Michael F. Angelo | Stephen Lipka, CISO and Consulant | Vince Campitelli | Mark Kadrich | Michelle Cobb, Skybox Security
Securing cloud environments is a shared responsibility between your organization and your cloud service provider. But upholding your end of the bargain can be a challenge in these dynamic, complex environments — especially when dealing with a mix of physical networks and public and private clouds. In this webinar, we will discuss issues and strategies for handling Cloud Services and Enterprise Integrations. Amongst the topics covered we will attempt to address the issues of:
- How do cloud services impact security implementations?
- Who is responsible for defining security and how does one implement a security management program in an integrated enterprise cloud service environment?
- What transitional issues may occur during your migration? How do you audit a cloud service?
Register for the webinar to see the issues and benefits of handling cloud services and enterprise integration.
Fileless malware attacks are steadily growing in recent years, both in absolute numbers and in their share of the threat landscape. Fileless attacks pose an increasing threat to organizations and a challenge for security vendors, due to the use of various non-executable file formats for infection, and the ability to conduct parts of the attack vector in-memory only. Cyber criminals are adopting fileless and memory-based attack techniques, which were once mostly used by nation-states. The panel will deal with the various differing definitions of fileless malware, overview some of the solutions and approaches taken by industry players in protecting from fileless threats, and discuss ideas and best practices for dealing with these threats.
It's everyone's favorite time of year. What will we learn from this
year's breach reports? Join us as we review the latest data, look for
lessons and trends, and help you understand what it all means. Our
panel of experts will focus on how security professionals can learn
from the data, and hopefully avoid becoming a statistic for next
Due to the volume of new vulnerabilities announced (14,000 new CVEs in 2017 alone), complex environments in which they exist and an increasingly well-equipped threat landscape, intelligent automation has never been more important to cyber risk reduction. In this panel discussion, we’ll examine where automation is needed to support a risk-focused vulnerability management program.
Register to learn:
· What data sources beyond vulnerability scanners are needed to automate vulnerability discovery in physical IT, multi–cloud and OT networks
· How automation can help break down data silos between vendors, processes and teams
· Why analytics–driven automation is needed to analyze vulnerabilities in the complete context of your attack surface
· How automated analysis can identify best remediation options — and not just available patches
Join the ISSA panel in a webinar that examines why automated solutions are no longer sufficient to counter the threat landscape, and how automated solutions can help build a holistic, proactive vulnerability management program
The prolific outburst of IoT devices in our lives has become a boon or a curse. Boon as they make it easy to interact with "Things" and Curse as they make it easy for hackers to invade our privacy and breach security.
Implementing Security in IoT devices is still after thought.This webinar looks at the challenges of securing IoT devices against threats and discusses about the options available to secure these devices.
We will be examining blockchain technology and its proliferation in our data security architectures. Our speakers will discuss their experiences with BC technology, how it’s working today, plans for taking advantage of it in the future, and possible technical issues that may affect its long term efficacy.
Beating Hackers at Their Own Game: Security Awareness Strategies That Work
If 2017’s explosion of cybersecurity breaches taught us anything, it’s that our workforces, more than ever, are one of our most critical defenses. But with as much as 30% of employees unable to spot a phishing email, how do you keep hackers from hijacking your data? The seemingly obvious answer is security awareness training. Unfortunately, many security education programs today fail to sufficiently change employees’ security attitudes, skills and behaviors -- providing a false sense of protection and safety. Even worse, 48% of companies do not have an employee security education program.
If your New Year’s infosec resolutions include launching a security awareness initiative, or reviving an existing one, what better way to guarantee results than to learn from pros who have been in your shoes. Join our expert panel as they share:
● Their most effective security awareness strategies to improve your organization’s security posture
● Proven methods to get employees to take security seriously (before a breach occurs)
● Security awareness program pitfalls to avoid and biggest lessons learned
● Predictions on what will cyber attacks will look like in the next couple years and what you should do in your security awareness program today to prepare
We are all concerned about Privacy. Every day there we hear about multiple PII breach announcements. Our current solution – lets create laws to require announcements and levy fines to encourage proper activities and protections. With GDPR looming on the horizon, as the most recent and perhaps the most comprehensive regulation yet, we find ourselves wondering if others will adopt similar regulations. If so, do we as security professionals need to be concerned about our ability to perform forensic analysis, and gather information outside of our realm of direct influence to identifier a hacker? Do elements of GDPR create a situation in which hunting for a hacker might violate their privacy rights? In the end will companies still be able to monitor and protect their assets as they do today, or will it require a change? This webinar will provide insight into the Privacy vs Security Debate.
With cybersecurity concerns escalating, organizations of all sizes have scrambled to boost budgets, hire talent and improve security operations – all in the hopes of catching up with and defeating a sophisticated and nearly-invisible enemy. But in this rush to build the SOC according to perceived industry best practices, have we truly optimized our human, technological and procedural resources? Or are we all SOC, and no action? If we took a moment to regroup and build the whole system again from scratch, would it be better than the SOC we’ve reached today by throwing resources at the problem? And if so, where did we go wrong – and how do we course correct? Join a panel of experts to discuss their visions of the perfect SOC and its top priorities while exploring how it can be evolved to achieve them.
2017 was a horrendous year in cyber security every month was filled with major breaches, hacks, and attacks surfacing. The nature and range of the attacks varied from email hacking to recently announced vulnerabilities being exploited, from minor incursions to (potentially) everyone’s financial history being stolen. 2017 will probably go down as the worst year for Cyber Security with all the previous year’s events having been far surpassed. Even our doom and gloom or same old same old predictions of last year have been blown away. The question now, will 2018 bear the full weight and impact of the events of 2017, or will it have its own harrowing events. Will the growing impact and occurrences spotlight security and translate in terms of media and regulatory attention? What kinds of threats will dominate the 2018 landscape?
Join us, make notes, and then check back in a year to see how our panel of experts did in providing insight and making predictions for the 2018 challenges to InfoSec.