CSA’s third annual Virtual Zero Trust Summit will provide insights and resources needed to understand and implement the core concepts of Zero Trust. Featuring prominent industry leaders such as John Kindervag, the founder of Zero Trust philosophy, this two-day Summit will deliver critical insights, tools, and best practice guidance for developing and implementing a Zero Trust security strategy. Zero Trust experts, innovators and analysts will deliver guidance on a variety of Zero Trust-based topics, such as organizational strategy, leveraging Zero Trust for critical infrastructure, the role of identity, using ZT for and with AI, as well as practical guidance on the five step process for ZT implementation. This is the must-attend cybersecurity event for attendees looking to gain a holistic understanding of Zero Trust architecture, its components, and its operation.

Operational risk is more than a regulatory buzzword – it’s a fact of life. What are some of the most pressing operational risks at financial institutions? What can you do to manage and mitigate these risks?

Find out in this webinar as our risk management experts share practical advice on taming business challenges that disrupt operations, threaten resilience, and damage financial institutions’ reputations. Topics include fraud, third-party and fintech relationships, and Anti-Money Laundering (AML) / Countering the Financing of Terrorism (CFT) as well as:

• Operational risk data and trends

• Dynamic risk assessments

• Identifying risk and risk mitigation strategies

• Change management

A successful third-party risk management program should be capable of demonstrating its effectiveness and value to the organization. Program metrics are the tools that can assist you in achieving this aim. But, once you have identified your third-party risk management program metrics, what comes next? How can you utilize those metrics to tell a compelling story, and identify program risks for mitigation? How do you know if you are analyzing the right data points? What if a particular metric isn't working or needs to be adjusted? Join this intermediate level session to learn how to effectively analyze, utilize, recalibrate, and evolve third-party risk management program metrics. Register now to learn: Telling the right story with third-party risk management metrics Rightsizing or recalibrating your third-party risk metrics Incorporating stakeholder feedback Aligning your third-party risk metrics with organizational goals and strategies Defining the actions to take when third-party risk metrics aren't within acceptable thresholds

Regulatory guidance and best practices continue to evolve and change. It’s clear that regulators are paying more attention to third-party risk management in recent years. However, it can be challenging to know which regulations your organization should follow and how to comply. So, what exactly do regulators expect? How do we synthesize regulatory requirements into practical and actionable third-party risk processes? This session will talk through interpreting regulatory requirements and identifying common regulatory themes, thinking like an auditor or regulatory examiner, self-auditing your third-party risk management program, and more. Register now to learn: Third-party risk management regulations Understanding the components of the regulatory landscape Third-party risk related regulatory changes and updates How to think like a regulator and perform a self-audit Key takeaways

By 2026, over 80% of enterprises will be using Generative AI (GenAI) applications or APIs, a massive leap from today’s 5%. However, with this rapid adoption come significant privacy and security challenges. Research shows that privacy concerns are the top barrier to GenAI adoption, as AI can amplify existing data vulnerabilities.

This webinar will explore the key privacy pitfalls organizations face when implementing GenAI, focusing on purpose limitation, data proportionality, and business continuity. Attendees will gain insights into how to navigate these challenges through strong data governance, version control, and detailed model documentation to ensure compliance and mitigate risks.

Key takeaways:

• The top privacy pitfalls in GenAI, including purpose limitation, proportionality, and business continuity

• Strategies for enforcing robust data governance, documentation, and model versioning

• How to manage data privacy risks and promote trustworthy AI within your organization

It’s impossible to predict what 2025 will bring us, but it’s important to be as prepared as possible. Vendor risks are always changing, as are the methods and best practices for managing them. Understanding and following the latest industry practices will set up your organization for success in the new year. Finish 2024 with this webinar to review the third-party risk management challenges and lessons learned. It’ll also explore what might be on the third-party risk horizon for 2025 and beyond. Register now to learn: Third-party risk challenges and lessons learned in 2024 What's on the horizon for third-party risk in 2025 Key aspects of a third-party risk management program Takeaways for a successful 2025

In March and April, Global Resilience Federation and Nacha held free tabletop exercises to allow organizations to assess resilience after a simulated, destructive wiperware incident that included a major ACH outage. In addition to IT operations and risk, exercise components included media management, law enforcement and regulatory engagement, and an examination of prioritizations. Players discussed and took simulated action in the emergency as facilitators progressed the exercise timeline and injected additional information.

The exercises were designed for resilience practitioners from commercial banks, credit unions, and core systems processors. A multi-sector exercise will be delivered on September 12 and December 11 that extends this scenario to explore operational resilience in a broader ecosystem. Attendance is anonymous.

OneTrust and PA Consulting are excited to share insights from this year's IAPP Data Protection Congress in Brussels. The event will highlight the latest strategic trends in both regional and global data protection, along with AI-focused sessions exploring how to optimize AI operations. Topics will also cover advertising strategies and managing third-party risks in the evolving regulatory landscape.

Join us to dive deeper into the key takeaways from the IAPP Europe Data Protection Congress 2024. Our expert speakers will provide actionable insights from the event on the latest developments in data protection, privacy, and AI.

Artificial intelligence is slowly transforming banking —everything from the customer experience and competition to the back office. This session examines AI from a risk and governance perspective, highlighting policies supported by risk assessments and your institution’s risk appetite. You’ll explore:

• How to evaluate AI opportunities & threats

• How third parties and your institution are using AI

• Best practices for evaluating which AI tools make sense for your institution and which ones are too risky.

Prepare for an AI-enabled future with this practical webinar on one of the industry’s hottest topics.