Hi [[ session.user.profile.firstName ]]

(ISC)2 Think Tank

  • Date
  • Rating
  • Views
  • Halt! Who Goes There? Improving the Intersection of Identity & Security
    Halt! Who Goes There? Improving the Intersection of Identity & Security
    John MacInnis, Prd Mktg Mgr, IAMS, HID Global; Tariq Shaikh, Sr. Security Adv., IAM, Aetna; Erik Von Geldern, CISO, FXCM Recorded: Dec 6 2018 61 mins
    With the multiple points of access to an organization, both internal and external, as well as physical and electronic, identity and access control is a critical security concern. Practitioners need to constantly monitor and assess the organization’s security posture, access provisioning and even the on boarding of employees, partners and customers. Join HID Global and (ISC)2 at 1:00pm Eastern Thursday, December 6, 2018 for a discussion on why identity has become the center of security and how to better manage identity, access management and authentication in your enterprise.
  • Maintaining (and Improving) Security on your Journey to Cloud
    Maintaining (and Improving) Security on your Journey to Cloud
    Jason Garbis, VP of Cyb. Products, Cyxtera; Mike Brannon, Dir. Infra. & Sec., National Gypsum; Spencer Wilcox, B. Dunlap Recorded: Nov 29 2018 60 mins
    Like a good rollercoaster, a journey to the cloud can be both exhilarating and terrifying. Unlike a rollercoaster, however, a cloud journey is a long-term commitment and requires thoughtful planning, especially the need to ensure security and compliance controls. Join Cyxtera and (ISC)2 on November 29, 2018 at 1:00PM Eastern for a discussion on making a secure journey to the Cloud and the benefits of a software-defined perimeter.
  • Email and the Web – Defending Against Attackers’ Favorite Vectors
    Email and the Web – Defending Against Attackers’ Favorite Vectors
    Matt Gardiner, Dir. Prd Mkg, Mimecast; Derrick Butts, CIO/CO, Truth Init.; Bruce Beam, Dir Infr & Sec (ISC)²; Brandon Dunlap Recorded: Nov 8 2018 58 mins
    According to the Verizon Data Breach Investigations Report 2018, 99% of malware, such as ransomware, trojans, and RATs, were delivered via malicious email attachments or via the web. With the vast majority of all security incidents and breaches using email and the web -- and the necessity of these services to your organization’s day-to-day operations -- how can you protect yourself? What are the best practices for defending against these types of threats? What are the best methods of acquiring, deploying and managing these protections? Join Mimecast and (ISC)2 on November 8, 2018 at 1:00PM Eastern for a discussion of these questions and the methods attackers are currently using to accomplish their goals, how attackers are using email and the web against organizations, why email and web security should be considered together and the benefits of cloud delivered security solutions, including improved security efficacy and reduction in overall costs.
  • The Golden Hour – Cutting the Time of Investigation and Response
    The Golden Hour – Cutting the Time of Investigation and Response
    Jadee Hanson, CISO, Code42; Andrew Neal, Pres; InfoSec/Compliance, TransPerfect; Greg Braunton, Catholic Health Initiatives Recorded: Oct 25 2018 60 mins
    As the time and complexity associated with incident investigations increase, response times become more critical. The longer detection and remediation take, the higher the cost to the business and the greater the risk of a cyberattack expanding across the organization. Organizations have to react with speed and precision. How can an organization reduce the time and effort it takes to investigate and resolve an incident successfully? Join Code42 and (ISC)2 on October 25, 2018 at 1:00PM Eastern for a roundtable discussion on why time matters when conducting an investigation, where gaps may be in the incident response process and how to get the most out of your investigation and response efforts.
  • Sharpening Your Focus – Gaining Visibility & Managing the Insider Threat
    Sharpening Your Focus – Gaining Visibility & Managing the Insider Threat
    Mayank Choudhary, VP Products, ObserveIT; John Carnes, Spencer Wilcox, PMN Resources; Brandon Dunlap (Moderator) Recorded: Sep 13 2018 61 mins
    It’s no secret that limited visibility into user actions keeps cybersecurity professionals up at night. The right level of visibility into user action and access can produce positive insights that enable business results. Additionally, indicators of out of policy activities can stop an insider threat before it becomes a full-blown incident. Research from The Ponemon Institute showed that financial services institutions faced the highest insider threat costs of any other industry (at $12.05 million annually) -- a very concrete reason to address an otherwise invisible problem. Join ObserveIT and (ISC)2 on September 13, 2018 at 1:00PM Eastern for a roundtable discussion on insider threats including the most important components to gaining full cyber visibility: user activity, data activity, and analytics, best practices for managing insider threats and the key question organizations should be asking to mitigate insider threats.
  • The “Tell” – Identifying Threat Actors with Web Assets
    The “Tell” – Identifying Threat Actors with Web Assets
    Tim Helming, Director of Product Management, DomainTools; Aamir Lakhani; Andrew Neal, TransPerfect; B Dunlap (Moderator) Recorded: Aug 30 2018 58 mins
    While the tools, techniques and procedures that threat actors employ are evolving, these threat actors often take the shortcut of reusing code and files on multiple domains (because it’s easier than setting different ones up each time). It’s these “tells” and habits that can help an organization more quickly identify and deal with a threat, by examining and pivoting through related infrastructure. Join DomainTools and (ISC)2 on August 30, 2018 at 1:00PM Eastern as we learn how to identify these pieces of evidence and how the threat intelligence space is changing, as well as what techniques security practitioners can learn and employ to stay ahead of threat actors.
  • 2018 Security Congress Preview - Professional Development
    2018 Security Congress Preview - Professional Development
    Sharon Smith, Founder & Princ Consultant, C-Suite Results; Rob Ayoub, Program Dir, IDC; Derrick Butts, Truth Initiative Recorded: Aug 21 2018 55 mins
    (ISC)2 will hold its Security Congress 2018 in New Orleans, Oct. 8 – 10. This conference will bring together 2000+ attendees and more than 100 educational sessions. One of the 13 tracks at the conference will focus on Professional Development and the challenges practitioners face advancing their careers, and staying ahead of the latest best practices and strategies with ongoing education. On Aug. 21, 2018 at 1 p.m. Eastern, join (ISC)2 and several speakers who’ll be presenting in the Professional Development track at Security Congress as we preview their sessions and discuss why professional development is so critical to advancing a career and knowledge.
  • Leveraging Security Automation for Improved Management
    Leveraging Security Automation for Improved Management
    Ken Wilson, Dir, Sales Central U.S., Skybox, Michael Roling, CISO, State of MO; Curtis Dukes, CIS; Brandon Dunlap (Moderator) Recorded: Aug 16 2018 61 mins
    Security automation technologies can help drive improvements in managing security policies, including their implementation in firewalls and other network devices. However, whether you’re struggling with continuous compliance, auditing and reporting or managing firewall changes, deciding what to automate can be challenging. Join Skybox Security and (ISC)2 on August 16, 2018 at 1:00PM Eastern for a discussion where we’ll examine which automated processes in security policy management deliver the biggest rewards while introducing the least risk to your organization. Areas to be examined include why automation, visibility and context should be the indivisible, foundational components of any security policy management solution, which processes in security policy management are ripe for automation and where human intervention is still valuable. We’ll also explore how to educate security stakeholders in your organization on what’s needed to make automation initiatives a success.
  • From Reactive to Proactive - Getting the Most Out of Network Traffic Analytics
    From Reactive to Proactive - Getting the Most Out of Network Traffic Analytics
    Jeff Costlow, Dir of Security, ExtraHop; Kristy Westphal, VP, MUFG Union Bank; Melissa Duncan, Sr Sys Sec Eng, Charles Schwab Recorded: Aug 2 2018 57 mins
    They say “Packets don’t lie”. Instead of waiting to respond to incidents and anomalies, SecOps teams are using the network to enable proactive measures such as threat hunting, auditing encryption and other suspicious and out-of-policy behaviors existing in the dark alleys of the traffic corridor. Real time network traffic analytics (NTA) tools can help an organization shift from defensive to offensive and cut investigation time, enabling analysts to quickly correlate activities and test hypotheses. Join ExtraHop and (ISC)2 on August 2, 2018 at 1:00PM Eastern as we discuss proactive measures that can work for an organization, what activities to look for and how machine learning can help speed up these efforts.
  • 2018 Security Congress Preview – Cloud Security
    2018 Security Congress Preview – Cloud Security
    Mike Brannon, Dir, Infrastructure & Security, National Gypsum; Tim Sills,Accudata; Tyler Smith, IT Analyst, John Deere Recorded: Jul 24 2018 56 mins
    (ISC)2 will hold its Security Congress 2018 in New Orleans, LA, October 8th – 10th. This conference will bring together 2000+ attendees and over 100 educational sessions. One of the 13 tracks that are being offered with focus on Cloud Security and challenges practitioners face when dealing with all things cloud. On July 24, 2018 at 1:00PM Eastern, join (ISC)2 and several of the speakers who’ll be presenting in the Cloud track as we preview their sessions, get an idea of what will be discussed and discuss the state of cloud security today.

Embed in website or blog