For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.
Get Results from Your Awareness Activities Using the Security Culture FrameworkKai Roer, Founder The Roer Group, Security Culture Coach and AuthorFor more than two decades organizations worldwide have failed at creating the security awareness we have aimed for. Instead of continuing doing things we already know are failing to give us the results we need, Mr. Roer and his team set out to analyse what the key elements in successful awareness programs are, and what the major reasons for failure are. The research project was the basis to create the Security Culture Framework, a free and open methodology on organizing successful awareness campaigns that creates lasting cultural change. Today, the framework is being used by a large number of organizations around the world, to build and maintain security culture. In this talk, Mr. Roer will walk you through the four basic principles of the Security Culture Framework, and explain how to be successful when building security culture.Read more >
For more than two decades organizations worldwide have failed at creating the security awareness we have aimed for. Instead of continuing doing things we already know are failing to give us the results we need, Mr. Roer and his team set out to analyse what the key elements in successful awareness programs are, and what the major reasons for failure are. The research project was the basis to create the Security Culture Framework, a free and open methodology on organizing successful awareness campaigns that creates lasting cultural change. Today, the framework is being used by a large number of organizations around the world, to build and maintain security culture. In this talk, Mr. Roer will walk you through the four basic principles of the Security Culture Framework, and explain how to be successful when building security culture.
This presentation will highlight lessons learned from many years of responding to targeted attacks by nation state actors and other groups. We will highlight why adversaries continue to successfully compromise their targets at-will, and provide insight to the investigative techniques and security controls that can keep-pace with attacker methodologies. (Hint: there are no silver bullets, and buying more security widgets is not always the answer to these challenges!) We’ll discuss the benefits, and potential pitfalls, of the emerging market for “threat intelligence”. Finally, we'll take the risk of predicting the future and provide some thoughts on how targeted attacks and state-sponsored threats may continue to evolve.
- Identify frequently-missed blind-spots and operational failures that help attackers persist in a compromise environment
- Discover how to better utilise existing resources and technologies to reduce the time gaps between successful compromise, detection, and remediation
- Identify which approaches to remediation have been most successful at driving attackers out of a compromised environment and limiting the likelihood of re-compromise
- Understand how targeted and state-sponsored attackers are evolving their methodologies in response to increased exposure and analysis
- Learn practical ways in which threat intelligence can be utilised to detect and respond to attackers
Before tackling a SIEM project to improve detection and response, learn from these case studies as their scenario likely matches yours. To firebreak your network brings together technologies, processes and people in the right balance across four phases. More than a security point solution or another box, you need to turn craft into a discipline to improve detection and response.
Learn from your peers about the following:
- Before environment and issues
- Transition effort, cost and impact
- After environment and benefits
- Best practices for managed SIEM
- Your network and next steps
Cyber insurance is becoming an increasingly competitive market. In order to differentiate their offerings, underwriters are beginning to offer unique risk mitigation services to their insureds. But with all the noise in this space, how do risk managers find and choose the policy that is best for them?
In this webinar hosted by Advisen, Tracie Grella, Global Head of Professional Liability at the world's largest insurer, AIG, Neeraj Sahni, Vice President, FINEX North America—Cyber and Technology Risks at Willis, and Ira Scharf, General Manager of Cyber Insurance at BitSight Technologies, to learn how underwriters, brokers and technology firms are working together to bring risk mitigation services to their clients
Join this webinar to learn:
- How cyber coverage has evolved
- How the insurance market is bringing value related to cyber risks
- How risk mitigation services lower expected costs and help insurers do a better job of underwriting
- Why risk mitigation services and cyber insurance create a safer cyber ecosystem
If your organization cannot afford downtime from DDoS attacks, join this timely discussion from Neustar, with special guest perspective from IDC’s Christina Richmond. Explore the complexity and purpose behind today’s attacks and what you can do to defend your Internet presence. You will learn:
· What the DDoS threat environment looks like today
· Why “smokescreening” is a particular danger
· Where attacks can have impact across your organization
· How you can take steps to thwart DDoS threats
Enterprise data centers are evolving to deliver higher performance and agility, driven by rapid adoption of mobility/BYOD, big data, cloud and SaaS. At the same time, data center security needs to guard against ever more sophisticated attacks, while keeping up with rapidly increasing bandwidth requirements.
In this session Jose Grandmougin, Fortinet Director of System Engineering, will focus on the absolute need for high performance, hardware based firewalls in today’s data center and why yesterday’s data center firewalls cannot meet today’s challenges.
Our expert panel will discuss upcoming trends and best practices in infosec policy management for the IOT. The panel will include:
Jennifer Bisceglie, CEO, Interos Solutions
Robert Brese, Executive Partner, Gartner
Ryan Gillis, VP of Cybersecurity and Global Policy, Palo Alto Networks
Gary Hayslip, CISO, City of San Diego, Co-Chair, CyberTECH
Paul Rosenzweig, Principal, Red Branch Consulting
Join Forrester Vice President, Principal Analyst, John Kindervag and Fortinet to learn about how next generation firewalls (NGFW) are changing the way organizations protect themselves. Get a look at the latest research on how IT professionals are using NGFWs to combat today’s threat environment and the requirements for an effective NGFW.
It’s not if, it’s when you will expand your enterprise footprint into Amazon Web Services (AWS). When organizations shift to a public cloud environment, security and compliance must remain top of mind. While AWS provides robust infrastructure-level protections, today’s attackers target the applications themselves.
This webinar will:
· Discuss inherent AWS security capabilities
· Review attack types that target the applications and why traditional security approaches can’t stop them
· Illustrate how Imperva SecureSphere for AWS stops these attacks and enables you to use the security infrastructure on-prem and in the cloud
Triple-A ratings are normally associated with chief financial officers keeping a tab on John Moody’s bond credit rating. But, in the technology world, how can a chief information officer or IT decision maker rate the efficiency of an IT security implementation?
A comprehensive security approach should encompass three factors. It should be adaptive to threats, business requirements and the ever-evolving use of the internet within the corporate network, have adapted to meet the specific requirements of an organization and have been adopted fully by end users.
These factors can be summarized as a “Triple-A” security approach. If you achieve this, you can strengthen your overall security posture.
Attend our webcast to see how your organization can have the best security possible, and use IT security to drive innovation – instead of blocking it.