Name: NLP-Backed Crosswalking: CIS Top 18 to CMMC 2.0 Controls
Start: 2023-12-05T17:00:00Z
End: 2023-12-05T17:00:06.000Z
Location: BrightTALK
Rating: 5

Webinars, panels, and commentary for cutting-edge CISOs, cybersecurity teams, IT compliance professionals, and risk management experts.

Cybersecurity teams are fundamentally challenged; lack of support from the business, lack of budget from IT, and insufficient resources, the challenges are real. As organizations seek to leverage digital transformation to be able to serve new customers, offer new services to existing customers, and cut costs, there is a sobering reality. The increase in digital business directly increases digital business risk. Success in a modern digital world requires value creation and protection, integration with organizational capabilities, and a focus on innovation to create adaptive, resilient organizations. 

In this STRONGER 2023 session, Patrick Von Schlag introduced the notion of a Digital Value Management System and an overlay model that dramatically increases leadership buy-in, allows for the assessment and prioritization of gaps, and drives dramatic improvements in an organization's ability to survive in the face of chaos.

STRONGER 2023: Moving from Cybersecurity to Digital Value Management

Reputational damage has long been a source of contention when understanding business risk. We know the consumer cares, but how much? 

In this STRONGER 2023 breakout session, Steven Switz demonstrated how to view risk from the perspective of the consumer and what a data breach or non-compliance in data processing activities means to them. This can strongly indicate the reputational brand damage impact a business may be undertaking. Businesses often look solely at the impact of various risks to themselves and fail to consider the impact on the individual, which can be a generous source of information to understand the actual risk when making these decisions properly.

STRONGER 2023: Understanding Brand Damage Using Privacy Harm Taxonomy

This session from STRONGER 2023 examined the process, substance, and possible outcomes of Attorneys General and OCR investigations. The states vary widely; however, there are a few consistencies that businesses can always expect and plan for. To that end, planning for a regulatory investigation begins well before a business experiences a cyber incident and can significantly impact the outcome of any investigation.

STRONGER 2023: Preparing for Regulatory Investigations of Cyber Incidents

This discussion from STRONGER 2023 centered around understanding emerging technologies and their associated risk. This talk provided strategies for managing cyber risk and reviewed practical and real-world case studies. Additionally, this session provided a recap of takeaways and actionable steps.

STRONGER 2023: Managing Cyber Risk in the Age of Emerging Technologies

Diving headfirst into the rapidly advancing generative AI brings unique cyber risks and challenges. This session from STRONGER 2023 unveiled the undercurrents of risk, from unintentional data leaks to unforeseen adversarial exploits. The speakers highlighted the potential risks and offered takeaway strategies for fortifying your company's defenses.

This session was led by Dheeraj Gurugubelli, Senior Director of Cybersecurity at EY-Parthenon, and Shraddha Patil, Director of Product Management at Palo Alto Network.

STRONGER 2023: Cybersecurity and AI: Unraveling the Gordian Knot

This session from STRONGER 2023 explored the gap between IT professionals and everyday users and details non-technical mitigations for successful user cyber education.

STRONGER 2023: Beyond Tools and Policies: Securing Together

As a returning speaker to STRONGER 2023, Professor Hernan Huwyler discussed tools and Python scripts for modeling quantified risks, a list of AI controls, and a program to audit biases in AI models.

STRONGER 2023: Autopilot? How Can AI Help You Manage Cyber Risks?

Cybersecurity, as a profession, fundamentally fails in communicating to non-security professionals. Much of the available information assumes an enterprise organization can afford to hire a full-time CISO to build a security team and invest in advanced tooling - which is not as common as it should be. 

This talk from STRONGER 2023 provided a way for security professionals to communicate security health meaningfully to non-security leadership. Additionally, viewers can leverage the Security Health Model and Assessment to quickly set up metrics for a new or existing cybersecurity program.

STRONGER 2023: Beyond Maturity: Talking Security Health with Non-Tech Peers

In this STRONGER 2023 breakout session, organization leaders gathered to discuss challenges and developments in cyber risk reporting and critical aspects to consider when reporting to executive leadership and Boards. 

Homaira Akbari, Founder & CEO of AKnowledge Partners LLC, and Kevin Powers, Director of MS in Cybersecurity Policy & Governance Program at BC, examined the way cybersecurity reporting has changed in favor of transparency, gold standards, and business context. Jerry Layden, CEO of CyberSaint Security, moderated this session.

STRONGER 2023: Does Your CEO Know Where That Cybersecurity Report Came From?

In this fireside chat from STRONGER 2023 with Emerald De Leeuw-Goggin, Logitech's Global Head of Privacy, she delved into the intersection of cyber risk management and privacy. Gain insights into cutting-edge strategies that empower businesses to safeguard data amidst incoming cyber threats while adhering to privacy frameworks. This discussion covered how to strike an equilibrium between technological advancement and data protection and leave with actionable takeaways for navigating this intricate terrain with resilience.

STRONGER 2023: Exploring Cyber Risk Management and Privacy Synergy

This presentation from STRONGER 2023 explored a tech stack that leverages virtual and augmented reality capabilities to create a Cyber Digital Twin (CDT). The CDT goes beyond the traditional Digital Twin concept by incorporating cybersecurity into virtual models. This enables a proactive approach to cybersecurity, where potential vulnerabilities can be identified and addressed in the virtual environment before their exploitation in the physical world. The combination of virtual reality and cyber technologies allows the exploration of several use cases like threat simulation, risk assessment, incident response training, non-invasive red team assessment, etc. Security teams can identify mission-critical assets and virtualize key components for attack path and business impact analysis. Moreover, the virtual nature of CDT facilitates an aggressive re-testing schedule to manage active attack surfaces. As more and more industries adopt virtual reality technologies, CDTs are expected to become an essential part of the digital transformation journey.

STRONGER 2023: The Intersection of ICS Security and Metaverse

During this session from STRONGER 2023, Keaton Fisher provided a comprehensive look into the current trends within threat intelligence. In his role at Silobreaker, Keaton has visibility into areas that industries worldwide are monitoring. Government, finance, retail, MSSPs, etc were analyzed. 

The session provided a view into each of these industries in an anonymized fashion to present their primary and tertiary concerns within the threat landscape. These findings should provide value to companies in the same or similar industries by teaching them what sort of threats are most prevalent to them and what their peers are doing to navigate those threats.

STRONGER 2023: Trends in Threat Intel: What is Your Industry Monitoring?

This STRONGER 2023 panel discussion explored critical aspects of the cybersecurity landscape, from the rise in geopolitical threats to increasing cyber warfare and the issuance of Wells Notices to CISOs. We focused on the Wells Notice issued to the Solar Winds CISO by the SEC and examined the implications and uncertainty it raises for the security leadership community and corporate boards. The panel dove into the message a Wells Notice sends to the security leadership community and its potential impact on the CISO-board relationship.

The panel also considered the upcoming SEC regulations, the importance of private companies paying attention to these actions, and the potential formation of cybersecurity committees by boards. Lastly, this panel analyzed the government's role in enhancing protection for U.S. companies, distinguished between espionage and cyber attacks, and evaluated the involvement of compliance teams in addressing these challenges.

STRONGER 2023: Wells Notices, Geopolitical Threats, & the Future of Cyber

In this session from STRONGER 2023, Gina Yaccone and Hayley Pruett discussed practical approaches to solving the cybersecurity reporting riddle by expertly translating operational insights for executive strategies. 

Discover key frameworks, metrics, and practices to align communication across your organization.

STRONGER 2023: Solving the Cybersecurity Reporting Riddle

In this STRONGER 2023 session, cyber and IT experts explored cyber insurance challenges, strategies, and insurer perspectives for safeguarding against cyber threats in today's landscape.

Discover the exclusive insights discussed with Julian Sylvestro, Senior Vice President at Marsh, Debra Decker, Senior Advisor Cyber at The Stimson Center, and Padraic O'Reilly, Co-founder & CPO of CyberSaint Security. Sunil Shenoy, SVP of Business Development & Global Channel Organization of CyberSaint Security, moderated this panel.

STRONGER 2023: Cyber Insurance in a Dynamic Threat Landscape

As security SMEs with years of experience, we have ideas on how to innovate and improve our tooling, processes, etc., much better. But often, we lack the skill to speak the language that the leadership understands, and due to this, we cannot convey our ideas and get our innovations going. This talk from STRONGER 2023 addressed that gap and provided a strategic plan to get all of your innovative ideas approved. 

Key Takeaways: Understand the resistance skills to break the pyramid of resistance and develop a strategy to tackle resistance to new ideas at each level.

STRONGER 2023: Hacking the Pyramid of Resistance For Security Initiatives

Now that Gartner has retired the last of the risk management magic quadrants, what’s next for risk management? Security is a risk discipline, but where do you get guidance on how to build an integrated risk management program?

In this breakout session from STRONGER 2023, John Wheeler, Founder and CEO of Wheelhouse Advisors, and Jeff Recor, Global Integrated Risk Management (IRM) Lead at Accenture, discussed the future of integrated risk management with Matt Alderman, Host of Business Security Weekly.

STRONGER 2023: Cyber Risk Renaissance and The Blueprint for Integrated Risk

Developing a cyber risk management strategy can be a difficult task. One of the hallmarks of the NIST CSF is the flexibility and adaptability of the framework with other standards and guides professionals to build a proactive and mature cyber risk process. Discover best practices for using the NIST CSF to guide your cyber risk management program and identify efficiencies by standardizing on this comprehensive framework and leveraging CyberStrong to develop a transparent and insightful narrative around cyber risk.

Maximizing Efficiency for NIST CSF and Executive Reporting Using CyberStrong

Easily map controls between CIS Top 18 to CMMC 2.0 in seconds using CyberStrong’s patented AI technology. Attain actionable gap analysis between these top industry frameworks to see where you are and are not compliant to help your organization build a robust cyber risk posture. 

Performing cyber risk assessments across compliance requirements is challenging, especially for enterprises complying with multiple frameworks or standards. CyberStrong leverages Natural Language Processing (NLP) to decipher the actions and intent of the control, enabling a much more accurate mapping result.

Join this live demo that will walk you through the technology CyberSaint leverages to perform rapid crosswalks and demonstrates how to set up a crosswalking project within the CyberStrong environment.

NLP-Backed Crosswalking: CIS Top 18 to CMMC 2.0 Controls

CMMC

Cyber Risk Management

Cyber Security

Risk Assessment

Risk Based Security

Compliance

Risk Framework

IT Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

The IT project management community on BrightTALK includes thousands of IT project and portfolio management professionals. Find relevant webinars and videos on agile methodologies, scrum strategy, project management processes and more. Attend live webinars or view on demand content presented by recognized thought leaders in the IT project management industry.

IT Project Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

NLP-Backed Crosswalking: CIS Top 18 to CMMC 2.0 Controls

Presented by

About this talk

More from this channel