Hi [[ session.user.profile.firstName ]]

(ISC)2 Think Tank

  • Date
  • Rating
  • Views
  • Insider Data Breach – Separating the Malicious from the Mistaken
    Insider Data Breach – Separating the Malicious from the Mistaken
    Sudeep Venkatesh, Chief Product Officer, Egress; Charles Moore, Opinions Matters; Spencer Wilcox, Brandon Dunlap (Moderator) Recorded: May 9 2019 56 mins
    According to a recent Ponemon Institute survey, the average data breach costs $3.8M, up 6.4% from 2017. When it comes to an insider data breach, 95% of IT leaders view this as a concern for their organization (statistic from 2019 Data Breach Survey from Egress Software and Opinions Matters). Employees can put sensitive data at risk by accessing or sharing without permission, just because they are “curious” or intrigued by the content. An insider data breach can be the most damaging, the most expensive and the most difficult to detect and stop. How can an organization deal with these insider data breaches? Join Egress Software and (ISC)² on May 9, 2019, at 1PM Eastern for a wide-ranging discussion on insider data breaches, the malicious and the accidental and what can be done to mitigate such occurrences.
  • Going Off Script – Code Eats InfoSec
    Going Off Script – Code Eats InfoSec
    Tarik Saleh, Snr Sec. Engr, DomainTools; Erik von Geldern, CISO, FXCM; Clinton Campbell, CEO & Prin. Consul., Quirktree, LLC Recorded: Apr 11 2019 58 mins
    Marc Andreessen famously said “Software is eating the world”, but what about in InfoSec? In the beginning, security practitioners depended on Excel and VB scripts to make sense of their data. Today, machine learning is aiding in the discovery and reporting of insights. As more and more cloud-forward companies are embracing an “infrastructure-as-code” model, what does this mean for the security leaders of tomorrow? Is automation important to your role and to the organization’s infosecurity posture? If so, join DomainTools and (ISC)2 on April 11, 2019 at 1:00PM for a discussion on security automation and how being fluent with programming languages and scripting can expand your knowledge and value to an organization, as well as strategizing for machines to work in harmony with the compliance and risk teams.
  • Smelling the Roses at 100Gb - Security Tooling at the Speed of Life
    Smelling the Roses at 100Gb - Security Tooling at the Speed of Life
    Ron Nevo, CTO, cPacket Networks; John Carnes, Info Sec. Architect; Gordon Rudd, 3rd Party Risk Officer, Venminder, B. Dunlap Recorded: Mar 14 2019 56 mins
    Ferris Bueller famously said, “Life moves pretty fast. If you don’t stop to look around once in a while, you could miss it.” With complex data flows now reaching speeds 100G, what are your security tools missing? Can they handle the increased volume of information that’s coming in? By making use of packet brokers, you can get the visibility you need and not miss out on life. Join cPacket Networks and (ISC)2 on March 14, 2019 at 1:00PM for a discussion on packet brokering visibility across the network, the need for pre-egress filtering and how the convergence of NetOps and SecOps can help protect your company’s top-line revenue and productivity.
  • Detecting & Preventing Threat Evasions Techniques – 2019 And Beyond
    Detecting & Preventing Threat Evasions Techniques – 2019 And Beyond
    Shimon Oren, Deep Instinct; Jared Peck, Financial Services; Rob Armstrong; Colossal Technologies, LLC; B. Dunlap (Moderator) Recorded: Feb 14 2019 59 mins
    Cyber-attacks and the threat actors behind them are becoming more and more sophisticated. Today’s attackers adopt existing techniques, modify them and develop new capabilities much faster than ever before. This translates not only to more attacks, but also to a bigger share of attacks which are highly evasive and stealthy, and inevitably more challenging to prevent or detect over-time. How does an organization stay up-to-speed with the varied attacks that are aimed at them? Join Deep Instinct and (ISC)2 on February 14, 2019 at 1:00PM Eastern when we’ll review several common and emerging evasion techniques in today’s threat-landscape and discuss the best avenues to counter them in terms of technology and cost-effectiveness.
  • Dangerous Documents – Attachments That Compromise Organizations
    Dangerous Documents – Attachments That Compromise Organizations
    Tarik Saleh, Snr Sec Engnr, DomainTools; John Carnes, Info Sec Healthcare; Aamir Lakhani, Sen Sec Strat & Rsrchr; Dr. Chaos Recorded: Jan 31 2019 58 mins
    Scam and Phishing emails continue to put organizations of all sizes at risk. A favored vector of attack is the use of a malicious Office document attachment or PDFs to gain a foothold into a targeted system. These types of threats can put account credentials, financial, healthcare information, and other highly sensitive data at risk. How can an organization defend against the onslaught of such attacks that continue to plague them unabated? Join DomainTools and (ISC)2 on January 31, 2019 at 1:00 PM Eastern for a roundtable discussion on mitigating the prevalence and distribution of malicious documents and their payload.
  • Employing Users as Your Quality Control
    Employing Users as Your Quality Control
    Josh Bartolomie, Dir, Res & Dev, Cofense; Sharon Smith, Fndr, C-Suite Results; Theresa Frommel, Act Dep CISO, State of MO Recorded: Jan 17 2019 58 mins
    Process automation delivers a lot of promises. A car can be assembled in less than a day and vegetables can go from vine to can in hours. Sensors look for obvious flaws, but at points in the production process there is human oversight in the form of quality control. The same holds true for protecting against phishing threats. Automation can help weed out some of the bad stuff, but bad actors and new threats constantly outsmart the latest sensors. Join Cofense and (ISC)2 on January 17, 2019 at 1:00PM Eastern for a panel discussion examining strategies on how to enable your workforce to be quality control when it comes to malicious emails to know when something isn’t right and what to do when they see something.
  • Halt! Who Goes There? Improving the Intersection of Identity & Security
    Halt! Who Goes There? Improving the Intersection of Identity & Security
    John MacInnis, Prd Mktg Mgr, IAMS, HID Global; Tariq Shaikh, Sr. Security Adv., IAM, Aetna; Erik Von Geldern, CISO, FXCM Recorded: Dec 6 2018 61 mins
    With the multiple points of access to an organization, both internal and external, as well as physical and electronic, identity and access control is a critical security concern. Practitioners need to constantly monitor and assess the organization’s security posture, access provisioning and even the on boarding of employees, partners and customers. Join HID Global and (ISC)2 at 1:00pm Eastern Thursday, December 6, 2018 for a discussion on why identity has become the center of security and how to better manage identity, access management and authentication in your enterprise.
  • Maintaining (and Improving) Security on your Journey to Cloud
    Maintaining (and Improving) Security on your Journey to Cloud
    Jason Garbis, VP of Cyb. Products, Cyxtera; Mike Brannon, Dir. Infra. & Sec., National Gypsum; Spencer Wilcox, B. Dunlap Recorded: Nov 29 2018 60 mins
    Like a good rollercoaster, a journey to the cloud can be both exhilarating and terrifying. Unlike a rollercoaster, however, a cloud journey is a long-term commitment and requires thoughtful planning, especially the need to ensure security and compliance controls. Join Cyxtera and (ISC)2 on November 29, 2018 at 1:00PM Eastern for a discussion on making a secure journey to the Cloud and the benefits of a software-defined perimeter.
  • Email and the Web – Defending Against Attackers’ Favorite Vectors
    Email and the Web – Defending Against Attackers’ Favorite Vectors
    Matt Gardiner, Dir. Prd Mkg, Mimecast; Derrick Butts, CIO/CO, Truth Init.; Bruce Beam, Dir Infr & Sec (ISC)²; Brandon Dunlap Recorded: Nov 8 2018 58 mins
    According to the Verizon Data Breach Investigations Report 2018, 99% of malware, such as ransomware, trojans, and RATs, were delivered via malicious email attachments or via the web. With the vast majority of all security incidents and breaches using email and the web -- and the necessity of these services to your organization’s day-to-day operations -- how can you protect yourself? What are the best practices for defending against these types of threats? What are the best methods of acquiring, deploying and managing these protections? Join Mimecast and (ISC)2 on November 8, 2018 at 1:00PM Eastern for a discussion of these questions and the methods attackers are currently using to accomplish their goals, how attackers are using email and the web against organizations, why email and web security should be considered together and the benefits of cloud delivered security solutions, including improved security efficacy and reduction in overall costs.
  • The Golden Hour – Cutting the Time of Investigation and Response
    The Golden Hour – Cutting the Time of Investigation and Response
    Jadee Hanson, CISO, Code42; Andrew Neal, Pres; InfoSec/Compliance, TransPerfect; Greg Braunton, Catholic Health Initiatives Recorded: Oct 25 2018 60 mins
    As the time and complexity associated with incident investigations increase, response times become more critical. The longer detection and remediation take, the higher the cost to the business and the greater the risk of a cyberattack expanding across the organization. Organizations have to react with speed and precision. How can an organization reduce the time and effort it takes to investigate and resolve an incident successfully? Join Code42 and (ISC)2 on October 25, 2018 at 1:00PM Eastern for a roundtable discussion on why time matters when conducting an investigation, where gaps may be in the incident response process and how to get the most out of your investigation and response efforts.

Embed in website or blog