Hi [[ session.user.profile.firstName ]]

ISACA Online Events

  • Date
  • Rating
  • Views
  • IT/OT Convergence and Industrial Cybersecurity IT/OT Convergence and Industrial Cybersecurity Frank Schettini, CIO at ISACA, Marcus Sachs, Sr. VP and CSO at NERC, and Eric Cosman, ISA Executive Board Member Recorded: Jul 20 2016 62 mins
    Much has been written and presented on the topic of “IT/OT convergence”; a phrase used to describe the trend that is blurring the line between what have traditionally been well-differentiated classes of information technology based systems. The IT term has been retained as shorthand for the tradition business-oriented solutions, while the OT term has gained acceptance as a means of referring to the application of information technology in an Operations context (including automation).

    While this trend is well established, the full implications are still developing in areas such as the management and protection of systems against cybersecurity threats. The diversity of technologies involved ensures that there is effective collaboration across multiple disciplines. This webinar examines various aspects of this phenomenon and identifies specific implications for industrial control systems cybersecurity.

    You will learn about…
    • How this convergence has been developing over the years, and how it has shaped responses in many areas.
    • How the convergence is reflected in international standards for cybersecurity, such as ISA/IEC 62443.
    • The typical and needed responses from the various stakeholders.
    • The importance of consequence estimation for the asset owner.
    • The fundamental concepts that form the basis of the ISA/IEC 62443 standards and practices.
    • The resources available for those creating their cybersecurity management system.
  • How to Protect Yourself in the World with No Parameters How to Protect Yourself in the World with No Parameters Ruchin Kumar, Security Evangelist, Identity & Data Protection, Gemalto Recorded: Jul 6 2016 55 mins
    Let’s understand the new reality of data protection, which is dynamic and keeps improving itself to beat the bad guys. New technologies – like the cloud, mobility, virtualization – as well as the consumerization of IT are transforming how applications and services are delivered and how data and information is accessed.

    Perimeter security used to be enough. It used to be sufficient to put up a big wall around your sensitive information and encrypt that data between gated sites. That is no longer the case. Data is in more places than ever before and our enemies are not simpletons. The only way to be truly certain that your data is safe is to encrypt the data itself wherever it resides. At Gemalto we have coined the phrase “securing the breach.” Organizations have to expect that their “perimeter” security can and will be breached at some point; however, if the data behind the walls is encrypted, the breach is inconvenient – not detrimental.

    Join us for this interactive webinar where we will discuss:
    •Security of data in the cloud;
    •Strong identity authentication and authorization;
    •Best practices in encryption and key management;
    •What’s coming next and what to do now to remain on the safe side.
  • Breaking the Data Breach Kill Chain Breaking the Data Breach Kill Chain Dale R. Gardner, CA Technologies PAM Recorded: Jun 21 2016 60 mins
    Cybercrime costs the global economy $445 Billion a year, more than the worldwide illicit drug trade, and even the GDP of many countries. And, targeted breaches are increasingly a tool of nation-states seeking intellectual property, dossiers on influential individuals, and devastating disruptions of business operations.

    But for all their variety, each of these attacks share a common thread — a kill chain that exploits privileged users and their credentials to gain access to sensitive systems. Privileged access management is the most direct means of disrupting the kill chain and stopping attackers before they ever get started.

    Join CA Technologies Dale Gardner and ISACA in an informative discussion on how to break the kill chain.

    You will learn:
    • How risks from system breaches — and the potential for long-lasting damages — are increasing
    • How attackers exploit privileged users and their credentials in an ongoing string of data breaches and security incidents
    • How to master the processes and tools needed to easily disrupt the kill chain, stopping attackers in their tracks and preventing breaches.
  • Next-Gen GRC: Building a Road to GRC Maturity Next-Gen GRC: Building a Road to GRC Maturity Charlie Miller; Diana Kelley; Dave Newell; Patrick Potter Recorded: Jun 16 2016 58 mins
    The standards and expectations have never been higher for corporate governance, risk management, and controls that ensure institutions anticipate, evaluate, and mitigate risks and impacts to business operations. The need for efficient processes, automated controls and Governance Risk and Compliance (GRC) processes and solutions is evolving toward automating and connecting disparate risk disciplines to better identify, assess, manage, mitigate, monitor, and report on risks.

    Join RSA and a renowned GRC panel of experts for a live discussion on moving to the next generation of GRC solutions.

    You'll learn:
    • Where to begin – smaller corporations to global enterprises – makes a difference.
    • Baseline components of a GRC program.
    • Risk management practices, key challenges, and supporting technologies.
  • Key Lessons from the IT Audit Director Forums Key Lessons from the IT Audit Director Forums Frank Schettini, Chief Innovation Officer at ISACA Recorded: Jun 14 2016 58 mins
    The 2016 ISACA IT Audit Director Forums held in conjunction with North America and Euro CACS demonstrate what top IT Audit Leaders perceive as top challenges facing IT auditors. Among other topics, forum participants discussed challenges, opportunity and best practices related to Cybersecurity, Big Data, Regulation and Compliance, and Talent Hiring and Retention. This presentation will provide a look into the most significant conclusions drawn from these meetings and the role that ISACA plays in helping IT auditors meet new challenges.

    You will learn:
    • Top challenges facing IT Auditors
    • Key lessons emerged from the forums
    • Recommendations on how to build IT Audit experience that matches the new IT landscape
  • Ransomware: Breaking the Criminal Business Model Ransomware: Breaking the Criminal Business Model Ryan Olson, Intelligence Director, Palo Alto Networks and Scott Simkin, Senior Threat Intelligence Manager, Palo Alto Network Recorded: Jun 9 2016 57 mins
    Ransomware isn’t a malware problem, but a criminal business mode. Cyber attackers have perfected the key components of a ransomware attack, earning significant revenue from their malicious activity. Impacted organizations may face significant monetary loss in order to free their data, as well as operational impacts from loss of critical systems.

    The standard answer to ransomware infections has been to pay up or give up, but there are better approaches that can prevent this threat before it gets into your organization. This session will share the latest ransomware research by Unit 42, the Palo Alto Networks threat research team, as well as how to architect your security posture to prevent this critical threat.

    You will learn:
    • Evolution of ransomware
    • Methods of infection
    • Key ways to prevent and recover
    • The future of ransomware
  • Becoming the Boss: 10 Key Steps for Advancing to Executive Management Becoming the Boss: 10 Key Steps for Advancing to Executive Management Danny M. Goldberg, CPA, CISA, CGEIT, CRISC, Founder of GoldSRD Recorded: May 19 2016 58 mins
    The step up into management seems to be a long and far off leap for many staff. Many obstacles, office politics, managing people, working well within in teams….lots of variables come into play. This webinar will take attendees through key steps that every staff should take to advance their careers.

    Objectives (You’ll Learn):
    • Basics of managing teams and personnel and the key to good relationships
    • How to further your business acumen at your organization
    • Learn to weather the storm of office politics
    • Effectiveness of asking simple questions
  • How to Get Away With Data (Exfiltration) How to Get Away With Data (Exfiltration) Itzik Kotler, CTO and Co-founder, SafeBreach Recorded: May 12 2016 56 mins
    The last phase of the cyber kill chain – before attackers get away with your "crown jewels" – is data exfiltration. Yet, many companies aren't focused enough on this phase. In this webinar, SafeBreach CTO and Co-founder Itzik Kotler demonstrates unique attacker data exfiltration techniques, and shares best practices on how to proactively and preemptively identify breach scenarios in your environment before an attacker does.

    You will learn:
    • Enterprise trends and risky behavior from real-world SafeBreach deployments.
    • Attacker techniques for data exfiltration.
    • Strategies to proactively identify breach scenarios.
  • The Inverted Cloud of Operability The Inverted Cloud of Operability Professor John Walker, Nottingham Trent University Recorded: Apr 20 2016 56 mins
    At time of introduction, cloud was seen by some as outsourcing Mk2, which at times was considered to be synonymous with insecurity, associated with off-perimeter infrastructures, within which companies would potentially store and process some of their most valuable assets. More concerns were also raised relative to the legal challenges, IPR, and other such implied exposures when interfacing commercial assets with none company actors and service providers.

    In this webinar we will commence by investigating the evolution of cloud, and move on to identify some of the positives of embarking on a cloud mission, and look at the negatives which may be encountered along this route. We will seek to expand the conversation into the realms of service delivery, contracts, SLA’s, legalities, incident response, escrow, and of course security.

    To underpin this session, let us consider the entry strapline:

    The selection of a quality cloud provider can bring multiple benefits to the operations of any business. However, the selection of a low quality cloud provider can represent the worst case nightmare scenario. Let us discuss.
  • Protecting the Software Defined Data Center Protecting the Software Defined Data Center Dale R. Gardner, CA Technologies PAM, and Jeremiah Cornelius, Senior Security Architect, VMware Recorded: Apr 14 2016 62 mins
    Virtualized network systems are inherently more secure than physical networks, since what is deployed can be known with absolute certainty – and therefore can be precisely identified and secured. And because the network is defined in software, connections can be securely defined only as a consequence of policy – rather than trying to add policy to physical network links after they’ve been deployed. Security is built in, rather than bolted on after the fact.

    Network virtualization platforms for the Software-Defined Data Center (SDDC) bring the operational model of a virtual machine to your data center network, transforming the economics of network and security operations. This allows you treat your physical network as a pool of transport capacity, with network and security services attached to VMs with a policy-driven approach. Adding specialized protections to monitor and control the activities of privileged users, and to protect and secure the credentials they use are critical to achieving comprehensive security.

    Join us for this informative webcast to learn the key components required for protecting the Software-Defined Data Center.

Embed in website or blog