Hi [[ session.user.profile.firstName ]]

LookingGlass Cyber Solutions

  • Date
  • Rating
  • Views
  • Are Your Third Party Vendors Exposing Your Organization to Cyber Threats?
    Are Your Third Party Vendors Exposing Your Organization to Cyber Threats? Eric Olson, LookingGlass Vice President of Intelligence Operations and Nick Hayes, Forrester Senior Analyst – Security & Risk Recorded: Oct 18 2017 59 mins
    By now, the majority of us have likely been inundated with stories about third party data breaches and how one vendor’s vulnerability can cost your organization millions. But how do you know if you’re doing enough to stop third party risk?

    As we enter 2018, new U.S. and European cyber regulations are going into effect, and organizations can no longer check the box when it comes to their vendors’ cybersecurity. You are not only liable for knowing where you are most at-risk, but now you must also understand how that risk affects your organization and identify a solution for mitigating that risk.

    This webinar features guest speaker Nick Hayes, Senior Analyst at Forrester and LookingGlass VP of Intelligence Operations Eric Olson. They will delve into the third party risk landscape: our current state of affairs, and where the industry is moving, as well as how you can take a different approach to third party risk prevention, including:
    • How to see where your vendors are already compromised
    • The importance of actionable intelligence for real-time mitigation
    • Why a continuous monitoring solution is the future of third party risk
  • Success Factors in Threat Intelligence: Part 3 - Key Elements
    Success Factors in Threat Intelligence: Part 3 - Key Elements Allan Thomson, Chief Technical Officer Recorded: Jul 19 2017 49 mins
    This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.

    What do we mean by “business technical approach’ to Threat Intelligence?

    Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.

    A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.

    With Part 2, we introduced the overall vision of a successful TI Program. In this webinar, we dig into the key elements of the TI program with concrete examples, and key components of the program that must exist including the right team, process, tools, metrics and connections.
  • Success Factors in Threat Intelligence: Part 2 - Starting a Program
    Success Factors in Threat Intelligence: Part 2 - Starting a Program Allan Thomson, Chief Technical Officer Recorded: Jun 29 2017 46 mins
    This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.

    What do we mean by “business technical approach’ to Threat Intelligence?

    Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.

    A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.

    In Part 1 of the CSO Series we introduced the key business and technical requirements of TI programs. In Part 2 webinar we will examine some important definitions to consider in TI and how to start building the program based on the requirements identified in Part 1 of the series. We will introduce to the audience the overall vision of the TI program execution, doing gap analysis on existing security programs and identifying where the TI program can complement and enhance existing investments.
  • Success Factors in Threat Intelligence: Part 1 - Business Requirements
    Success Factors in Threat Intelligence: Part 1 - Business Requirements Allan Thomson, Chief Technical Officer Recorded: Jun 8 2017 46 mins
    This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.

    Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.

    A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations.

    In Part 1 we will examine what drives CISOs and organizations to consider adoption of a threat intelligence practice. CISO’s are focused on Risk reduction to their organizations but may not have a fully defined set of requirements on who, how, where Threat Intelligence can assist in that high-level goal. They may require a solid business case to justify the investment and have a supporting set of well-defined business and technical requirements. Some key questions help formulate the executive’s plan.
    -What are the costs of solving these requirements?
    -How can my organization’s revenue be protected while investing in TI?
    -What is the right balance of both tactical and strategic Threat Intelligence-driven responses?
    -Where can existing investments be leveraged?
  • Bigger Isn't Always Better: Assessing Cyber Risk to Reduce Your Attack Surface
    Bigger Isn't Always Better: Assessing Cyber Risk to Reduce Your Attack Surface Eric Olson, VP of Intelligence Operations, and James Carnall, VP Cyber Security Center Recorded: May 10 2017 52 mins
    Ransomware, spear phishing and third party breaches have become a huge problem as organizations become more connected online and expand their cyber footprint. When even the largest and most
    sophisticated global organizations, government agencies, and multinational banks are routinely penetrated and taken offline by cyber criminals, how can a concerned enterprise quickly and cost-effectively evaluate their own risk?

    During this webinar, Vice President of Intelligence Operations, Eric Olson, and VP of Cyber Security Center, James Carnall, will discuss how organizations can evaluate their internal and third party cyber risk to:

    · Minimize your attack surface for increased visibility
    · Make smarter and more cost-effective investments in your security posture
    · Proactively look for potential leaks, theft of sensitive data or other holes in your security posture
  • Assessing Targeted Attacks in Incident Response Threat Correlation
    Assessing Targeted Attacks in Incident Response Threat Correlation Allan Thomson, CTO, and Jamison Day, Principal Data Science Engineer Recorded: Apr 12 2017 52 mins
    The current number of active cyber threats is astounding. Do you know which threats are targeting you right now and which threats are likely to cause greatest harm to your company?

    This session examines how correlating network flow data with cyber threat information during incident response provides knowledge of not only what threats are active or targeting you, but which of your assets are being targeted before or during an incident. We examine the many data types used in commonly-shared indicators of compromise and explore which provide for automating correlation with network flow data. The pros and cons of common correlation algorithms are discussed with a focus towards their contributions and limitations to enhancing threat intelligence efforts. Proper network flow correlation should provide a foundation for performing risk-based mitigation that identifies the threats that are creating the greatest loss of value for your organization rather than chasing down the threats deemed most harmful by the industry.
  • How Are You Managing Cyber Risk From Your Third-Party Relationships?
    How Are You Managing Cyber Risk From Your Third-Party Relationships? Ryan Curran, Senior Sales Engineer Recorded: Mar 30 2017 42 mins
    Outsourcing and strategic partnerships have become a staple in today's business climate, enabling organizations to drive business value and stay ahead of the competition. However, moving company information outside of its own defense perimeter opens an organization up to a myriad of cybersecurity vulnerabilities. Organizations need to have the tools and resources to determine the risk from 3rd party relationships and manage that risk in a timely and consistent manner.

    In this webinar, Senior Sales Engineer Ryan Curran will help you learn how to:
    ~ Identify and monitor threats targeting your extended ecosystem
    ~ Use a threat intelligence platform for third-party risk management workflows
    ~ Leverage Threat Indicator Confidence Scoring and pre-packaged threat intelligence to start monitoring 3rd parties within minutes
  • Threat Intelligence Gateway: An Unconventional Weapon for An Unconventional War
    Threat Intelligence Gateway: An Unconventional Weapon for An Unconventional War Kinshuk Pahare, Director of Product Development, LookingGlass Recorded: Feb 28 2017 37 mins
    The cyber threat landscape is constantly evolving and conventional security products (Firewalls, IPS/IDS and web proxies) are unable to address emerging threats in a fast and efficient manner. LookingGlass’ newest threat mitigation appliance, the ScoutShield Threat Intelligence Gateway, provides a zero-touch solution to automate the threat response.

    Join our Director of Product Management, Kinshuk Pahare as he discusses the:
    1. Challenges with conventional security appliances and the need for a Threat Intelligence Gateway.
    2. Importance of having high quality threat intelligence.
    3. Must-have characteristics of a Threat Intelligence Gateway appliance.
  • Building a Threat Intelligence Program
    Building a Threat Intelligence Program Mike Rothman and AJ Shipley Recorded: Nov 17 2016 61 mins
    Security teams continually look for better ways to collect, analyze, and apply threat intelligence. Join our webcast with industry experts Mike Rothman and A.J. Shipley in their lively discussion of building, optimizing, and getting more value from your threat intelligence program. They’ll explore:

    •Evaluating data quality
    •Understanding threat context, relevance and priority
    •Key use cases around threat prevention, detection, and remediation
    •Best practices and advanced tools & technologies.
  • Phishing Prevention: Be Suspicious and Don't Get Hooked
    Phishing Prevention: Be Suspicious and Don't Get Hooked James Carnall and Greg Ogorek Recorded: Nov 3 2016 56 mins
    Although it’s been around for years, phishing is still one of the most common and effective online scams – and it just continues to grow. In Q1 2016 alone, phishing attacks grew approximately 250 percent. There were more phishing attacks during that three-month span than any other since 2004.

    Phishing scams are increasingly difficult to detect. Using information freely available on the internet about you or your organization, cyber criminals carefully craft a message that contains real information that you are inclined to trust. It can come to you in many ways including emails, SMS messages, phone calls, or impersonating websites. Often, there is a sense of urgency that’s paired with a message that makes you react with your emotions instead of thinking. So, how do you protect yourself and your organization from phishing scams?

    Join LookingGlass cyber security experts James Carnall and Greg Ogorek as they explore the world of phishing scams and phishing protection solutions. To set the context, the diverse types of phishing scams will be outlined along with very realistic examples that make these lures come to life. Next, we will investigate the growing risks by highlighting the changing cyber threat landscape specifically attributed to phishing. We will wrap up by discussing a wide range of phishing protection solutions.

Embed in website or blog