Hi [[ session.user.profile.firstName ]]

UpGuard

  • Date
  • Rating
  • Views
  • Breaking Down Silos - DevOps Meets ITIL
    Breaking Down Silos - DevOps Meets ITIL Greg Pollock, VP of Product at UpGuard Recorded: Aug 17 2017 42 mins
    Big things are happening in software. Agile Software Development and DevOps are delivering innovations at a rate never seen before. Prompting many to ask 'Is this the end of ITIL?'.

    There is a perception that DevOps and ITIL cannot play well together. That an you must choose one over the other or risk catastrophic failure. This is simply not true.

    Many do not realize that DevOps relieson core concepts and processes of ITIL to be successful. Ignoring this relationship means missing out on service improvements that may be introduced and developed by integrating key areas of the ITIL framework and the collective body of knowlege that is DevOps.

    In this webinar we will take a close look at the simple things organizations can do to get most out of a balanced blend of traditional and modern IT practices.
  • Blackout: How Engineering Firm Exposed Critical Infrastructure Data
    Blackout: How Engineering Firm Exposed Critical Infrastructure Data Dan O'Sullivan, UpGuard Analyst Recorded: Aug 15 2017 31 mins
    Learn about a data exposure discovered from within the systems of Texas-based electrical engineering firm Power Quality Engineering (PQE), revealing the sensitive data of clients like Dell, the City of Austin, Oracle, and Texas Instruments, among others.

    Left accessible to the wider internet via a port used for rsync server synchronization but configured to allow public access, the breach allowed any interested browser to download sensitive electrical infrastructure data compiled in reports by PQE inspectors examining customer facilities.

    Dan O’Sullivan, the analyst who first broke the story, will go through the details of the discovery and the significant impact of this data exposure.

    For the original article: https://www.upguard.com/breaches/data-leak-pqe
  • Are Your Third Party Vendors Creating Uninvited Cyber Risk?
    Are Your Third Party Vendors Creating Uninvited Cyber Risk? Greg Pollock, VP of Product at UpGuard Recorded: Aug 10 2017 36 mins
    Many of the largest and most well known breaches are cases of third party information exposure.

    One of the largest leaks of all time was discovered when an RNC vendor, Data Root Analytics, exposed 198 million voter records, including personal details, voter information, and predictively modeled attributes such as race and religion.

    Outsourced information work is crucial for organizations to scale and remain competitive, but it should be done with careful forethought to the risks the company faces should that information be compromised.

    In this webinar you will learn:

    - Why cybersecurity is dead
    - How to mitigate cyber risk in a cost effective way
    - How vendor risk becomes your risk
    - Steps to become cyber resilient
    - How to measure success on your path towards cyber resilience
  • Cloud Leak: How a Verizon Partner Exposed Millions of Customer Accounts
    Cloud Leak: How a Verizon Partner Exposed Millions of Customer Accounts Dan O'Sullivan, UpGuard Analyst Recorded: Jul 18 2017 32 mins
    A misconfigured cloud-based file repository exposed names, addresses, account details, and account personal identification numbers (PINs) of as many as 14 million US customers of telecommunications carrier Verizon. UpGuard’s Cyber Risk team discovered this critical data repository was not exposed by the enterprise holding primary responsibility for the information, but by a third-party vendor to the enterprise.

    Beyond the sensitive details of customer names, addresses, and phone numbers—all of use to scammers and direct marketers—the prospect of such information being used in combination with internal Verizon account PINs to take over customer accounts is hardly implausible. Dan O’Sullivan, the analyst who first broke the story, will go through the details of the discovery and the significant impact of this cloud leak.


    For the original article: https://www.upguard.com/breaches/verizon-cloud-leak
  • Untangling ITSM
    Untangling ITSM Phillip Palmer, Chief Evangelist at UpGuard Recorded: Jun 29 2017 38 mins
    The Alphabet Soup of International Standards, Best Practice Frameworks, Governance Models and the like can be daunting and confusing at first. Which one is ‘Right’? Which one is the ‘Best’? Which one of these should a business use to improve?

    The good news is that it doesn’t have to be that difficult.

    Phillip Palmer has been educating and advising organisations in best practices for over 15 years. A self-described ‘Service Management Evangelist and Process and Quality Purist’, Phillip has garnered praise and awards for his infectious enthusiasm and practical application of best practice guidance.
  • The RNC Files: Inside the Largest US Voter Data Leak
    The RNC Files: Inside the Largest US Voter Data Leak Dan O'Sullivan, UpGuard Analyst Recorded: Jun 27 2017 37 mins
    In what is the largest known data exposure of its kind, UpGuard's Cyber Risk Team confirmed that a misconfigured database containing the sensitive personal details of over 198 million American voters was left exposed to the internet by a firm working on behalf of the Republican National Committee (RNC).

    Dan O'Sullivan takes us through exactly what happened and why. As the analyst who first broke the story that is now being referenced in the House Intelligence Committee hearing, he will shed more light on the events leading up to the finding and what was exposed.

    For the original article: www.upguard.com/breaches/the-rnc-files
  • WannaCry: The Cost of Unnecessary Exposure
    WannaCry: The Cost of Unnecessary Exposure Chris Vickery, Cyber Risk Analyst at UpGuard Recorded: Jun 15 2017 31 mins
    Global in scale, with across the board press coverage, the WannaCry ransomware attack has quickly gained a reputation as one of the worst cyber incidents in recent memory.

    Despite the scale, this attack relied on the same tried and true methods as other successful malware: find exposed ports on the Internet, and then exploit known software vulnerabilities.

    About our speaker: as a security researcher, Chris Vickery possesses a long track record of professional distinction and success discovering major data breaches and vulnerabilities across the cyber landscape.

    To learn more about Chris Vickery's work check out http://gizmodo.com/top-defense-contractor-left-sensitive-pentagon-files-on-1795669632
  • Compliance or Risk Management: Implications of NY DFS Cybersecurity Requirements
    Compliance or Risk Management: Implications of NY DFS Cybersecurity Requirements Elias Okwara, Team Lead, Integrations & Content at UpGuard Recorded: May 16 2017 33 mins
    The coming into effect of New York's cybersecurity compliance requirements for banks, insurance companies and their third party service providers on March 1, 2017 marked a major development in the cyber risk regulatory environment. While the impact of these rules is far from certain, the lessons in managing risk are universal. UpGuard's Elias Okwara, CIPP/E, CIPP/US, will discuss practical steps for compliance and the implications amid rapidly changing cyber threats.

    In this webinar you will learn:

    - What do the New York Department of Financial Services (DFS) cybersecurity regulations mean for financial institutions
    - Practical steps for compliance
    - Implications of the regulation amid rapidly changing cyber threats
  • Why Hackers Keep Winning
    Why Hackers Keep Winning Jon Hendren, Senior Security Researcher, UpGuard Recorded: Mar 15 2017 31 mins
    Cybersecurity is officially dead.

    Worldwide spending on security-related hardware, software and services rose to $73.7 billion in 2016 from $68.2 billion a year earlier, according to researcher IDC. This number is expected to approach $90 billion in 2018.

    Yet data breaches have been increasing steadily over the past five years. Simply adding more layers is not a sustainable approach. A deep understanding of your company and IT infrastructure is required.

    About the presenter:

    Jon is an IT security and cyber risk evangelist at UpGuard. He doesn't *like* like risk, he just likes talking about it. More importantly, he likes talking about how it intersects with business risk, and how an accurate picture of cyber risk is one of the most important steps organizations can take toward proper cyber resilience.
  • Banking Best Practices: How Financial Institutions Can Ensure Cybersecurity
    Banking Best Practices: How Financial Institutions Can Ensure Cybersecurity Elias Okwara Recorded: Mar 9 2017 33 mins
    The Conference of Bank Supervisors (CSBS), a national consortium of state banking regulators, has released its recommendations on how banks can best institute practices which meet or exceed the legal standard for cybersecurity. With bank executives accountable for ensuring these standards are met, CISOs working in the financial sector must have a clear understanding of how they can fulfill these regulatory requirements.

Embed in website or blog