Tuesday, July 23, 2024
Introduction to the day ahead and fireside chat Bill Brenner Adrian Sanabria
Breakout Session | Best Practices for Threat and Vulnerability Response and Emergency Assessments

It's not getting any easier. Every time we turn around there seems to be another attack or threat that demands our attention. While each event is unique, they all result in third-party risk management teams scrambling to ensure their organizations are protected. Rapid responses and emergency assessments can be knee-jerk, stressful and distracting. It doesn't have to be that way.

Join us for a discussion on the best practices to responding to zero-day vulnerability attacks and conducting emergency assessments. We'll outline what's required to prepare in advance so you're ready to execute when the time comes. From establishing solid communication channels to leveraging automation, we'll cover the necessary steps and considerations for an effective response plan.

Session attendees will learn:

• How to gain visibility into your entire vendor ecosystem and prepare in advance to reduce both reaction time and exposure to loss
• How to quickly identify which third parties require follow-on action based on each specific threat actor or vulnerability
• How quick-assess campaigns can automatically scope, distribute, and score responses

Sophia Corsetti
Breakout Session | TruOps, LLC | Cyber Risk Management Solutions

Today, organizations are most likely utilizing hundreds of applications and the increasing majority are predominantly browser based: The browser is a universal access client, the application of choice.

Negin Aminian
Breakout Session | Reducing Silos Between Developers and AppSec in Your Software Supply Chain

For developer and AppSec teams alike, securing critical components of the software supply chain, including open source libraries, container images, and developer tools, is increasingly essential. However, tracking direct and indirect dependencies, finding, and fixing vulnerabilities can still be siloed. Unified tools and processes exist, providing developers and security teams access to the same security insights, however many organizations have not adopted fundamental dev-centric security tooling.

To effectively manage and mitigate supply chain risk a more holistic approach is needed. Join us for this session where we will discuss:

An overview of the software supply chain

  • Why it’s critical to establish a workflow bridging developer and AppSec teams
  • How to prioritize and action vulnerabilities quickly
  • The importance of automated workflows to ensure timely remediation and adherence to your organization's security policies
Jamie Smith
Panel Discussion | Navigating the third-party security landscape: Strategies to mitigate risks and safeguard data

In today's interconnected business ecosystem, collaborating with third-party vendors and partners is essential for growth and efficiency. However, this collaboration also introduces significant security risks, ranging from data breaches to compliance violations. This panel discussion will bring together industry experts to explore effective strategies for reducing security risks when working with third parties. Topics will include best practices for vendor assessment and selection, establishing robust contractual agreements, implementing monitoring and auditing mechanisms, and fostering a culture of security awareness across organizations.

Mea Clift Steven Fox Adrian Sanabria Dave Stapleton
CRA Business Intelligence study takeaways: Third-party Risk

Explore the intricate domain of third-party risk management alongside CRA Business Intelligence producers Bill Brenner and Paul Wagenseil. Gain valuable insights into the challenges and triumphs faced by security teams in mitigating third-party risks, examine the strategies employed to safeguard against potential breaches, and learn about the planned investments earmarked for bolstering third-party risk management practices in the approaching year.

Bill Brenner Paul Wagenseil
Time Zone: (UTC-04:00) Eastern Time (US & Canada) [Change Time Zone]