Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • Hacking Humans: Exploring Social Engineering as an Attacker and a Defender
    Hacking Humans: Exploring Social Engineering as an Attacker and a Defender
    Luke Potter, Operations Director (Cybersecurity), SureCloud Recorded: Apr 30 2019 64 mins
    Currently, 75% of cyber-attacks start with social engineering. It is this part of penetration testing that centers around manipulation and deception, rather than trying to outsmart a machine. It is just as crucial to improve an organization’s security posture as it is to probe a network for vulnerabilities. But what does it look like in practice?

    Join SureCloud’s Operations Director (Cybersecurity), Luke Potter, as he discusses his research into social-engineering techniques.

    This session will cover:
    • Defining social engineering
    • Best lines of defense against a human pentest attack
    • The psychology behind influence and persuasion
  • How to Develop Effective Information Gathering for Third Parties
    How to Develop Effective Information Gathering for Third Parties
    Alex Hollis Recorded: Mar 28 2019 57 mins
    Two-thirds of data breaches occur due to an insecure or poorly managed third-party relationship. Gaining control over your network of vendors is a critical risk activity. Join Alex Hollis, SureCloud’s GRC Practice Director as he discusses efficient and effective information gathering from third parties.

    The session will cover:
    •How to evaluate your information needs
    •Prioritizing, planning and structuring the information gathering
    •Use of categorization, tiering and risk scoring
    •Building the question library
    •Reducing the manual administrative burden from the system
    •Reducing “assessment fatigue” - The human element of answering questions

    Alex has over 16 years’ experience in IT, mobile technology and software development. He has spent the last seven years specializing in governance, risk, and compliance (GRC).
  • Everything You Need To Know About OWASP SAMM 2.0
    Everything You Need To Know About OWASP SAMM 2.0
    Cybersecurity Practice Manager, Chris Cooper Recorded: Feb 28 2019 25 mins
    The Open Web Application Security Project (OWASP) is developing version 2.0 of their Software Assurance Maturity Model (aka SAMM), and Chris Cooper, SureCloud’s Cybersecurity Practice Manager is part of the team currently working on the core model, with a focus around the new ‘Implementation’ business practice. In this webinar, Chris will be discussing the history of SAMM, evaluating the version 2.0 core model from a technical perspective, and the process that the SAMM team are undertaking.

    The session will cover:
    •Why SAMM 2.0 is being introduced
    •The innovative ways in which SAMM 2.0 is being created
    •How SAMM is modernizing its recommendations on how organizations build and deploy software
    •How to harness SAMM to conduct penetration testing in a more mature way
    •Some of the feedback that OWASP SAMM team has received from the version 2.0 beta

    Chris Cooper is a Tigerscheme Senior Security Tester (Web Apps) and a CHECK Team Leader.
  • Cybersecurity Attacks that will Actually Lead to a Compromise
    Cybersecurity Attacks that will Actually Lead to a Compromise
    Luke Potter, Cybersecurity Practice Director, SureCloud Recorded: Jan 15 2019 67 mins
    Vulnerabilities exist in every system, and for some, the impact of an attack could be catastrophic, even business-ending. Often, these incidents are the result of a vulnerability that could be identified in a penetration test.

    In this webinar SureCloud’s Cybersecurity Practice Director, expert Penetration Tester, Luke Potter will discuss some of the real-life cyber-attacks his team has conducted including the work they have done with the BBC, Daily Mail, and Which? Magazine.

    The session will cover:
    •Targeted Phishing attacks
    •IoT and ‘Smart’ devices
    •Physical attacks including Social Engineering
    •Use of OSINT Techniques to Compromise Organisations
    •Password Analysis

    Luke Potter is a CHECK team leader, Tiger Scheme senior security tester, ISO 27001 lead auditor and Microsoft Certified enterprise administrator.
  • How to integrate Business Risk and IT Risk
    How to integrate Business Risk and IT Risk
    Alex Hollis, GRC Practice Director SureCloud Recorded: Nov 27 2018 49 mins

    Many governance, risk, and compliance (GRC) projects fail because they’re deployed to support a specific compliance need or to meet the requirements of a specific department. In this webinar, SureCloud’s GRC Practice Director will discuss taking an integrated Risk Management approach, connecting Business Risk and IT Risk.

    The session will cover:

    • The challenges Integrated Risk Management (IRM) causes
    • Outlining how operational and IT Risk must work together
    • An approach for creating a model within your own business with the right GRC technology
    • The benefits of integration for internal communication and the relationships within your business
  • Ask the Expert: Penetration Testing
    Ask the Expert: Penetration Testing
    Luke Potter, Cybersecurity Practice Director Recorded: Jun 7 2018 11 mins
    SureCloud's Cybersecurity Practise Director talks avoiding the pain of managing penetration test outputs in static PDF documents. Effective management of penetration test remediation activities. Demonstration of improvement and benefit following penetration test delivery. Why a better approach is needed to penetration test, specifically running it ‘as a service’ based engagement. Tracking, trending and analyzing data between multiple testing projects.
  • GDPR Compliance -  What should organisations be doing now?
    GDPR Compliance - What should organisations be doing now?
    SureCloud CEO Richard Hibbert and COO Nick Rafferty Recorded: Apr 25 2018 46 mins
    Key takeaways

    • Key concepts and obligations
    • Principles of data processing and transparency
    • What organisations need to do to prepare for the GDPR?
    • What organisations need to do to implement a GDPR Compliance Program

    We will also provide a demonstration of SureCloud GDPR Suite that help organisations to achieve and maintain compliance with the regulation.
  • Got budget? Building the business case for your 2018 GDPR project
    Got budget? Building the business case for your 2018 GDPR project
    Terry Blake, SureCloud, Nick Rafferty, SureCloud, Michael Rasmussen, GRC 20/20 Recorded: Nov 16 2017 45 mins
    The deadline to comply with the European Union General Data Protection Regulation is May 25, 2018. Non-compliance could result in hefty fines to your company and impact your ability to do business in the EU. With calendar year budget planning now underway, this webinar will help you build the case to fund your GDPR project and gain alignment within your organization. You'll also get a demo of the Cloud-based SureCloud GDPR Suite. Deadline-driven demand will surely drive costs up so the time to act is now to secure both your funding and resources.
  • GDPR - How to embrace PCI’s big brother
    GDPR - How to embrace PCI’s big brother
    Chief Operations Officer, Nick Rafferty & Head of GRC, Oliver Vistisen Recorded: Aug 23 2017 44 mins
    If your organization stores, processes and transmits cardholder data, PCI’s big brother - the EU General Data Protection Regulation - could affect your ability to do business in the EU.

    Impacted PCI US companies may have EU residents as employees or customers.

    The GDPR has become a primary item on most organizations' agenda this past year, yet a disproportionate amount of focus has fallen on the fines that are set to come in force May 25, 2018.

    We want to take a more optimistic look at the regulation, why it came to be and how it can be a massive opportunity to strengthen your reputation and (re)gain customer confidence. We will also look at how the implementation and ongoing maintenance of compliance can be addressed through an analytical approach to the Articles themselves; the rules of the regulation.

    What attendees will learn:
    • How US ecommerce and other companies involved in payment card transactions can be impacted by the GDPR.
    • Why the world’s most valuable resource is no longer oil, but data.
    • Why the GDPR is far more than a simple check-box compliance exercise.
    •Why the GDPR is a massive opportunity in disguise for organizations who take it seriously.
    •How the GDPR aims to change company culture by turning risk assessments on their head.
    •An analytical breakdown of the GDPR Articles that uncovers those that are applicable to your organization, and how to tackle these through a risk based approach.
    •Key areas of focus for any GDPR program based on personal and client feedback.
    •How to effectively implement GDPR by expanding upon existing compliance programs and management systems (ISO 27001).
  • Let the countdown begin: What does the GDPR mean for US companies?
    Let the countdown begin: What does the GDPR mean for US companies?
    Stephen Bailey, Head of Privacy at NCC Group, Terry Blake, SureCloud EVP – North America, and Nick Rafferty, SureCloud COO. Recorded: May 25 2017 60 mins
    Exactly one year from the date of this webinar, the General Data Protection Regulation will take effect in the European Union. The GDPR applies to any organization that stores, processes or transfers the personal data of residents within the EU. It includes organizations located in and outside the EU. Non-compliance can result in fines of more than $20 million or 4% of worldwide revenues, whichever is greater. A recent survey found an alarming percentage of US-based companies are planning to reduce their presence in Europe or exit the European Union altogether rather than deal with the GDPR. Instead of tossing up their hands over the GDPR and going home, strategic US companies can follow the defined steps and adopt software solutions that can bring certainty to these uncertain times. In fact, they see another company’s exit from the EU as a potential opportunity to gain share. The good news is that you’re not too late in getting started to meet the GDPR deadline. But as the countdown begins, urgency escalates. The time to act is now.

    In this webinar, you will learn:
    What the GDPR means for you
    How to get started on your journey to compliance
    How the SureCloud GDPR Applications Suite can help you gain and demonstrate compliance and continuously improve your performance

    Agenda includes plenty of time to address your questions.

Embed in website or blog