ISACA Online Events

Channel profile:

Monthly webcasts on governance, risk, security and compliance

Member only webcasts

Subscribers (71,527)
Encrypting is the Easy Part; Managing Those Keys is Difficult Troy Kitch and Saikat Saha, Oracle Security threats and increased regulation of personally identifiable information, payment card data, healthcare records, and other sensitive information have expanded the use of encryption in the data center and cloud. As a result, management of encryption keys, certificates, wallets, and other secrets has become a vital part of an organization’s ecosystem, impacting both security and business continuity. Join this ISACA and Oracle webcast as we examine the challenges with encryption, on premise and in cloud, and how key management best practices can help facilitate the secure deployment of encryption across the enterprise. Challenges we’ll address include:
•Managing encryption keys, Oracle Wallets, Java Keystores and Credential files across the enterprise
•Securely sharing keys across authorized endpoints
•Auditing key access controls and key lifecycle changes
•Detailed management reports
Read more >
Oct 8 2015 4:00 pm
60 mins
Save your seat
  • Date
  • Rating
  • Views
  • The immediate role of audit independence is to serve the audit, and the objective of the audit is to improve the reliability of information used for investment, critical decisions, and compliance. However, auditors possess knowledge of risk and assurance as well as other concepts that can be of benefit to the enterprise with implementing new processes and systems. As a result auditors are called upon to contribute to strategic projects. Ultimately, audit must evaluate if their involvement presents a risk of impaired objectivity.

    Nathan Anderson, CISA, CRISC
    Jim Enstrom
    Diana Kelley, Executive Security Advisor (ESA) to IBM Security
  • We live in a world where everything is driven by applications, connectivity, and mobility. Your customers are now far more likely to interact with your enterprise through software than a live person, and employees are conducting more business on mobile devices than traditional laptops and workstations. A critical success factor for thriving in this new reality is the ability for the enterprise to accurately identify users in a way that is both convenient to them and cost effective, while also protecting their identities and data from potential fraudsters.

    Join this webcast where Carol Alexander, Head of Authentication Solutions, and Charley Chell, Security Advisor, from CA Technologies will discuss how you can transparently leverage data from mobile devices to help identify the legitimacy of a user attempting to login or perform a sensitive transaction. Learn the key factors and considerations in using contextual authentication within your mobile applications to protect against inappropriate access and data breaches.
  • Vivimos en tiempos de cambios acelerados y retos constantes. La cantidad de datos que se crea cada día, cada minuto, cada segundo, alcanza volúmenes sorprendentes. Eric Schmidt, Chairman Ejecutivo de Google dijo: “Desde el nacimiento de la civilización hasta 2003, la raza humana generó 5 exabytes de datos. Ahora, producimos 5 exabytes cada dos días... y el ritmo se está acelerando”. Así, el volumen de datos que generamos, la velocidad con que los creamos y la variedad que utilizamos, forman lo que ha sido conceptualizado como Big Data. Un complejo y vasto mar de datos que está ahí disponible para ser usado, estudiado y comprendido a través de poderosas y complejas técnicas de análisis que permitirán a organizaciones de todo tipo comprender mejor su entorno, pero ¿Qué riesgos enfrentamos al explorar estos modelos? ¿Cómo puede afectarse a la seguridad de la información? y, más importante ¿Qué efectos puede tener en la gente?

    Acompañe a ISACA y a Carlos Chalico en una conversación sobre Riesgos en el Manejo de Big Data y Analíticos, familiarícese con estos conceptos, con los riesgos que se les relacionan y con las medidas de control que puede definir al respecto. Le recomendaremos algunos libros que leer y, sobre todo, le prepararemos para que esté listo para atender las conferencias del próximo LatinCACS que tendrá lugar del 21 al 22 de septiembre en la Ciudad de México.
  • Greg will discuss his views on Career Insights, the challenges and hidden opportunities that lie in front of you.

    Also, in light of personal and career development towards the management ladder, Greg will discuss his views on developing executive presence in order to recognize behaviors and actions to ensure a more successful journey.
  • Data breaches and their aftermath are commonplace, with no signs of slowing. The threats you face today are created by savvy criminals leveraging advanced techniques to surgically target network openings you may not know you have. And while the situation is serious, with certain smart network changes and a healthy-dose of ‘knowing your enemy,’ the prognosis is quite good.

    Join Intel Security experts as they offer forensic insight into recent research that identified five of the most common network attack methods that data thieves love to use. This session will provide practical guidance on how criminals view your network, how to use that information to maintain a dynamic security profile, and ways to minimize the likelihood of a breach and its injurious repercussions.
  • ISACA and the RSA undertook a survey in early 2015 to understand the State of Cybersecurity and the implications on you, your role and your organization. The session will present the key results from the survey including the current threats and vulnerabilities, changes in the threat landscape and where the threats are coming from, how enterprises are responding and where are the gaps in the industry and with staff. The results will include implications including skills gaps for employers who are looking to solve their growing cyber challenges.
  • With an unprecedented number of data breaches exposing hundreds of millions of records, organizations are scrambling to stay ahead of attacks. The numbers reveal the challenges:

    •60% of organizations compromised within minutes
    •76% of data breaches feature lost, stolen, or weak user credentials
    •99.9% of vulnerabilities compromised more than a year after the patch was made available

    Though the risks are outside of our organizations, the vulnerabilities that are exploited reside within. Join Oracle security experts as they discuss the latest controls—spanning both preventive and detective—that can help organizations mitigate the vulnerabilities within in order to mitigate the next data breach. This session will help you develop a framework for deploying security controls that aligns with the value of your data, expediting and simplifying deployment at lower costs.
  • There’s no doubt about it, smart devices are proliferating – and as they do, security pros have their work cut out for them. Not only are consumer devices on the rise that have embedded networking and computing technology (e.g. televisions and household appliances), but we’re also seeing integration in other areas as well: everything from automobiles to thermostats to smoke detectors now might ship with networking capability built in.

    For security practitioners in enterprise, this can have serious ramifications: not only do they potentially require traditional “security hygiene” activities (e.g. patching and monitoring), but they can also introduce other complexities as well. For example in situations where they might find their way into regulatory-governed environments (e.g. the PCI cardholder data environment) or when adoption happens without involvement from IT.

    This round table session will discuss how enterprises can approach securing the Internet of Things in their environments and how they can adjust their security programs to ensure that the environment stays protected going forward.

    Scott Morrison, Senior Vice President and a Distinguished Engineer at CA Technologies
    Chris Poulin, Research Strategist, X-Force at IBM
    Gunnar Petersen, Founder/Principle Arctec Group & Visiting Scientist @ Carnegie Mellon
  • En 2013, en Estados Unidos el Presidente Obama emitió la orden ejecutiva (EO) 13636, con el fin de mejorar la Ciberseguridad de las Infraestructuras Críticas, haciendo un llamamiento a la industria para el desarrollo de un Marco de Ciberseguridad basado en riesgos que de manera priorizada, flexible, repetible, eficaz y rentable permita su implantación en cualquier empresa un organización independiente de su tamaño o sector.

    Este Marco de Ciberseguridad ha sido desarrollado con la participación tanto de Asociaciones Empresariales, como con la participación de responsables y operadores de las infraestructuras críticas de EEUU y bajo el liderazgo del Instituto Nacional de Estándares y Tecnología (NIST).

    En esta charla aprenderemos los conceptos básicos de COBIT®5 y como en este caso el Marco de Negocio para el Gobierno y la Gestión de las TI de ISACA® nos puede ayudar en la implantación del Marco de Ciberseguridad del NIST® asegurando nuestras organizaciones frente a este tipo de amenazas.
  • Find out how actionable SIEM threat intelligence, visibility and integration can help security teams to detect critical events as well as align the right response for thwarting the attack.

    Businesses need to meet the dynamic threat environment with more adaptive security strategies that address critical events within the golden hour. Review how security professionals remain challenged by advanced attacks, benchmark your organization against your peers and discover how SIEM can help sort through the noise in real time to reveal and stop the underlying threats.

Embed in website or blog