Преминете към съдържанието

МЕУ организира кампания за пентестове в държавната администрация

Целта на кампанията е да подобри киберсигурността в държавната администрация, като участието в нея е доброволно и не се обвързва с възнаграждение.
Прочети повече за програмата

Добре дошли в Хакинг.БГ! 

Всеки един от нас стои на раменете на гигантите, споделили знанията и опита си с нас.

Този форум е нашият начин да върнем жеста за бъдещите и текущите кадри в киберсигурността.

Стремим се да предоставим платформа, където членовете могат да развиват своите умения, като се дава приоритет на етиката, сигурността и поверителността!

May 3 – 4, 2023 | Virtual Event (ISC)² Spotlight Governance, Risk and Compliance

Препоръчан пост

  • Група:  [Модератор]
  • Последователи:  3
  • Брой мнения:  55
  • Репутация:   15
  • Спечелени дни:  5
  • Регистриран на:  16.04.2023
  • Статус:  Оффлайн
  • Система/OS::  Windows

This post was recognized by h3xu!

"Супер контент споделяш, благодаря за помощта"

P1x3L получи значката „Great Content“ и 10 точки.

Днес започна (ISC)² Spotlight Governance, Risk and Compliance (Цък) , ако има някои регистриран може да сподели своите впечатления от днешният ден.


Ето и агендата която беше за днес :

May 3, 2023

10:00 a.m. – 10:45 a.m.

Cyber Risk Excellence: Risk Infused with Threat Intelligence, a Secure Culture and Partnerships

Brenda Bjerke, CISSP, CIPP, Senior Director of Cybersecurity, Target

The last few years have proven to be an extreme test for organizations as they quickly pivoted to a digital-first environment and faced new operational realities, including an acceleration of cyber threats. Hear how internal collaboration and cyber risk and threat intelligence partnerships drive meaningful conversations about risk tolerance, governance, and policy to support evolving business priorities and create a risk-aware culture across your organization.

10:55 a.m. – 11:55 a.m.

Cyber Risk Management Strategies – A CISO’s Perspective

Andrew J. Smeaton, CISSP, CISM, CISA, CGEIT, CRISC, Chief Information Security Officer, Afiniti
Greg Rogers, Chief Information Security Officer, Legal and General America

In this presentation we will examine the balance between cyber risk and operational business requirements. We will discuss how to select a security framework and develop a vulnerability management strategy tailored to your organizational needs. The impact of laws & regulations on security programs, and the importance of written information security policies and procedures, will also be covered. Overall, our focus will be driven by how the ability to make risk-aware decisions is critical to the success of cybersecurity leaders and effectiveness their security programs.

12:05 p.m. – 1:05 p.m.

Regulatory Operations: Understanding the Impact and How to Improve – Sponsored by RegScale

Anil Karmel, Co-founder and CEO, RegScale, Inc.
Jenai Marinkovic, Executive Director, GRCIE and CISO Tiro Security, GRC for Intelligent Ecosystems (GRCIE)
Opal El, DSc, CISSP, PMP, Information System Security Engineer

In today's heavily regulated business environment, Governance, Risk, and Compliance (GRC) teams are spending an increasing amount of time and resources collecting evidence to demonstrate regulatory compliance and prepare for audits. Many organizations view compliance as burdensome and haven’t found a better way…until now. In this panel, learn from industry experts around the transformational impact of regulatory operations, and how organizations can improve their compliance efforts to not only meet regulatory requirements but also manage, monitor and report risk and compliance state in real-time, improve collaboration, and keep up with changing regulations. We will explore the challenges of regulatory compliance, including the significant time and resource investments required, and discuss strategies for streamlining compliance processes. Join us to learn how to implement regulatory operations (RegOps) and achieve greater value out of your GRC program.


ето и агендата за утре

 May 4, 2023


10:00 a.m. – 11:00 a.m.

Third-Party Risk Management: What You Don’t Know CAN Hurt You – Sponsored by AuditBoard

Richard Marcus, VP, Information Security, AuditBoard
Jennifer Zackoff-Handler, Market Advisor - Third-Party Risk Management, AuditBoard

Who has access to your company’s data and what risks do they pose to your organization? While these questions seem basic,most organizations cannot confidently answer them, despite an accelerating trend of third-party threats and incidents. Building a robust third-party risk program is complex and takes time. Building a program that allows information security teams to be strategic in managing third-party risks is even more challenging. During this session, we will guide you through how to successfully implement a strategic and technology-enabled third-party risk program to manage this emerging source of risk.

11:10 a.m. – 12:10 p.m.

Cyber Risk is Business Risk: Maximizing Your Cyber Insurance Coverage with Attack Surface Risk Management - Sponsored by Trend Micro

Vince Kearns, Cyber Risk Specialist, Trend Micro
Chris LaFleur, Global Manager, Incident Response, Trend Micro

In today's rapidly evolving digital landscape, cyberattacks are becoming more frequent and sophisticated. This session explores how attack surface risk management empowers businesses to have productive conversations with underwriters to find the right cyber-insurance coverage. By providing a comprehensive understanding of a company's attack surface, organizations can identify and address potential security gaps in the digital environment, minimizing risk exposure. Join this session to learn more about this critical component of cybersecurity risk management.

12:20 p.m. – 1:05 p.m.

Building Your Risk Management Program for Success


Lisa Branco, Global Data Protection Counsel, Gartner
Jonathan Kimmitt, CISSP, Chief Information Security Officer, Alias Cybersecurity
Gregory Rasner, CISSP, CCNA, CIPM, ITIL, Author of "Cybersecurity and Third-Party Risk" and SVP, Cybersecurity, Truist Financial Corp.

Join in the discussion as experts in privacy, third party risk, and information security take you through strategic points that you need to consider when building a successful cyber risk management program. Walk away with insights on effective strategies to assess, analyze, communicate and mitigate cyber risk while establishing or integrating with your organization’s enterprise risk management program.

Дават се и кредити

(ISC)² Members, Candidates and Associates FREE
Non-Members U.S. $129.00

(ISC)² Members can earn up to 5.5 CPE credits for participation in this event. Credits will be added to your account within ten business days of the live event.

Link to comment
Сподели другаде

Join the conversation

Можете да публикувате сега и да се регистрирате по-късно. If you have an account, sign in now to post with your account.

Отговори на тази тема

×   Поставено като форматиран текст.   Вместо това поставете като обикновен текст

  Разрешени са само 75 емотикони.

×   Вашата връзка е вградена автоматично.   Вместо това се показва като връзка

×   Вашето предишно съдържание е възстановено.   Изчистване на редактора

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

  • Регистрирайте се

    Регистрирайте се за да използвате пълната функционалност на форума 🙂

HACKING.BG Партньори


  • Създай ново...

Важна информация!

Политика за сигурност и условия на ползване Privacy Policy