Information Security Community

Channel profile:

Your Resource for Information Security Trends & Education

With over 200,000 members, the Information Security Community is the largest community of infosec professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.

Subscribers (23,608)
Anatomy of an Insider Threat: Protecting Active Directory Is Key Alvaro Vitta, Principal Security Consultant, Dell Software In this webcast, you’ll gain insights into the state of insider threats and security solutions to detect and prevent them. We’ll review the results of a comprehensive crowd-based survey on insider threats in cooperation with the 260,000+ members of the Security Community on LinkedIn. We’ll also discuss the critical importance of protecting Active Directory and its resources from insider threats and provide best practices toward that goal.

Holger Schulze, founder of the Information Security Community on LinkedIn, will review 5 key trends for insider threats, as well as the results of the 21-question survey of your IT security, compliance and admin peers, covering four main themes:

1. Insider threats and vulnerabilities
2. Threat detection
3. Security tools and processes
4. Recovery and remediation

Then, Alvaro Vitta, principal security consultant, Dell Software, will provide his take on best practices for securing Active Directory and the resources it grants access to, as well as a brief overview of Dell solutions for governance, risk and compliance (GRC).
Read more >
Sep 3 2015
46 mins
Play
  • Date
  • Rating
  • Views
  • In this webcast, you’ll gain insights into the state of insider threats and security solutions to detect and prevent them. We’ll review the results of a comprehensive crowd-based survey on insider threats in cooperation with the 260,000+ members of the Security Community on LinkedIn. We’ll also discuss the critical importance of protecting Active Directory and its resources from insider threats and provide best practices toward that goal.

    Holger Schulze, founder of the Information Security Community on LinkedIn, will review 5 key trends for insider threats, as well as the results of the 21-question survey of your IT security, compliance and admin peers, covering four main themes:

    1. Insider threats and vulnerabilities
    2. Threat detection
    3. Security tools and processes
    4. Recovery and remediation

    Then, Alvaro Vitta, principal security consultant, Dell Software, will provide his take on best practices for securing Active Directory and the resources it grants access to, as well as a brief overview of Dell solutions for governance, risk and compliance (GRC).
  • The consumerization of IT, bring your own device (BYOD), and software-as-a-service (SaaS) provide organizations with impressive productivity gains, but bring with them the challenge of secure management. Grady Boggs, Principal Security Specialist, illustrates the Microsoft comprehensive cloud solution, the Enterprise Mobility Suite (EMS), and details how users can stay productive while keeping corporate information safe and secure.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Cloud Access Security Brokers (CASBs) are one of the hottest new security technologies on the market. Recommended by Gartner, they provide visibility and control in a new IT world now based in public cloud applications and corporate data being accessed by employee BYOD devices.
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency
  • Non-targeted, opportunistic, targeted, and insider are 4 threat types, or groupings, that have been understood by the security community at large for years. These groupings of threats are largely based on motivation, prevention, detectability, cost, and impact to those affected. On the defensive side, the concept of defense in depth where you secure the outer perimeter to prevent threats, monitor the interior perimeter for anomalous behavior, and apply tight restrictions to the most sensitive data and system has also been a proven approach to minimizing the impact of threats.

    Join Wade Woolwine and Mike Scutt from Rapid7’s threat detection and incident response team to discuss how making threat groupings, the attack lifecycle, and defense in depth part of your overall security program planning can help you apply your resources in a way to maximize prevention, detection, and response for a more effective ROI.
  • When did we forget that old saying, “prevention is the best medicine”, when it comes to cybersecurity? The current focus on mitigating real-time attacks and creating stronger defensive networks has overshadowed the many ways to prevent attacks right at the source – where security management has the biggest impact. Source code is where it all begins and where attack mitigation is the most effective.

    In this webinar we’ll discuss methods of proactive threat assessment and mitigation that organizations use to advance cybersecurity goals today. From using static analysis to detect vulnerabilities as early as possible, to managing supply chain security through standards compliance, to scanning for and understanding potential risks in open source, these methods shift attack mitigation efforts left to simplify fixes and enable more cost-effective solutions.
  • When considering a move to cloud computing, customers must have a clear understanding of potential security benefits and risks associated with cloud computing, and set realistic expectations with their cloud provider. "The Security for Cloud Computing: 10 Steps to Ensure Success" webinar provides a practical reference to help enterprise IT and business decision makers analyze the security implications of cloud computing on their business. The presentation will provide guidance and strategies designed to help these decision makers evaluate and compare security offerings from different cloud providers in key areas
  • Are you ready for your next security audit from one of your most important customers? This webinar will help you gauge your readiness and identify areas you need to improve.

    Sophisticated cybercriminals have identified third party suppliers and service providers as a lucrative back door to steal sensitive corporate information. Consequently, many companies are facing increasing pressure to meet stringent data protection audits from their largest clients.

    Based on our experience with a range of customers who have had to meet stringent partner data protection security audits, we’ve identified the most common data protection audit questions.
    – The 12 most common questions in a client data protection audit
    – What the client is really looking for with each question
    – Guidance on your “audit readiness”
  • Availability is one of the core principles in the security CIA triad and one which business leaders tend to grasp more so than other technical risks associated with security. Customers want and expect access to their finances anytime and from anywhere. How is the financial industry grappling with distributed denial of service (DDoS)? What is the financial impact to an institution under DDoS attack? Are financial services firms witnessing an increase in DDoS attacks and duration? If so, what countermeasures are in place to ensure availability does not suffer?

    Lastly, what is the financial services industry relying on as sources of intelligence?

    Join us to hear answers to these questions and more as IANS Research and Arbor Networks present poll results from financial services’ security executive management surveyed.

Embed in website or blog