Preparing for the EU’s Digital Operational Resilience Act
Dec
4

Preparing for the EU’s Digital Operational Resilience Act

Join the Business Resilience Council (BRC) for key findings from a recent white paper that aligns the Operational Resilience Framework (ORF) and compliance with the EU’s Digital Operational Resilience Act (DORA), going into effect January 17, 2025.

The white paper covers how the ORF can help establish a comprehensive resilience strategy that strengthens an organization and its critical vendors. This integrated ORF/DORA approach will also help organizations navigate future regulatory requirements beyond January 2025.

Participants in the BRC’s operational resilience tabletop exercise on December 11 may also wish to attend this meeting in preparation for that event.

View Event →
Cyber & Physical Activity Targeting the U.S. Election & Major Geopolitical Events
Oct
30

Cyber & Physical Activity Targeting the U.S. Election & Major Geopolitical Events

Join the Business Resilience Council and analysts from RANE Network for presentations on violent activism and extremism surrounding the U.S. presidential election and the transfer of power. Additionally, analysts will cover hacktivism and malicious cyber activity by state actors and their proxies around the election and other current geopolitical events.

Speakers:

  • Sam Lichtenstein, Director of Analysis at RANE

  • Ali Plucinski, Cyber Analyst at RANE

  • Chris Denning, BRC Program Director and CSO at GRF

  • Brian Katula, Director of Operational Resilience at GRF

View Event →
MITRE Presents Tools to Defend Critical Infrastructure
Sep
25

MITRE Presents Tools to Defend Critical Infrastructure

Join the Business Resilience Council  and MITRE’s Center for Threat-Informed Defense as we apply MITRE ATT&CK® techniques to operational technology (OT) environments. We will share:

  • A collection of unique adversary behaviors from MITRE ATT&CK® for Enterprise and ATT&CK for ICS

  • A reference architecture and practical examples to assess vulnerabilities, helping you to design secure IT/OT hybrid systems.

  • Methodologies and tabletop exercises for testing OT defenses.

  • Attendees will gain practical insights into using ATT&CK to make informed decisions when defending hybrid IT/OT infrastructures against cyber threats.

View Event →
Boosting Supplier Security - Free Training for your Direct Suppliers
Jul
10

Boosting Supplier Security - Free Training for your Direct Suppliers

Small and medium-sized suppliers make up the backbone of the manufacturing supply chain. While they are an indispensable part of that supply chain, and the manufacturing ecosystem as a whole, they often suffer from a lack cybersecurity, especially as it pertains to their operational network environments. This can lead to significant operational and business risk to the larger upstream manufacturers.

Dragos Operational Technology Cyber Emergency Readiness Team (OT-CERT) and the Manufacturing Information Sharing and Analysis Center (MFG-ISAC) have teamed up to provide free training and resources for these small and medium-sized suppliers. Join the webinar to learn more about how your organization can connect your suppliers to the security help they need. Attendance is free, as are the training and resources the partnership offers.

View Event →
Strategic Defense: How Senior Leaders Plan for Operational Resilience
May
22

Strategic Defense: How Senior Leaders Plan for Operational Resilience

Dan Devroye Managing Director, Head of Control, Strategy & Innovation for Global Security at JPMorgan

Chase Brian Geffert former Global CISO, current Principal - Cybersecurity Services at KPMG

David LaFalce Managing Director - Strategy, Planning & Transformation at Wells Fargo

Trey Maust Chairman at Lewis & Clark Bancorp

Cybersecurity and operational resilience leaders from banking and professional services discussed risk, security, and resilience and how understanding of business and customer needs reduces the potential for cascading impacts. 

Watch the full 2024 Business Resilience Council Virtual Summit at https://www.grfbrc.org/brc-summit-on-resilience-security

View Event →
Shifting Geopolitical Patterns: Navigating a Multipolar World
May
22

Shifting Geopolitical Patterns: Navigating a Multipolar World

Rodger Baker Executive Director, Stratfor Center for Applied Geopolitics at RANE

Understanding the shifting geopolitical landscape is critical to identify risk (and opportunity) for internationally engaged enterprises. A multipolar world is a more fractured world, one where regulations, political and economic alignment, and security dynamics can change rapidly. Rodger Baker discussed ways to identify geopolitically-driven risk, implications for international business, and ways to anticipate and adapt to an increasingly volatile international arena.

Watch the full 2024 Business Resilience Council Virtual Summit at https://www.grfbrc.org/brc-summit-on-resilience-security

View Event →
Fortifying Our Critical Infrastructure for a Digital World
May
22

Fortifying Our Critical Infrastructure for a Digital World

Phil Venables VP at Google and Chief Information Security Officer at Google Cloud

Phil Venables discussed the shift from security to resilience, the recommendations on cyber-physical resilience from the President’s Council of Advisors on Science and Technology (PCAST), and organizational responsibilities to help fortify resilience of critical infrastructure and services. Download session slides

Watch the full 2024 Business Resilience Council Virtual Summit at https://www.grfbrc.org/brc-summit-on-resilience-security

View Event →
Wiperware and Operational Resilience: What Have We Learned
May
22

Wiperware and Operational Resilience: What Have We Learned

Chris Denning Chief Security Officer at Global Resilience Federation

Brian Katula Technical Project Manager at Global Resilience Federation

Mark Orsi CEO at Global Resilience Federation

This spring GRF held two table top exercises to assess organizations’ resilience after a simulated wiperware incident. In addition to IT operations and risk, exercise components included media management, law enforcement and regulatory engagement, and an examination of operational prioritizations. With hundreds of participating organizations, the event helped inform on the state of incident management and operational resilience today. Join the GRF Business Resilience Council team for an examination of exercise findings and learn the takeaways that surprised GRF analysts.

Watch the full 2024 Business Resilience Council Virtual Summit at https://www.grfbrc.org/brc-summit-on-resilience-security

View Event →
Fireside Chat with Former DHS Secretary Kirstjen Nielsen
May
22

Fireside Chat with Former DHS Secretary Kirstjen Nielsen

Kirstjen Nielsen former U.S. Secretary of Homeland Security

Bill Nelson Chairman at Global Resilience Federation

GRF Chairman Bill Nelson hosted a fireside chat with former U.S. Secretary of Homeland Security Kirstjen Nielsen. The discussion included the evolution of threats in recent years, the current geopolitical climate, and how government and the private sector are working together and what more could be done.

Watch the full 2024 Business Resilience Council Virtual Summit at https://www.grfbrc.org/brc-summit-on-resilience-security

View Event →
Demystifying Segmentation: Real-World Solutions for Network Security
Apr
18

Demystifying Segmentation: Real-World Solutions for Network Security

Join GRF and Zero Networks' Nicholas DiCola for a presentation on network segmentation.

The need for network segmentation has been punctuated by evolving regulatory and compliance requirements, and new zero trust guidance from the NSA and CISA. While network segmentation has historically been reserved for large and/or mature organizations due to complex and costly implementations, there are practical steps organizations of all sizes and maturity levels can take to secure their networks.

Join us for an actionable segmentation strategy session with real world examples of how organizations have effectively defended against ransomware and lateral movement, while satisfying compliance requirements.

This complimentary webinar is TLP: CLEAR

View Event →
BRC Overview, Activities, and Resilience & Security Updates
Apr
3

BRC Overview, Activities, and Resilience & Security Updates

Join the GRF Business Resilience Council (BRC) for an overview of the BRC, a discussion and call to action for upcoming activities and focus, and a presentation on the latest security, resilience and geopolitical threats.

This event is TLP: CLEAR

In addition to the above, we invite you to register for a free Payments Disruption Exercise examining the operational resilience of organizations when faced with a wiperware attack that disrupts payments processors.

View Event →
Semiannual Ransomware Report & Geopolitical Updates
Feb
28

Semiannual Ransomware Report & Geopolitical Updates

Join the GRF Business Resilience Council (BRC) for a briefing on the soon-to-be-released Semiannual Ransomware Report – GRF’s popular biannual report on ransomware gangs, successful sector attack statistics, and trend analysis pulled from open sources and closed criminal forums. Analysts will also provide geopolitical updates as time permits.

This event is TLP: CLEAR

View Event →
Stop VPNs from becoming Virtual “Public” Networks
Feb
20

Stop VPNs from becoming Virtual “Public” Networks

Join GRF and Zero Networks' Nicholas DiCola for a presentation on VPN security.

According to Top10VPN, in 2023 alone, 133 VPN vulnerabilities were disclosed and at least 20 are known to have been exploited – as evidenced by recent headlines involving Cisco, Ivanti, and others. The period from when these vulnerabilities are disclosed to the point they are patched (if at all), poses a major potential security risk for many organizations.

Join this webinar to:
• Better understand why VPNs are explicitly targeted.
• Consider several of the underlying flaws common to most VPNs.
• Discuss risk mitigation strategies and alternative solutions.

This complimentary webinar is TLP: CLEAR

View Event →
Business Impacts From Civil Unrest, Activism and Extremism Entering the 2024 US Presidential Election Cycle
Jan
24

Business Impacts From Civil Unrest, Activism and Extremism Entering the 2024 US Presidential Election Cycle

Join the BRC on January 24th at 2pm ET for a webinar on the potential for civil unrest, activism and extremism surrounding the 2024 US Presidential Election cycle. 

Foresight Chief Analyst Harris Stephenson will provide a forecast on civil unrest, activism and extremism, as well as potential business implications.  He'll cover how to monitor these threats and how to protect your organization and personnel. Stephenson will take questions at the end of his presentation.

In addition, BRC analysts will provide geopolitical analysis and present on an upcoming complimentary tabletop exercise examining operational resilience of business processes in the face of cyber disruption.

This webinar is TLP: CLEAR

View Event →
Operations Disruption Exercise Development Meeting
Dec
13

Operations Disruption Exercise Development Meeting

GRF Business Resilience Council members are invited to join this meeting to provide input in the development of a new exercise to test the operational resilience of sectors as they disburse and collect payments. This meeting will explore the impacts to businesses in the event that an attack were to disrupt the payment systems tools and processes.

Your input is vital to building an exercise that will ultimately help protect your organizations’ ability to maintain minimal viable service levels for accounts payable and accounts receivable systems during a major attack against the banking system.

Members will be emailed the link to participate, the link will also be published to your community portals.

Partners and interested non-members can contact Chris Denning for more information on participating: cdenning@grf.org

View Event →
The Evolution of Secure Connectivity
Dec
7

The Evolution of Secure Connectivity

Join GRF and Cyolo for a presentation on the evolution of secure connectivity. Learn effective strategies for managing access risks, including how and why to prioritize, and how to adapt to a changing digital landscape. During the webinar, we will cover three critical topics:

1. Understanding the behavior and tactics of hackers and malicious actors

2. Insights into the current state of corporate access security

3. Effective strategies to combat current and future threats

This webinar is TLP: CLEAR

Register to Watch the Event

View Event →
The Game of IT/OT Security: Unveiling New Developments in Our Critical Infrastructure Threat Landscape
Nov
16

The Game of IT/OT Security: Unveiling New Developments in Our Critical Infrastructure Threat Landscape

Senior Security Researcher Adam Robbie, from Palo Alto Networks, will share new highlights from research data collected from ten thousand organizations in fifty countries over the past three years. The data has illuminated some interesting findings that will be shared about ICS network intrusions, and how zero trust architecture can be an effective tool to stop many of these threats.

Register to Watch the Event

View Event →
Operations Disruption Exercise Development Meeting
Nov
15

Operations Disruption Exercise Development Meeting

GRF Business Resilience Council members are invited to join this meeting to provide input in the development of a new exercise to test the operational resilience of sectors as they disburse and collect payments. This meeting will explore the impacts to businesses in the event that an attack were to disrupt the payment systems tools and processes.

Your input is vital to building an exercise that will ultimately help protect your organizations’ ability to maintain minimal viable service levels for its accounts payable and accounts receivable systems during a major attack against the banking system.

Members will be emailed the link to participate, the link will also be published to your community portals.

Partners and interested non-members can contact Chris Denning for more information on participating: cdenning@grf.org

View Event →
Third-Party Risk Management: TPRA Guidebook & GRF Security Connection
Nov
9

Third-Party Risk Management: TPRA Guidebook & GRF Security Connection

Join Global Resilience Federation and the Third Party Risk Association (TPRA) for a complimentary joint webinar that outlines the new TPRA Guidebook covering phases of the TPRM lifecycle and practical tools and examples for implementation, and GRF’s Third-Party Security Connection, a place for company vendors to gather to engage industry and help with mitigation in the event of a security breach.

This webinar is TLP: CLEAR

Register to Watch the Event

View Event →
Leveraging AI to Defend Against Back to School Threats
Sep
12

Leveraging AI to Defend Against Back to School Threats

Join the K12 Security Information eXchange (K12 SIX) and Microsoft for the second in a series of informational webinars focused on cybersecurity preparations for the new school year.

Maintaining security across today’s vast digital ecosystem is a team effort. In this new era of AI, data insights and machine learning are helping school systems detect threats quickly and respond effectively. Yet we all know that the best defense still requires human wisdom and experience. In this webinar, join us as we discuss some of the latest cybersecurity guidance as well as innovations across security, compliance, identity, management, and privacy.

With Corey Lee, Microsoft Chief Zero Trust Architect, we’ll cover important topics like understanding the AI threat landscape, how Microsoft defends itself and customers using AI, and how schools can harness the future of AI and cybersecurity in Education.

This webinar is sponsored by Microsoft. Unless you elect to opt out, you will receive information, tips, and offers about Microsoft products and services. Privacy Statement: http://go.microsoft.com/fwlink/?LinkId=521839.

Register to Watch the Event

View Event →
2023 Ransomware Report Highlights
Aug
30

2023 Ransomware Report Highlights

Join GRF analysts for a review of the most recent GRF ransomware report, covering the first half of 2023. In this reporting period, analysts tracked 1,650 attacks based on public sources and conversations of threat actors in closed criminal forums.

Some findings that will be elaborated on in the session:

• Critical Manufacturing was the most targeted industry followed by Financial Services, IT, and Commercial Facilities

• June saw the most victims in a single month since the beginning of this series

• Most attacks were committed by LockBit ransomware

• The US experienced the majority of ransomware attacks, followed by the EU and UK

• This period saw extensive use of zero day vulnerabilities and increased use of Living off the Land attacks

This webinar is TLP: CLEAR

Register to Watch the Event

View Event →
2023 Hurricane Season Forecast
Aug
23

2023 Hurricane Season Forecast

GRF’s Business Resilience Council will host Ryan Truchelut Ph.D, President and Chief Meteorologist at Weather Tiger LLC, for an update on the 2023 hurricane season and an assessment of potential impacts to infrastructure and businesses.

The meeting will also feature a presentation and discussion on GRF’s Operational Resilience initiatives and tools including a maturity model and upcoming implementation exercise.

Relevant geopolitical, physical and cyber updates will be covered as time permits.

This meeting is TLP: Clear

Register to Watch the Event

View Event →