CISO Career Development Series

Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network. This is made up of approximately 69 million attack sensors and records thousands of events per second, monitoring threat activity in over 157 countries.

These resources have offered unparalleled sources of data with which to identify, analyse, and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam. Symantec’s Website Security Solutions have distilled this information down to focus specifically on the threats that are targeting online business and websites.

Join Symantec's team of as they draw on this report to discuss:
• Trends and patterns across the globe and the impact these have
• Best practices to mitigate risk for online businesses
• What actions you can take to protect your site and your customers

In the last 10 years, hacking has become big business with a well organised infrastructure, defined roles and responsibilities, and sophisticated attack vector automation that generates large-scale attacks of unprecedented size, speed and devastation. Advanced protection is needed in order to successfully stand up to the ‘industrialisation of hacking’. In this webinar, Andy will talk about:

- How to prevent web attacks like SQL injection, cross-site scripting, app DDoS or site scraping.

- The limitations and vulnerabilities associated with IPS solutions and other traditional security solutions.

- Attack-mitigation techniques for combating malware including bots and other automated attacks common in industrialised hacking.

- How to protect networks from the ‘compromised insider’ threat.

About the speaker:
Andy has 21 years’ experience in the IT industry, and has specialised in Internet security systems for more than eleven years. Andy is a passionate evangelist for technology and is multi-skilled across a broad range of security solutions including Firewalls, VPNs, IPS, WAF, web and email content filtering, SIM/SIEM, load balancing, DLP, risk assessment, monitoring tools, DB security, consultancy and Managed Security Services. Andy joined Imperva in 2012 and held previous technical roles at Check Point Technologies and several major telecommunications providers where he has had senior roles designing and implementing firewall, IDP and remote access solutions in mission critical environments.

Cybercriminals are increasingly banding together, organizing more sophisticated attacks that are more predatory in nature. Cybercrooks’ rapid adoption of new technologies and efficacy in information sharing has trumped traditional static enterprise defenses. In order for organizations to stay protected, they must learn from their adversaries.

What lessons can we learn from cybercriminals that can be applied to boost an organization’s overall security strategy?

Paul Brettle, HP’s EMEA Security Specialist Manager, will examine the means and motivations driving cybercriminal behavior and how improvements such as benchmarking can persuade criminals to look elsewhere for targets while helping security professionals develop stronger defenses.

Do you suspect you have a security incident? Time is of the essence. Your initial approach can determine how much damage the cyber security incident does—or does not do—to your organization.

What if you could reduce the time it takes to investigate and remediate a security incident from days to minutes? Join us for this webcast to learn how you can improve your incident response by:

•Locating every instance of a suspicious file across your endpoints and servers
•Knowing if the malware executed, when, and what it did
•Stopping an attack and preventing it from happening again
•Analyzing files that arrive on your endpoints and servers to quickly determine their risk

Nobody wants to fall sick, and yet we all do. By the same token, nobody expects their systems to be breached, and yet it happens. When that happens, companies need a blend of Digital Forensics and Incident Response expertise to deal with the incident. However, the distinction between these two related but different services and their roles in responding to a breach are often not clear to the victims of the breach. In this session, Vivek Chudgar, Director of FireEye Labs (APAC), will explain the key differences between Digital Forensics and Incident Response and demystify the role each service plays in effectively responding to a breach.

What is the cost of your proprietary data falling into the wrong hands? Did you know that today, the number one security threat in the cloud is data breach? What are your plans to secure your information the cloud? While organizations are rapidly turning to the cloud to reduce costs, provide greater flexibility and quickly ramp up support of business needs, security still remains a top concern.

As a leading provider of information security services, Dell and its partners can provide you with expert guidance and critical security controls to protect your infrastructure, applications and data. Join us for an informative discussion that will separate fact from fiction, and help you secure your information in the cloud.

In this webinar, security practitioners will help you:
- Discover technological and other tools to mitigate threats in the cloud
- Understand the types and nature of security threats
- Learn about Dell’s unique integrated approach to cloud security, leveraging SecureWorks and Trend Micro

Colby Clark will present a rapid incident response methodology used by the FishNet Security Incident Management team utilizing a combination of best-of-breed solutions to rapidly facilitate all phases of an IR investigation of evolving threats. The methodology begins with identification from network indicators with NetWitness, triage and containment using FireAmp, and in-depth forensic investigations on system artifacts (memory, volatile data, and file system) using EnCase Enterprise.

Is your business safe from malware and targeted attacks? Sophisticated attacks now leverage social engineering techniques and malware to compromise those individuals already on the inside of your enterprise, and then target your data. This session covers the basics of how this continues to happen, despite more money than ever being spent on perimeter and endpoint defenses. We’ll present an eight step incident response model to help prevent, detect and respond to these attacks.

Today's accepted wisdom is that there are only two types of organizations, those that have been breached and know it and those that have been breached and don't. With this new vision comes the realization that building perimeter defenses is no longer enough, but that remediation, situational awareness and fast response time are what separate well secured organizations from the rest.

Join this panel as they discuss the transition to an incident response world and the important operational and philosophical battles that will define it - from the federal and commercial perspectives to using forensics for risk analysis and IT investment and the attribution debate.

Panel:

Tom Field, Vice President, Editorial, Information Security Media Group (moderator)
Bill Hau, VP of FireEye Labs,
Pete Allor, Steering Committee member of FIRST
Vernon Habersetzer, IR Team Lead, Walmart

This webinar will review the methodology lifecycle of a breach at an organization and highlight best-practices and efficiencies that can help your organization learn from breaches and continually strengthen your security posture.

Based on recent high-profile reports of attackers compromising victims long before the breach is discovered, many security professionals want to know: “Are we already compromised?”

Ben Feinstein, Director of our Counter Threat Unit’s operations and development teams, will discuss threat indicators and the subtle traces of an attacker’s tradecraft and presence in your environment. Ben will share findings from helping organizations defend against targeted attacks, focusing on tactics, techniques and procedures exhibited by organized cybercriminals and APT. He will also discuss using threat indicators to learn about the adversary and show how vital this intelligence is to successful incident response.

Key Topics:

· Understanding threat indicators that suggest your organization may already be compromised

· Inspecting networks and hosts for signs of compromise

· Strategies for response when attacker presence is found

Your business needs security solutions that are easy to live with and run on a daily basis. ESET has the best solution from this perspective. This webcast will highlight 2-3 specific atributes and focus the ease of management and implementation.

In this webinar, I will begin with a brief discussion of the different types of attackers, and show how all threat actors are not equal. Then, I will discuss four main ways attackers execute code in a Windows environment. Reviewing real cases of recent attacks, I will show how to detect file execution using static, dynamic, and advanced analysis techniques. I will show how to use artifacts such as the Windows registry, logs, prefetch files, and network data to determine whether an attacker executed files. Finally, there will be a discussion of tools used for forensic analysis, including free tools such as the ShimCacheParser and MANDIANT Redline.

Despite significant time and effort deploying multiple security solutions, incident responders know more than anyone that existing signature-based, “set it and forget it” security technologies have not stopped the advanced persistent threat. Signature- and rule-based technologies are easily evaded with today’s advanced targeted attacks, morphing malware and zero-day threats. Tools like FireEye’s Malware Analysis System are effective in dealing with zero-day malware, but being able to detect this threat does not mean complete resolution.

In addition, sophisticated attackers employ social engineering or take advantage of misconfigurations in security technologies to breach networks – without using any malware at all. Incident responders need full visibility of everything that is going through the network to understand the nature of how a threat originated, see what attackers actually did to take control over the network, and to answer the questions of what they did after they compromised systems. This session will provide an overview of Big Data Security Intelligence and Analytics and how full security visibility can answer the toughest post-breach questions so you can quickly determine the full source, scope and material impact of an incident.

When it comes to organizations experiencing some form of cyber-attack, the adage still rings true: it’s not a question of if but when. Advanced malware, zero-day exploits, and targeted advanced persistent threats (APTs) have kept organizations on their heels and searching for ways to protect themselves. Incident Response teams are being forced to re-examine their existing IT security defenses and attempt to stay ahead of the attack curve. Surprisingly, many incident response teams aren’t doing themselves any favors with practices they have implemented.

Attend this webinar to learn the top 10 mistakes that Incident Response teams make and what you can do to make sure you aren’t making them yourselves.

What vulnerabilities threaten the integrity of your software supply chain and data? Can your enterprise really influence software vendors to meet your most important security policies and remediate insecure software?

Action is needed, and urgently. An alarming 62 percent of all applications fail to reach compliance on their first submission, according to a study recently conducted by Veracode, Enterprise Testing of the Software Supply Chain. While few enterprises now have formal third-party testing programs, those that do find they dramatically improve vendor compliance while meeting industry standards.

Join this webcast with Chris Eng, Veracode's Vice President of Research, and you will learn:

•How leading enterprises now test their software supply chains.
•Analytics drawn from code-level analyses of thousands of third-party applications that support global enterprises.