Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.
Adam Bosnian, EVP Global Business Development, CyberArk
Robotic process automation (RPA) is a powerful and emerging technology that streamlines and standardizes many human user processes as well as harmonizes different systems across an organization’s environment. So what do IT security professionals need to know about RPA platforms and the connection to privileged credentials? Very simply, it is a new attack vector and organizations need to protect these accounts with the RPA platform.
Because RPA software interacts directly with business applications and mimics the way applications use and mirror human credentials and entitlements, this can introduce risks when the software robots automate and perform routine business processes across multiple systems.
Learn about the vulnerabilities attackers seek out in RPA and the methods you can employ to proactively secure, protect and monitor privileged credentials in RPA non-human user entities that mirror human entitlements.
While compliance is close to security, being compliant doesn’t necessarily mean that you’re protected from a security breach.
Malicious actors don’t care if you passed a regulatory audit, and there are many companies that are fully compliant on paper but that have suffered a data breach.
That’s why it’s essential to take a “go beyond compliance” approach.
In this webinar, we’ll share some insights into the biggest IT security disasters and explain how you can avoid such failures by not just working towards compliance, but building a robust security culture in your organisation.
Join Matt Middleton-Leal (CISSP), General Manager at Netwrix and Kennet Johansen, Security and Infrastructure Solution Architect, to learn:
•Why going beyond compliance is good for business
•Practical tips for improving your IT security posture
•How the right security investments help you save money in the long term
•How to establish a strong security culture in your organisation
Security Ratings are the relatively new kid on the block when it comes to externally derived Cyber posture analysis.
According to one of the most reputable research bodies, ‘continuous monitoring of systems and behaviours is the only way to reliably detect threats before it's too late’.
The three big topics are VISIBILITY - across my whole cyber risk landscape , COLLABORATION - in order to remediate against risk appetite and AGILITY - How can I react in a timely manner to rapidly changing risk factors
Given these challenges can you afford NOT to utilise Security Ratings?
In this session Nick Trigg - Risk Consultant for BitSight Technology - will address these points along with
•Do security ratings threaten or compliment traditional methods of questionnaires and audits
•Why security ratings should be treated as a risk position rather than a vulnerability checklist.
•Data: sources, accuracy, coverage, currency
•Context : stakeholders, business impact
•Time to value : best approach to implementation
How can AI help overworked, understaffed and overwhelmed security analyst teams? How can the use of an AI platform help reduce the cost of a data breach? Mike Spradbery, IBM's UK&I Security Technical Leader, will explore these and other questions as he talks live to the experts behind a new Ponemon Institute study on the use of Artificial Intelligence in Cyber Security. Mike will also share case studies of AI in action in Cyber Security and explore how AI is helping organisations elevate their cybersecurity posture and reduce response times.
As the volume of encrypted traffic continues to grow, organisations become even more vulnerable to encrypted attacks, threats and exploits that go undetected. Learn how to create a centralised “decryption zone” to decrypt traffic once and give security tools newfound visibility into encrypted traffic.
Join Ollie Sheridan (CISSP), Principal Engineer at Gigamon to learn:
•How the TLS 1.3 draft 28 proposal removes visibility which was widely deployed for threat identification in TLS 1.2.
•How to acknowledge and address critical management, troubleshooting, legal, regulatory, ethical and technical concerns.
•Why deploying TLS decryption in the core of networks is critical to detecting threats.
•How to deploy innovative architectures for TLS decryption while maintaining availability and reliability.
•How to manage growing SSL/TLS traffic volumes by creating a centralized “decryption zone” to decrypt traffic once and give security tools newfound visibility into formerly encrypted traffic and threats.
A growing use of the terms ‘AI’ and ‘Machine Learning’ being used in the descriptions of vendors’ products and capabilities can cause some confusion. With all the buzz around these latest trends, security professionals are left with some important questions: What can these technologies do in Infosec? How they can be implemented to improve everyday security processes? Where can’t AI and ML improve security tools? In this Splunk webinar, a machine learning expert will;
•Demystify what machine learning is as well as what it can and cannot do in InfoSec
•Walk through three of the most common use cases of where these technologies can be implemented
•Explore the latest innovations in ML & AI, and where this will take cybersecurity professionals next
Compliance regulations such as SWIFT and GDPR can be challenging to understand and implement. Many of these regulations have cybersecurity requirements that are focused on protecting critical banking infrastructure with aggressive timelines - and without disrupting the very business-critical systems you're trying to protect. Jumping from one set of requirements to another, and to subsequent internal and external audits, can feel like a never-ending cycle.
In this webinar, Faraz Aladin, will share thoughts on different approaches to handling the unique challenges a security practitioner in financial services can expect. He’ll highlight Illumio's unique position helping the largest financial institutions in the world solve regulatory and compliance challenges quickly and at scale. Register now to learn:
•Top challenges facing global banking
•Approaches to protecting your "digital crown jewels"
•Pros and cons of different approaches
•How to future-proof for evolving requirements
Unauthorised access is the leading cause of breaches today, whether it comes from external threat actors or insider activity. To mitigate this risk, Okta and CyberArk have integrated technologies to provide a comprehensive solution for unauthorised access protection. In this webinar, Daniel Harris of Okta and Przemek Dybowski of CyberArk will discuss how to:
•eliminate identity sprawl and prevent privileged access abuse
•enable strong authentication and reduce the attack surface
•identify and respond to account compromise.
How does one steal cryptocurrency? By hacking DNS and BGP—the two cornerstone protocols governing the Internet. Join us ThousandEyes and (ISC)² EMEA while we walk through this and other examples of how network security in the cloud and public internet can be a serious blind-spot in your security strategy.
What’s keeping you up at night? Ransomware? Phishing? Spyware? Malware? Data Breaches? A malicious email typically opens the door to those threats. Organizations spend great energy (and budget) preventing users from falling prey, but threat actors continue to find ways to get past automated controls, staying one step ahead of artificial intelligence tools. Cofense believes solving the phishing problem is more than just awareness: it’s about empowering humans to become instinctual nodes on the cyber defense network and feeding their real-time intelligence to security teams for immediate action.
Darrel Rendell, Principal Intelligence Analyst, Cofense
Mollie Holleman, Senior Intelligence Specialist, Cofense
As users become savvier and increasingly use ad blockers, advertising revenue is declining. Crypto coin mining is emerging as a new way for websites to monetise visitor traffic. But, there is a “dark side” to cryptomining: Cryptojacking, which includes, among other misdeeds, cryptomining without a website visitor’s permission or knowledge. While cryptojacking may seem like a victimless crime, since all that is being “stolen” is visitors’ computing and graphics processing power, it is anything but, and can lead to serious consequences. This session will focus on the differences between safe, legal cryptomining and dangerous cryptojacking, what it is, who is using it, why it is being used, when, how it is being abused, and how web browser isolation eliminates 100% of the cryptojacking risk.
• How crypto coin mining is being used today
• Why websites are moving away from advertising to crypto coin mining
• How and why web browsers are being used to steal users’ compute power away without consent in most cases
• How businesses can stop wide scale use of cryptojacking across all browsers and devices in their network through isolation