Nicholas Flores, Security Consulting Director, FireEye Mandiant
Today’s sophisticated attackers often hide within the noise of abundant alerts generated by a myriad of security products. Limited budgets, a shortage of skilled security staff, and rigid regulatory requirements make it difficult for organizations to effectively identify and understand these threats—negatively affecting risk-based decision making and asset protection.
Effective cyber security requires an understanding of who is likely to target you, and how they operate.
As security leaders and executives turn to service providers to evaluate their security maturity, manage business risks and build sustainable security programs, they often ask ‘how do I select the right security partner for my organization?’
Join Nick Flores, Security Consulting Director at FireEye Mandiant, as he shares insights and expertise on:
• Selecting the right service provider for your organization
• Realizing limitations of providers who apply traditional and compliance-focused approaches
• Working with providers who intimately monitor attackers across the evolving threat landscape
• Understanding the role of cyber threat intelligence in effective cyber security services
• Asking the right questions of your security providers to enable critical business decisions
Also, don't miss "Navigating Today’s Global Cyber Regulations – Regional Perspectives," the second webinar in this two-part series aimed to help you be better prepared for what's to come in 2019. https://www.brighttalk.com/webcast/7451/337259
Misha Sokolnikov, Director of Product Marketing, FireEyeRecorded: Oct 24 201851 mins
As cyber threats continue to proliferate and expand, so does the arsenal of tools organizations employ to protect against the attackers. With most security solutions equipping to solve only narrow problems, it has become the norm for organizations to deploy an unbearable amount of technologies. Join Misha Sokolnikov, Director of Product Marketing, FireEye as he provides:
• An overview of why security solutions today are not integrated and cause complexity, inefficiencies and excessive alert noise
• The tactics that threat actors use to take advantage of disjointed, complex security technologies
• The most critical threat vectors and how the consolidation and integration of security tools can help you improve your security posture
Kevin Taylor, EMEA VP; Sandra Joyce, VP, Global Intel Operations; Stuart McKenzie, EMEA Mandiant VP; Simon Moor, NEUR VPRecorded: Oct 24 201825 mins
Cyber threats plague the financial services industry:
• Advanced persistent threat (APT) actors seek to support economic reforms and reach state goals
• Financial threat actors seek financial gain through the direct theft of funds or the sale of stolen information
• Disruptive threat actors and hacktivists seek to gain publicity, divert banks' attentions, or demonstrate a political motive
Any one of these threats would increase activity in an industry, but the presence of all three likely accounts for the large number of intrusions in financial services organizations.
Join us for a live video panel and get executive insights for critical topics relevant to the financial services industry, including the:
• Nature of threats, as well as their motivations and tactics, techniques and procedures (TTPs)
• Ripple effect consequences of geopolitics
• Cost of a breach and importance of risk awareness in the boardroom
• Need to keep GDPR a high priority
David Grout, Director Technical, South EMEA, FireEyeRecorded: Oct 24 201847 mins
Mandiant responded to an incident in 2017 at a critical infrastructure organisation where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes. This malware, called TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers.
Join David Grout, our Technical Director for South EMEA, for a live session and get insights into the technical framework details and the potential outcomes.
Shashwath Hegde, Solutions Architect, APAC, FireEyeRecorded: Oct 24 201831 mins
In many ways, public cloud is more secure than a traditional data center. And yet, assets on the public cloud are still being compromised just as those stored in traditional data centers. Mandiant, the industry leader in incident response consulting, estimates that 15 percent of all of its incident response involves public cloud assets. So, if the cloud is more secure, why is it still getting hacked?
In this session, we will discuss
• the challenges in Cloud Security
• how to design an effective strategy to tackle them
Colin Connor, Director, AT&T; Jim Waggoner, Sr. Director, FireEye; Seth Summersett, Chief Scientist, FireEyeRecorded: Oct 23 201859 mins
Ransomware, application exploits, advanced persistent threats, all put your data, customer information and intellectual property in more danger than ever, putting your company’s reputation and revenue at risk. Even if you are able to protect yourself against today’s threats, you cannot stand still. Threats and threat actors are constantly evolving. You need to understand how the threats are evolving and what you need to do to protect yourself.
In this expert panel discussion with Colin Connor Director, Threat Intelligence and Cyber Forensics at AT&T, Seth Summersett, Chief Scientist at FireEye and Jim Waggoner, Sr. Director of Product Management for Endpoint Security at FireEye, learn how threats are evolving, how companies are becoming more proactive in the response to the threats and how technology is changing to provide greater protection, detection and response to the emerging threats.
Matthew Keane, Sr. Director, FireEye, Travis Fry, Sr. Consultant, FireEye & Michelle Visser, Partner, Ropes & GrayRecorded: Oct 23 201858 mins
Due to the combination of growing cyber risks threatening critical assets of organizations today, and firmer security regulations enforced by lawmakers across the globe, security leaders are increasingly taking steps improve their risk management processes and key stakeholder communication—to enable better decision-making around security domains and necessary investments.
This includes adoption of new risk management methods to generate realistic risk forecasts, effective metrics techniques, and a clear roadmap for capability improvements.
Join Matthew Keane, Sr. Director of Strategic Services at FireEye, Travis Fry, Sr. Consultant at FireEye, and Michelle Visser, Partner at Ropes & Gray, as they share their security and legal expertise on:
• Security risks across the complete cyber attack lifecycle, not only detection and response
• A simple and proven method for approaching the risk reality facing all organizations
• The rising cyber security insurance market and how it will affect risk management efforts
• Influence of new regulatory requirements and the SEC’s interpretive guidance on disclosure issues
• Using threat intelligence to ensure risk management efforts are based on real-world threats and ongoing adversary activities, not hypothetical or academic scenarios
• Best practice exercises to test your incident response plan based on real-world experiences
• Techniques for effectively reporting risk and capability needs to a Board-level audience
Simon Moor, Director, Northern Europe, FireEye; Duncan Brown, Associate VP, European Infrastructure & Security, IDC EMEARecorded: Oct 23 201861 mins
Despite the continued focus on security and cyber-risk, most organisations demonstrate poor alignment between the business and security in the consideration of risk. This disconnect can start right at the beginning of a business process, where security is often not involved early enough (or at all) in strategic projects. Boardroom visibility of security threats is often weak, while the nature of security threats means that a continuous reassessment of risk is required, but rarely occurs.
This webinar explores the gap between security and business risk, and examines the opportunities for alignment in Digital Trust, as a prerequisite for digital transformation.
Rob van der Ende, VP APJ, Mandiant, a FireEye company & Mimi Yang, Senior Foreign Legal Consultant Ropes & GrayRecorded: Oct 23 201859 mins
How prepared are you and your organization to respond to a data breach?
Executives and their teams in PR/Communications, Cybersecurity, IT, (external) Legal Counsel, and others, should all be intimately aware of the Breach Response Plan and practice their tasks regularly through a Cyber Breach Simulation, or Tabletop Exercise.
Ropes & Gray and Mandiant have joined forces to help you evaluate your organization’s ability to respond effectively to a cyber incident before it occurs. The Tabletop Exercise uses gameplay techniques to assess your cyber crisis processes, tools and proficiency from legal, governance and technical perspectives. During the exercise, multiple scenarios based on real-world experience are simulated in a roundtable environment, allowing Ropes & Gray to provide concrete legal advice to your organization based on the results, including advice on potential enhancements to your organization’s cyber breach and incident response preparedness that Mandiant and Ropes & Gray identify through the exercise.
About Ropes & Gray
Ropes & Gray privacy & cybersecurity attorneys have advised and assisted clients in responding to cyberincidents of multiple shapes and sizes, including many of the largest incidents in history, and apply that extensive background to counsel clients on cybersecurity incident preparedness.
Mandiant, a FireEye company, has over 14 years of near-daily interaction with organized, persistent attackers and threat groups around the world. Mandiant consultants spend hundreds of thousands of hours annually working with organizations of all sizes to remediate security breaches, identify vulnerabilities and provide guidance on closing security gaps.
Nigel Gardner, MGM Resorts Intl., Joseph O’Laughlin, FireEye; Jason Tuininga, FireEyeRecorded: Oct 22 201851 mins
Threat intelligence has the power to enhance an organization’s security effectiveness, improve its time-to-response, and reduce business risk. No matter where an organization is on the continuum of security operations maturity, threat intelligence can provide significant value. The question is, what is the best way to maximize that value? What advantages can you gain through simple process or technology changes to ensure that you’re ready to respond quickly to the threats that matter? Come hear from our experts about what threat intelligence can do for you, and hear from a FireEye customer who has made this journey, transforming its security operations to be intelligence-led.
Parnian Najafi Borazjani, Senior Analyst, FireEyeRecorded: Oct 22 201841 mins
IoT devices have become a mainstream part of our lives. IoT devices are no longer just consumer devices, rather they are interwoven in different parts of corporations.
The August 2016 Mirai botnet attack has shown that security in IoT is required to have overall security. The lack of security in IoT devices not only affects users, but also affects the society in a larger scale. Manufactures of these devices need to follow a set of guidelines to ensure secure developments and deployments.
Moreover, device consumers such as corporations should be aware of their attack surface.
Join us for a live webinar as we address the top security and privacy issues in IoT devices, the threats that are targeting them and recommendations for possible solutions.