and Exchange Commission’s highly-anticipated new cybersecurity rules are finally in force, and deadlines are approaching quickly. Organizations, both public and private, will now have to take quick action to either establish or transform their cybersecurity programs to come into compliance with these new regulations and prevent financial, legal, and reputational consequences.

Join us to learn:

• How you can ready your organization in 4 steps 
• What SEC regulations mean for both private and publicly traded companies
• Tips for elevating your overall governance and risk management practices

SEC Cyber Compliance Readiness: 4 Steps Every Leader Should Take Now

Oftentimes, cyber risk teams are viewed as reactive “audit police,” swooping into projects to flag risks and forcing changes at key points. This approach can generate a resentful — even toxic — risk culture. There’s a better way to build healthier risk cultures: Taking a more collaborative, embedded approach to cyber risk management by positioning cyber risk leaders as advisors and partners, working side-by-side with project teams from the start.

On this episode of GRC & Me, Chris Clarke is joined by GEICO's Former Head of Cybersecurity Risk and current Cyberpink Advisors Founder & Owner, Praj Prayag-Deb, to discuss how to shift your organization’s risk culture toward this new approach, her formula for building successful cyber risk programs from scratch, how leveraging the right technology makes it all possible, and why adopting a growth mindset is critical for every cyber risk leader.

Building Robust Risk Cultures Through Collaborative Cyber Risk Management

This behind-the-scenes event will be led by LogicGate’s Product and Implementation Services Teams, who will share best practices on how to build, manage, and mature a Controls Compliance program that allows you to test once/comply many, analyze gaps, drive automation, and do more with less!

Plus, our Chief Product Officer, Jon Siegler, will join us to unveil one of our most anticipated new features: Automated Evidence Collection.

Register now to:
• Get the inside scoop on Risk Cloud’s various levels of Controls Compliance Maturity
• Deep dive into cross-framework coverage and reporting
• Learn about existing and upcoming features to help your program mature
• See our upcoming Automated Evidence Collection capabilities in action

LogicGate Live: Cooking Up Controls Compliance

The journey to FedRAMP Certification can be a long and winding one, filled with twists, turns, and roadblocks. But, becoming FedRAMP compliant doesn’t have to be such a laborious, time-consuming process. In collaboration with ProofPoint’s Security and Compliance team, we developed a FedRAMP SSP Application in Risk Cloud that automates SSP Document generation in just a few clicks.

Join us for a conversation on FedRAMP Certification and SSP Document Generation with Proofpoint's Security & Compliance team to:

• Learn more about ProoPoint’s experience with FedRAMP certification
• Gain insight into FedRAMP best practices and lessons learned
• Understand their vision for a more automated and streamlined document generation process
• See the FedRAMP SSP Application and all of its powerful features in action!

Your On-Ramp to FedRAMP: A Conversation with LogicGate and Proofpoint

The promise and potential of AI-powered enterprise technology – particularly in risk management – is high, but there are plenty of places where implementing this cutting-edge technology can go wrong.

Join us to hear risk and cyber leaders with decades of combined experience leading teams at Hewlett Packard Enterprise, GEICO, and Legacy.com share how you can balance speed and safety as you integrate AI into your GRC program.

You'll learn how to:
• Automate and inform manual tasks with generative AI
• Effectively and quickly analyze large datasets
• Move from reactive to proactive risk management with predictive analytics and deeper risk insights

AI & GRC: Risky Business to Business Advantage

With information and cybersecurity incidents growing in frequency and severity, regulators in the European Union are hard at work devising new rules designed to incentivize organizations to harden their cyber defenses.

On this episode of GRC & Me, Megan Brown sits down with Wizz Air’s Andras Szabolcs, Cyber Risk Expert, and Peter Szigetvari, Operational Risk Expert, to break down the similarities and differences between two of these new European Union regulations — the Digital Operational Resilience Act, or DORA, and Network and Information Security Directive 2, or NIS2 — how they could affect nearly every company despite their official scope, and how organizations can prepare to comply with them using modern GRC technology.

Preparing for DORA, NIS2, and the New European Push for Cybersecurity

Let’s face it. It’s time to raise the bar in terms of third-party risk management. As our networks grow at a rapid pace, our risk exposure grows at a rapid pace. It doesn’t have to be this way. Take a proactive approach, and ensure your program matures at a rate that always keeps you ahead.

Join Tom Cecola, Director of Business Development at Vital4, Jeffrey Wheatman, SVP, Cyber Risk Evangelist at Black Kite, and Mack Sterr, Account Manager at LogicGate to learn how risk, compliance, and security teams can take the necessary steps to:
• Streamline and automate vendor onboarding
• Break down department silos for improved reporting and increased agility
• Identify, quantify, and take action on TPRM risk trends proactively

Reactive to Proactive: TPRM Strategies From The Experts

In just a few months, artificial intelligence went from a fringe technology to full-speed ahead with the public release of ChatGPT. This fascinating technology has the potential to revolutionize how we automate our businesses, but there are numerous reasons to give pause before integrating it into your organization’s operations. On this episode of GRC & Me, Dorian Cougias, Co-Founder and CEO of United Compliance Framework and Chris Clarke sit down to discuss the risks and rewards of embracing AI-driven automation, corpora management, data ownership, and the necessity of double-checking everything generative AI spits out.

The Risks and Rewards of AI in Business Automation

If there’s one constant in the banking regulatory landscape, it’s change. And we can expect to see a lot more of that in the wake of the recent banking crisis.

The solution? Automating your regulatory compliance program from end-to-end, so you never miss a beat.

Join us to hear experts from LogicGate, CUBE, United Community Bank, and JG Wentworth share tips for getting this critical job done.

You’ll learn how to:
• Keep up with changing regulatory requirements with limited people resources and a growing workload.
• Improve internal compliance systems and processes to power growth and efficiency.
• Work through implementation anxiety to get the regtech system you need in place quickly and easily.

Roundtable: Keeping Pace with Changing Regulations

Listen as Regulatory Data Manager Mike Curl discusses how he flipped the traditional way of measuring compliance on its head, leading to happier employees, better decisions, and improved compliance.

You'll learn:
- The benefits of building dashboards from the bottom up
- How to get organizational buy-in when it comes to change management
- Mike's unique culinary approach to executive reporting

Positioning GRC as an Enabler with Integrated Data

Using Cyber Risk Quantification to Make the Right Risk Decisions

Breaking Down Organizational Silos With a Common Risk Language

The Five Layers of a Mature GRC Program

Measurement as a Foundation for Communicating Risk

Building the Business Case for Getting the Right GRC Technology

Enhancing Your Business Continuity Framework in a Volatile Environment

Prices are Rising. How to Prepare for Inflation Now & Later

How To Build a Risk Practice

Going Paperless and Improving GRC Processes

The Risks We Cannot See

GRC & Me Podcast

Cybersecurity programs involve lots of moving parts, and they only grow more complex over time as technology becomes more advanced and cyber threats become more numerous and sophisticated. Cyber risk quantification can be a crucial tool for keeping up with shifting cybersecurity landscapes.

On this episode of GRC & Me, Chris Clarke is joined by Protiviti’s Daniel Stone, Director, and Tim Kelly, Associate Director, to discuss how cyber risk quantification can lead to better risk decision-making, how to beat analysis paralysis when you’ve got reams of risk data in front of you, and the best ways to use risk quantification to reduce reactivity and improve communication across your organization.

Risk Management

Enterprise Security

Compliance

Risk Assessment

Risk Framework

Cyber Security

IT Security

Information Security

Risk Mitigation

Risk Quantification

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Research and Development

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finance

Get powerful procurement and sourcing insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge on which strategies are proving to be the most effective for managing vendors, improving performance and reducing cost.

Procurement and Sourcing

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Using Cyber Risk Quantification to Make the Right Risk Decisions

Presented by

About this talk

More from this channel