ISACA Online Events

Channel profile:

Monthly webcasts on governance, risk, security and compliance

Member only webcasts

Subscribers (68,640)
Securing Data in the Age of Mega Breaches Troy Kitch, Sr. Principal Director of Security Software, Oracle With an unprecedented number of data breaches exposing hundreds of millions of records, organizations are scrambling to stay ahead of attacks. The numbers reveal the challenges:

•60% of organizations compromised within minutes
•76% of data breaches feature lost, stolen, or weak user credentials
•99.9% of vulnerabilities compromised more than a year after the patch was made available

Though the risks are outside of our organizations, the vulnerabilities that are exploited reside within. Join Oracle security experts as they discuss the latest controls—spanning both preventive and detective—that can help organizations mitigate the vulnerabilities within in order to mitigate the next data breach. This session will help you develop a framework for deploying security controls that aligns with the value of your data, expediting and simplifying deployment at lower costs.
Read more >
Jul 9 2015 4:00 pm
UTC
60 mins
Attend
  • Live and recorded (123)
  • Upcoming (2)
  • Date
  • Rating
  • Views
  • There’s no doubt about it, smart devices are proliferating – and as they do, security pros have their work cut out for them. Not only are consumer devices on the rise that have embedded networking and computing technology (e.g. televisions and household appliances), but we’re also seeing integration in other areas as well: everything from automobiles to thermostats to smoke detectors now might ship with networking capability built in.

    For security practitioners in enterprise, this can have serious ramifications: not only do they potentially require traditional “security hygiene” activities (e.g. patching and monitoring), but they can also introduce other complexities as well. For example in situations where they might find their way into regulatory-governed environments (e.g. the PCI cardholder data environment) or when adoption happens without involvement from IT.

    This round table session will discuss how enterprises can approach securing the Internet of Things in their environments and how they can adjust their security programs to ensure that the environment stays protected going forward.

    Panelists:
    Scott Morrison, Senior Vice President and a Distinguished Engineer at CA Technologies
    Chris Poulin, Research Strategist, X-Force at IBM
    Gunnar Petersen, Founder/Principle Arctec Group & Visiting Scientist @ Carnegie Mellon
  • En 2013, en Estados Unidos el Presidente Obama emitió la orden ejecutiva (EO) 13636, con el fin de mejorar la Ciberseguridad de las Infraestructuras Críticas, haciendo un llamamiento a la industria para el desarrollo de un Marco de Ciberseguridad basado en riesgos que de manera priorizada, flexible, repetible, eficaz y rentable permita su implantación en cualquier empresa un organización independiente de su tamaño o sector.

    Este Marco de Ciberseguridad ha sido desarrollado con la participación tanto de Asociaciones Empresariales, como con la participación de responsables y operadores de las infraestructuras críticas de EEUU y bajo el liderazgo del Instituto Nacional de Estándares y Tecnología (NIST).

    En esta charla aprenderemos los conceptos básicos de COBIT®5 y como en este caso el Marco de Negocio para el Gobierno y la Gestión de las TI de ISACA® nos puede ayudar en la implantación del Marco de Ciberseguridad del NIST® asegurando nuestras organizaciones frente a este tipo de amenazas.
  • Find out how actionable SIEM threat intelligence, visibility and integration can help security teams to detect critical events as well as align the right response for thwarting the attack.

    Businesses need to meet the dynamic threat environment with more adaptive security strategies that address critical events within the golden hour. Review how security professionals remain challenged by advanced attacks, benchmark your organization against your peers and discover how SIEM can help sort through the noise in real time to reveal and stop the underlying threats.
  • Technical knowledge and skills are no longer enough to be a high performing leader and to engage and motivate employees for achievement. Recent studies show that self-awareness among leaders is the strongest predictor of overall success and having more women in leadership roles is correlated with stronger financial returns. Conscious leadership is the management imperative for performance sustainability and is a critical competency in navigating the fast pace and ever changing complexity of organizations.

    Join us to learn what it means to be a Conscious Leader and how to:

    •Assess your level of awareness
    •Develop and leverage conscious leadership skills to elevate your personal leadership style.
    •Strengthen your self-awareness, personal capacity and resilience necessary to flourish in critical roles.
    •Gain an understanding of how to attract, develop and retain women leaders in your organization.
  • A significant portion of privacy breaches originate within the organizations contracted to perform services for them. The organizations that entrusted access to those vendors will share responsibility for the breaches; generally the less due diligence they've performed to ensure the third party had appropriate security and privacy controls, the more responsibility they will have for the damages done. Any organization can be victimized by a breach, even when the breach occurs outside its control within a contracted third. Organizations that outsource data services of any kind to a third party needs to establish need to address this risk by establishing an effective framework for management third party information security and privacy oversight and risk mitigation. Rebecca has led and performed over 200 third party information security and privacy program reviews/audits. During this webinar Rebecca will described from her experience and supporting research the most common risks that third parties present to those contracting them. These include not only long-standing problems, but also emerging problems from the use of big data analytics, cloud computing, mobile computing, and the increasing use smart “things.” She will also describe what she has identified to be the most efficient framework to use to manage those risks.
  • This webinar is a preview of a forthcoming ISACA publication, and serves the following learning points in a brief manner given the time allotted:
    •Understand the significance of Business Benefits Realization in today’s organizational context
    •Learn how the COBIT 5 framework principles and enablers facilitate the management of Business Benefits Realization
    •Become aware of some current approaches to assess Business Benefits – a key challenge faced by business and IT teams
    •Gain practical guidance and advice on approaches towards effective and efficient implementation of Business Benefits Realization
  • Strong authentication and Single Sign-On can be a powerful combination to mitigate the threat of data breaches while providing a convenient user experience, but is that enough? What happens if credentials are stolen? What can be accessed during the session?

    Please join Carol Alexander, Director, Authentication Solutions and Russ Miller, Director, Security Solutions to learn how Intelligent Authentication and Single Sign-On including Risk-Aware Session Management can help improve session security.
  • Technology, Creativity, Risk Management. What do these three have in common? Risk management is not ordinarily seen as a creative discipline. In fact, in many organizations, creativity can be actively discouraged when it comes to the risk management function. But looking ahead, as new technologies develop and transform how we do business, an innovative risk management culture can not only increase efficiency and throughout, but can also increase quality and accuracy as well. The key is in adopting the right changes and in fostering an open culture of innovation to not miss opportunities that arise. This talk will discuss practical aspects of applying new creative and agile techniques and discuss real life examples where they've added tremendous value to organizations. Learn how you might adapt your Risk Management culture to make it a Culture driven by Creative Growth rather than Negative Compliance.
  • Information security is simply not detecting the bad guys, according to the Verizon Data Breach Investigations Report. Antivirus, intrusion detection systems, and log review all pick up less than 1% of data breach incidents. In fact, very few companies do proactive monitoring and those that do are simply troubleshooting problems they already know about. The result is that 86% of data breach incidents were ultimately detected by someone other than the victimized organization; an embarrassing statistic. Only 35% of organizations audit to determine whether privileged users are tampering with systems. As well, for nearly 70% of organizations, it would take greater than one day to detect and correct unauthorized database access or change. With average data breach compromises taking less than a day, the majority of organizations could lose millions of dollars before even noticing.
    Join Oracle and learn how to put in place effective activity monitoring including:
    •Privileged user auditing for misuse and error
    •Suspicious activity alerting
    •Security and compliance reporting
  • La privacidad es una realidad que las compañías tienen que asumir para prevenir daño a su imagen, sanciones económicas y asegurar la información de sus interesados, por otro lado, los avances tecnológicos (BYOD, Cloud, redes sociales, Big data y otros) incorporan vulnerabilidades a nuestras organizaciones con alto impacto en la privacidad.
    Debemos comprender el estado de la privacidad en las compañías, considerando ejemplos históricos y recientes, para analizar los riesgos de las compañías, hablaremos sobre que se debería esperar tras la publicación del reglamento Europeo y la legislación en Latino América y algunos caminos para resolver el gap entre necesidades de privacidad y la realidad.

Embed in website or blog