INFOSEC COMPLIANCE NOW - Feb 26, 2025

#1666713: INFOSEC COMPLIANCE NOW - Feb 26, 2025

Description:	Explore what's next in cyber risk and compliance Uncover tomorrow's threats, today. Join AuditBoard for InfoSec Compliance Now 2025, a free half-day virtual event where industry experts dive deep into trends across cyber risk and compliance. Topics include AI, third-party risk management, risk quantification, and more. Dive into today’s most pressing topics in cybersecurity and IT risk management with expert leaders. Session 1 Demystifying AI Audits: A Practical Guide to Compliance Complex machine learning (ML) models are often referred to as “black boxes” and even the data scientists that trained the models may not be able to explain the underlying algorithmic decisions. While this lack of visibility is a reality, it doesn’t mean that the entire AI and ML lifecycle is unknowable and unauditable. In fact, AI and ML can and should be part of a comprehensive compliance program. In this presentation, we’ll explore where and how InfoSec, compliance, and audit professionals can assess AI models as well as the risk posed by AI through third parties. We will explain the differences between assessing DevOps and MLOps and show where process inventory, policy management, MLBoMs (machine learning bill of materials), and supply chain safety can be applied to provide visibility and audibility to an ML-aware audit program. Session 2 Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification IT compliance and cybersecurity teams have long struggled to effectively communicate the impact of threats and vulnerabilities to executives. When done right, cyber risk quantification allows IT professionals to speak the language of the business: financial impact. While the importance of cyber risk quantification is apparent, many organizations struggle to get these projects funded. Join out experts to explore: The basics of risk quantification and how to get started without trying to boil the ocean The importance of moving beyond framework-driven security and assurance Best practices for communicating the impact of IT security in supporting business growth How to drive risk-informed decision-making within your organization Session 3 From Due Diligence to Resilience: Building Robust Third-Party Risk Management Organizations across industries rely on third parties to deliver critical services and drive operational efficiency. This collaboration often involves sharing sensitive data to create new opportunities—while also exposing companies to heightened cyber risks. Join industry experts as they discuss practical strategies, policies, and tools for effective third-party risk management. Learn how to move beyond due diligence to implement risk-based approaches to vendor reviews, effective approaches to managing fourth-party risk, and navigating regulatory requirements including supply chain security. Protect your organization from third-party cyber threats while enabling secure, seamless service delivery in today’s interconnected and data-driven world.
More info:	https://www.auditboard.com/infoseccompliancenow/?utm_campaign=infosec-compliance-now-2025-02&utm_medium=display&utm_source=the-hacker-news-compliance&_m=3n%2e009a%2e3593%2eoh0aof3sx0%2e2m50

Description:

Explore what's next in cyber risk and compliance

Uncover tomorrow's threats, today.
Join AuditBoard for InfoSec Compliance Now 2025, a free half-day virtual event where industry experts dive deep into trends across cyber risk and compliance. Topics include AI, third-party risk management, risk quantification, and more.

Dive into today’s most pressing topics in cybersecurity and IT risk management with expert leaders.

Session 1
Demystifying AI Audits: A Practical Guide to Compliance
Complex machine learning (ML) models are often referred to as “black boxes” and even the data scientists that trained the models may not be able to explain the underlying algorithmic decisions. While this lack of visibility is a reality, it doesn’t mean that the entire AI and ML lifecycle is unknowable and unauditable. In fact, AI and ML can and should be part of a comprehensive compliance program.
In this presentation, we’ll explore where and how InfoSec, compliance, and audit professionals can assess AI models as well as the risk posed by AI through third parties. We will explain the differences between assessing DevOps and MLOps and show where process inventory, policy management, MLBoMs (machine learning bill of materials), and supply chain safety can be applied to provide visibility and audibility to an ML-aware audit program.

Session 2
Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification
IT compliance and cybersecurity teams have long struggled to effectively communicate the impact of threats and vulnerabilities to executives. When done right, cyber risk quantification allows IT professionals to speak the language of the business: financial impact.

While the importance of cyber risk quantification is apparent, many organizations struggle to get these projects funded. Join out experts to explore:

The basics of risk quantification and how to get started without trying to boil the ocean
The importance of moving beyond framework-driven security and assurance
Best practices for communicating the impact of IT security in supporting business growth
How to drive risk-informed decision-making within your organization

Session 3
From Due Diligence to Resilience: Building Robust Third-Party Risk Management
Organizations across industries rely on third parties to deliver critical services and drive operational efficiency. This collaboration often involves sharing sensitive data to create new opportunities—while also exposing companies to heightened cyber risks.

Join industry experts as they discuss practical strategies, policies, and tools for effective third-party risk management. Learn how to move beyond due diligence to implement risk-based approaches to vendor reviews, effective approaches to managing fourth-party risk, and navigating regulatory requirements including supply chain security. Protect your organization from third-party cyber threats while enabling secure, seamless service delivery in today’s interconnected and data-driven world.

More info:

https://www.auditboard.com/infoseccompliancenow/?utm_campaign=infosec-compliance-now-2025-02&utm_medium=display&utm_source=the-hacker-news-compliance&_m=3n%2e009a%2e3593%2eoh0aof3sx0%2e2m50

Date added	Feb. 15, 2025, 12:54 p.m.
Source	Audit Board
Subjects	AI/ML - Artificial Intelligence / Machine Learning / Artificial General Intelligence - AGI - Various Compliance regulations / Ethics - Various Insider Threats / Third Party / Third-Party / 3rd Party Risks / Managed Service Provider (MSP) PodCasts / Webcast / Webinar / eSummit / Virtual Event etc. Security Management/Strategic Security/ROI/ROSI
Venue	Feb. 26, 2025, midnight - Feb. 26, 2025, midnight