For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.
Are you using or considering a next-generation threat protection solution? Join this webcast and learn how you can multiply the value of your investment by integrating network and endpoint security.
During this session you’ll learn best practices for protecting your network and your endpoints and servers from today's new breed of cyber attacks. You’ll also see firsthand how the integration of network and endpoint security solutions will help you:
・ Automatically confirm and prioritize alerts
・ Provide enterprise-wide visibility of infections to speed investigation
・ Drive remediation
・ Automatically analyze files from endpoints and servers
"People are talking about doing security in the mobile space and I ask the following question: You have spent the last 13 years building up proper, compliant infrastructures inside your four walls. Now we're going mobile. Why should you implement any lesser degree of compliance in that portion of your infrastructure than you currently have?" Winn Schwartau, one of the world's top experts on security, privacy, infowar and cyber-terrorism, discusses the importance of mobile security and the implications it can have for your pre-existing infrastructure.
The webinar will cover the life cycle of a security audit from start to finish. Several areas will be discussed to include auditing of software. There will be tips on how to reduce the number of audit findings from a security and privacy perspective from the start of the SDLC (Software development life cycle). This presentation will focus on FISMA audits, but the tips can be applied to all security and privacy audits.
Companies are eager to adopt infrastructure-as-a-service services in both public providers and private datacenters because of the business agility that IaaS enables. Full IT automation, self-service provisioning, and metered usage billing helps companies accelerate the development of their products and services, and improves organizational efficiency. Unfortunately, many companies are struggling to accelerate the most important parts of their business due to the challenges of securing these highly dynamic environments. In this talk Rand Wacker, VP of Products for CloudPassage will describe the challenges of security and compliance in a truly automated cloud and critical topics that you need to be aware of when planning to adopt cloud services in either public or private environments.
In this session, we look at the issues with testing and audit. This is the base causes of why we fail to secure systems and how we can more effectively create methodologies that actually find flaws. Penetration tests and audit each have major failings, but when done correctly and with the right incentives, they can help make us more secure. When done poorly, we all suffer.
As more applications have moved to the cloud, the industry has seen a proliferation of application security issues. In 2012, several cloud service providers were breached as a direct result of application security vulnerabilities. Before you choose a cloud service provider, make sure that it answers the series of security questions created by the Cloud Security Alliance (CSA). CSA has created a checklist of industry-accepted ways to document what security controls exist in IaaS, PaaS, and SaaS offerings – creating more transparency for enterprises. The speakers will walk attendees through this blueprint, helping them to become more adept at identifying service provider security readiness. They'll also discuss some of the most common application vulnerabilities, including unencrypted passwords, SQL Injection, and those that impact poorly architected mobile apps.
New and disruptive technology is changing how we live and work. It is no longer just the infrastructure of our organization, providing tools and information with which to run our business, it has become integral to many of our products and services. The deployment of technology is the #1 way in which CEOs look to gain advantage and market share, and the CIO must be a visionary leader of the organization.
The panel will discuss how this affects IT Governance. Is it still appropriate to focus on the enterprise governance of IT as a separate but important issue? Or, should the focus shift to governance of the enterprise as a whole and whether it is taking sufficient advantage of technology? Panelists will address the issue from the perspective of an IT Governance Evangelist, an advisor to boards and CFOs, and a leading internal auditor.
As the cloud model continues to disrupt and enhance the modern enterprise IT teams are facing new challenges retaining security and control in these new environments. This panel will explore a multifaceted approach to the cloud that looks at the importance of integrating the right tech solutions and deployments while negotiating and understanding your relationship with cloud providers.
Bill Brenner, Managing Editor, CSO Magazine (moderator)
Nataraj Nagaratnam, Ph.D., IBM Distinguished Engineer, IBM Master Inventor
Chris Farrow, Information Security Specialist, Compassion International
Jason Mendenhall, EVP Cloud, Switch