Hi [[ session.user.profile.firstName ]]

Business Continuity / Disaster Recovery

  • The State of IT Resilience 2019 Webinar
    The State of IT Resilience 2019 Webinar
    Jayme Williams, Tencate Recorded: Aug 21 2019 60 mins
    2019 Results are in: 84% weren’t IT resilient enough

    The 2019 IDC State of IT Resilience study found that a whopping 84% of respondents experienced a malicious attack in the past 12 months. Of those organizations who suffered a successful attack, 93%of those attacks resulted in data corruption or loss. Do you know how much a malicious IT attack would cost you?

    Find out how to make your organization IT resilient. Remove the risk of disruption and data loss, which can jeopardize customer loyalty, company reputation, productivity and employee morale. With the average cost of downtime at $250,000 an hour across industries, implementing an IT Resilience strategy is necessary not just to survive, but to go beyond your competitors and thrive.

    Join us to learn more about the 2019 results. Hear Jayme Williams from Tencate discuss how IT resilience is keeping their multi-national advanced-manufacturing operations running 24/7, and the threat of ransomware a non-issue.
  • Webisode 6: Proofpoint Demo - Advanced People-Centric Cybersecurity
    Webisode 6: Proofpoint Demo - Advanced People-Centric Cybersecurity
    Joel Sierra, Security Sales Engineer, Proofpoint Recorded: Aug 21 2019 38 mins
    What are the best practice elements of a people-centric cybersecurity strategy, and in what order should your organization prioritize them?

    Proofpoint has developed a three-phase cybersecurity maturity model to help organizations go from simply protecting their email to stopping compromised cloud accounts and data loss to executing a comprehensive people-centric security program.

    Join us for a demo to learn about the third phase of this maturity model, and see for yourself how the tools work. We'll demonstrate how to:

    1. Gain deeper visibility into attacks and respond when things go wrong
    2. Solve for unified data protection
    3. Defend against email fraud and social media fraud
  • Quantifying Risk in Today’s Computing Infrastructures
    Quantifying Risk in Today’s Computing Infrastructures
    Vincent Rais, Director of Resiliency Services, Uptime Institute and Todd Traver, Vice President, IT Optimization and Strategy Recorded: Aug 21 2019 62 mins
    The complexity of today’s hybrid environments increases risk – what do you need to look for?

    Despite the promised simplicity provided by the cloud and other technologies, the majority of IT loads still run inside enterprise data centers, leading to challenges in managing workloads across the hybrid architectures emerging between these facilities and the cloud. We’ll discuss what we are seeing, along with the challenges, focus areas and important critical success factors necessary to reduce risk and provide resiliency and uninterrupted application availability.
  • Cath Goulding on Digital Transformation
    Cath Goulding on Digital Transformation
    Nominet Cyber Security Recorded: Aug 21 2019 3 mins
    Today, if an organization is unable to keep pace with digital disruption its very existence is at threat. What’s more, unlike many previous business challenges, digital transformation is not a one-off event. Rather, it’s an unfolding process that changes over time as new technologies emerge that lead to new business models and modes of differentiation.

    Digitally transforming an enterprise to a point where it is capable of continual innovation is a huge prize, but it also brings with it a range of challenges, particularly when it comes to cyber security. In the digital age, organizations can no longer hide behind the security of their perimeter walls. Instead, they must open up digitally to partners, suppliers, IoT devices and even competitors in order to create the seamless, customer-centric services people increasingly demand.

    We spoke with industry leaders to garner their views on cyber security in the age of digital transformation. In this video Cath Goulding, CISO at Nominet, talks of her experiences and provides her perspective and on the challenges large enterprises face when keeping their organizations secure during digital transformation programs.
  • James Stickland on Digital Transformation
    James Stickland on Digital Transformation
    Nominet Cyber Security Recorded: Aug 21 2019 3 mins
    Today, if an organization is unable to keep pace with digital disruption its very existence is at threat. What’s more, unlike many previous business challenges, digital transformation is not a one-off event. Rather, it’s an unfolding process that changes over time as new technologies emerge that lead to new business models and modes of differentiation.

    Digitally transforming an enterprise to a point where it is capable of continual innovation is a huge prize, but it also brings with it a range of challenges, particularly when it comes to cyber security. In the digital age, organizations can no longer hide behind the security of their perimeter walls. Instead, they must open up digitally to partners, suppliers, IoT devices and even competitors in order to create the seamless, customer-centric services people increasingly demand.

    We spoke with industry leaders to garner their views on cyber security in the age of digital transformation. In this video James Stickland, CEO, at Veridium talks of his experiences and provides his perspective and on the challenges large enterprises face when keeping their organizations secure during digital transformation programs.
  • Charlie McMurdie on Digital Transformation
    Charlie McMurdie on Digital Transformation
    Nominet Cyber Security Recorded: Aug 21 2019 3 mins
    Today, if an organization is unable to keep pace with digital disruption its very existence is at threat. What’s more, unlike many previous business challenges, digital transformation is not a one-off event. Rather, it’s an unfolding process that changes over time as new technologies emerge that lead to new business models and modes of differentiation.

    Digitally transforming an enterprise to a point where it is capable of continual innovation is a huge prize, but it also brings with it a range of challenges, particularly when it comes to cyber security. In the digital age, organizations can no longer hide behind the security of their perimeter walls. Instead, they must open up digitally to partners, suppliers, IoT devices and even competitors in order to create the seamless, customer-centric services people increasingly demand.

    We spoke with industry leaders to garner their views on cyber security in the age of digital transformation. In this video, cyber security expert, Charlie McMurdie, talks of her experiences and provides her perspectives on the challenges large enterprises face when keeping their organizations secure during digital transformation programs.
  • Verizon Threat Research Advisory Center Monthly Intelligence Briefing (MIB)
    Verizon Threat Research Advisory Center Monthly Intelligence Briefing (MIB)
    John Grim, Senior Manager, PS Advisory Services Recorded: Aug 21 2019 81 mins
    Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing (MIB) to discuss the current cybersecurity threat landscape.

    Our Verizon Threat Research Advisory Center presenters will be:

    •Erika Gifford, Senior Manager, GSS | Security Operations Advisory
    •Hayden Williams, Senior Manager, VTRAC | Investigative Response
    •John Grim, Managing Principal, VTRAC | Innovations and Development
    •David Kennedy, Managing Principal, VTRAC | Open Source Intelligence

    Preparing for and responding to data breaches and cybersecurity incidents is never easy. It takes knowledge of your environment and its unique threats, effective teamwork, and just as importantly, a rigorous Incident Response (IR) Plan. We'll introduce our monthly listeners to the VIPR Report – the Verizon Incident Preparedness and Response Report. We'll provide a high-level overview of our findings across three years of IR Plan assessments and data breach simulations. Insight will include:

    •Observations and recommendations across the six phases of incident response
    •Top takeaways for building a solid IR Plan and capability
    •Breach Simulations Kits and using these resources to run data breach tabletop exercises

    This webinar will also cover:

    •Current Intelligence Overview
    •Attacks and Threat Indicators
    •Latest Malware Trends
    •Significant Vulnerabilities

    If you have any questions related to social attacks and data breaches that you'd like us to cover on the call, please send them to the following email address: Intel.Briefing@verizon.com

    Then tune in for an information-packed session brought to you by our very own Verizon Threat Research Advisory Center investigators, analysts, assessors, and researchers!
  • Webinar: How to Build a Change Workflow to Increase Control
    Webinar: How to Build a Change Workflow to Increase Control
    Maya Malevich Director of Product Marketing, Tufin & Ruth Gomel Director Product Design, Tufin Recorded: Aug 21 2019 58 mins
    “The only thing that is constant is change.” However, change can also be risky.

    Network security changes may lead to broken connectivity, exposure to cyberattacks, or even compliance violations that may result in an audit failure. How do you control and document changes to firewall access?

    Join this session to learn best practices for building a change workflow to:
    • Ensure all changes are documented and audit-ready
    • Enforce a security policy check within every change to improve control
    • Increase efficiency and eliminate errors through automation

    Register now to gain insight into what an effective workflow looks like and how you can streamline the change process you currently use.
  • 2019년 클라우드 보안 위협 보고서: 최신 클라우드 보안 동향 파악
    2019년 클라우드 보안 위협 보고서: 최신 클라우드 보안 동향 파악
    김봉환 상무 , 시만텍코리아 SE 본부 Recorded: Aug 21 2019 63 mins
    현재 클라우드 보안이 현실에 올바르게 대응하고 있다고 생각하십니까?

    시만텍은 클라우드 보안 환경에 대한 인식과 관련하여 전 세계 보안 의사 결정자를 대상으로 설문 조사를 실시하고, 그 결과를 시만텍이 모니터링한 경험적 데이터 소스와 비교했습니다.

    클라우드 보안 전문가들이 함께하는 웹 세미나에 참여하십시오. 김봉환, 시만텍 수석 시스템 엔지니어링 관리자가 아래와 같은 내용을 논의합니다.

    • 2019년 클라우드 보안 위협 보고서의 주요 내용
    • 보안 위협 관련 실제 사례와 클라우드 보안에 대한 인식이 갈수록 진화하는 클라우드 보안 위협에 적절하게 대응하는지 여부
    • 제로 트러스트 보안 아키텍처를 통해 갈수록 확장되는 공격 범위에 대응하고 베스트 프랙티스 구현을 지원하는 방법
  • Achieving Business Continuity in the Age of Ransomware
    Achieving Business Continuity in the Age of Ransomware
    David Shaw, Chief Science Officer at Nasuni | Anne Blanchard, Senior Director of Product Marketing at Nasuni Recorded: Aug 20 2019 13 mins
    On May 7, 2019, the city of Baltimore was hit by a ransomware attack - code named “RobinHood.” Hackers used remote encryption to lock down the city’s file servers and demanded payment of 13 bitcoin in exchange for keys to release them. The city immediately notified the FBI and took systems offline to keep the attack from spreading, but not before it impacted over 10,000 computers and multiple city departments. The cost? An estimated $4.6M in data recovery costs alone. All told, the cost to restore data, the cost of new systems that would prevent an immediate new attack, and the lost revenue totaled over $18M.

    Scenarios like this are causing many companies to reexamine their plans for disaster recovery in order to ensure business continuity, not just in the face of equipment, software, or network failures, but also in the event of a ransomware attack.

    Anne Blanchard, Senior Director of Product Marketing sat down with David Shaw, Chief Science Officer at Nasuni, to discuss the Baltimore incident, tips on how to avoid a ransomware attack, and how to dramatically decrease business downtime and cost following an attack.
  • Live Demo: Proofpoint Security Awareness Training
    Live Demo: Proofpoint Security Awareness Training
    Sean Walker, Enterprise Account Executive Recorded: Aug 20 2019 31 mins
    Engage your end users and arm them against real-world cyber attacks using personalized training based on our industry-leading threat intelligence. Instead of wasting time with one-size-fits-all content, we help you deliver the right training to the right people at the right time.
    Join us for a live demo of Proofpoint Security Awareness Training to see for yourself! 

    You'll learn how to: 
    - Assess your users’ susceptibility to phishing attacks and knowledge of cybersecurity beyond the phish
    - Deliver customized training to your end users to drive behavior change and make them a stronger last line of defense
    - Enable your employees to report suspicious messages with a single mouse click
  • Tackling the Top 5 Incident Response Challenges with SOAR
    Tackling the Top 5 Incident Response Challenges with SOAR
    John Moran, Senior Product Manager, DFLabs Recorded: Aug 20 2019 41 mins
    Incident response can feel like a constant battle, especially for those analysts who are on the front lines of the organization’s response, struggling every day to protect its resources and minimize risk from any potential security events.

    While there are some inherent challenges in incident response which will exist no matter the circumstances, it is the responsibility of security managers and executives to reduce or remove impediments to the incident response process as much as possible. Incident response will never be a frictionless process, however, there are many things we can do to minimize the impediments and provide analysts with the needed resources in order to be successful.

    Year after year, security analysts express the same challenges, across all verticals. Even though we have made many important strides in the past several years, it is clear that our current approach is not adequate to completely solve the most pressing challenges we are facing.

    Incident response analysts typically possess a high drive and passion for their chosen career. Not being given the proper tools to perform a job can be demoralizing and cause the types of analysts you really want on your team to look elsewhere for career satisfaction. With competition for skilled analysts as strong as ever, this is a real concern.

    In order to overcome these challenges, organizations today are increasingly turning to the capabilities of Security Orchestration, Automation and Response (SOAR) technology to help.

    Join this webinar to learn more in-depth about these top 5 incident response challenges and how a SOAR solution can be utilized to successfully resolve them:

    - Shortage of staffing and skills
    - Lack of budget for tools and technology
    - Poorly defined processes and owners
    - Organizational silos between IR and other groups or between data sources and tasks
    - Lack of integration with our other security and monitoring tools
  • Explore the Benefits EDR tools and Services
    Explore the Benefits EDR tools and Services
    Jon Oltsik, Sr. Analyst, ESG and Bob Shaker, Adam Glick and Steve Meckl from Symantec Recorded: Aug 20 2019 58 mins
    Plagued by sophisticated threats, increasing workloads, and an ever-expanding attack surface, security teams are turning to Endpoint Detection & Response (EDR) tools and Managed Endpoint Detection and Response (MEDR) services.

    Join ESG and Symantec as we discuss how organizations are using solutions to improve their threat detection and response efforts.

    We'll cover:

    - Trends impacting threat detection efforts

    - How organizations are using EDR and MEDR solutions

    - The benefits of using an MEDR service
  • Getting more from Azure Part 3: SQL Database
    Getting more from Azure Part 3: SQL Database
    John Noakes and James Wilson Recorded: Aug 20 2019 18 mins
    Microsoft Azure – which offers an open, flexible, enterprise-grade cloud computing platform is helping our clients do just that; helping them increase agility, do more and control costs with IaaS and PaaS.

    Whether you’ve already migrated some of your workloads or you’re considering migrating to Azure, this webinar shares best practice for operating, managing and securing SQL Database through the Azure platform.
  • Data Quality in Banking:Turning Regulatory Compliance into Business Value
    Data Quality in Banking:Turning Regulatory Compliance into Business Value
    David Burk, Financial Services Expert & Steve Shissler, Syncsort Recorded: Aug 20 2019 53 mins
    Regulatory compliance – and avoiding the stringent fines for noncompliance – is a top concern for banks around the world. Yet, the fast pace of change, and the complexity of regulations, make adhering to these mandates harder than ever. The prerequisite to comply with all these regulations is high-quality, trusted data to ensure effective governance and reporting. By adopting robust data quality practices, not only does your bank benefit by staying compliant, it also reaps the rewards of better business decisions, higher operational efficiency, better customer service and more.

    Join us with Financial Services expert David Burk for a discussion on:
    • The background for regulatory reporting and key financial regulations
    • Understanding how data quality helps institutions succeed with regulatory reporting compliance
    • How regulatory reporting improves data for other business decisions
    • How financial institutions leverage Trillium DQ to deliver quality data
  • Cyber Security Brief: Waterbug, “Smart” TVs, and BEC Scam Hits Canadian City
    Cyber Security Brief: Waterbug, “Smart” TVs, and BEC Scam Hits Canadian City
    Cyber Security Brief podcast Recorded: Aug 20 2019 24 mins
    In this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.
  • Top Security Considerations in Moving to the Cloud
    Top Security Considerations in Moving to the Cloud
    Sherif El-Nabawi, Vice President, Systems Engineering, Asia Pacific and Japan, Symantec Recorded: Aug 20 2019 30 mins
    By 2020, organisations in Asia Pacific are expected to utilise an average of 5 cloud solutions. But with 51% of these organisations storing sensitive data on public clouds and 45% feeling that the public clouds’ security features are sufficient, organisations urgently need to factor in more security considerations when moving to the cloud.

    In this webinar, Sherif El Nabawi, Vice President of Systems Engineering at Symantec Asia Pacific and Japan, discusses the top security considerations in moving to the cloud, including:

    - The risks and issues created by cloud migration
    - Symantec’s Direct to Net Secure Access Services
    - IaaS and SaaS adoption challenges and solutions
    - Why every organisation needs to establish a Cloud Center of Excellence

    Register now to watch the webinar.
  • Cloud Security: Learn How to Protect Your Cloud Users with a CASB Innovator
    Cloud Security: Learn How to Protect Your Cloud Users with a CASB Innovator
    Ryan Kalember, SVP of Cybersecurity Strategy - Proofpoint. Garrett Bekker, Principal Analyst Info Security - 451 Research. Recorded: Aug 20 2019 59 mins
    In case you missed it, we wanted to share a recent webinar about how to use a Cloud Access Security Broker (CASB) to protect your organization from next generation cloud attacks.

    Join Garrett Bekker, Principal Security Analyst at 451 Research, and Ryan Kalember, EVP of Cybersecurity at Proofpoint, for a discussion about:

    • The different CASB use cases, features and architectures
    • What the most prevalent cloud attacks are, and how they target your VAPs, or Very Attacked People
    • What to look for in a CASB solution to mitigate your cloud risks
  • Withstanding the world’s no. 1 attack vector
    Withstanding the world’s no. 1 attack vector
    Oleg Gorobets, senior global product marketing manager at Kaspersky Recorded: Aug 19 2019 66 mins
    Email offers cybercriminals an multitude of potential attack scenarios. Join our webinar to find out what to expect, and how to protect your business against the world’s no. 1 attack vector.
  • Join our webinar to learn how you can reduce 70% of your infrastructure costs
    Join our webinar to learn how you can reduce 70% of your infrastructure costs
    adam Dagnall, James Clark Recorded: Aug 16 2019 29 mins
    Register here to join our free webinar!

    By using Splunk SmartStore you can easily decouple the compute and storage layers, so you can independently scale those resources to best serve workload demands. With SmartStore, Splunk Indexers retain data only in hot buckets that contain newly indexed data. Older data resides in the warm buckets and is stored within the scalable and highly cost-effective Cloudian cluster. SmartStore manages where data is stored, moving data among indexers and the external Cloudian storage based on data age, priority and users’ access patterns. As of today, clients can immediately achieve a 70% saving on Splunk Infrastructure.
  • From Skeptics to Champions: Selling the Value of Security Awareness Training
    From Skeptics to Champions: Selling the Value of Security Awareness Training
    Dale Zabriskie, Security Awareness Training Evangelist & Joe Krock, Cyber Training and Awareness Leader Recorded: Aug 15 2019 106 mins
    The value of security awareness training may be obvious to you and other cybersecurity professionals. But in order to launch a new or more comprehensive training program, you’ll need to convince management—and your end users. To make your case for security awareness training, speaking the language of your customer is key.

    Expect tough questions: What’s wrong with what we’re doing now? What measurable goals can the security awareness training program achieve? How does the program justify the cost? Users may have concerns the value of simulated phishing tests and whether training will interfere with their work.

    Taking the time to win over doubters and skeptics can reduce obstacles—and even turn them into future champions for your security awareness training program. In this webinar, you’ll learn about:

    - Best practices for selling the value of security awareness training internally
    - Preparing a business case for your training program
    - Engaging employees through creative programming, recognition, and incentives
  • Meet The CEO: HYCU, Inc’s Simon Taylor
    Meet The CEO: HYCU, Inc’s Simon Taylor
    Storage Switzerland, HYCU Recorded: Aug 15 2019 30 mins
    Backup and Recovery is as old as the data center itself, but organizations still struggle with the process. IT professionals have tried many solutions to solve their data protection solutions, and the market is full of options, but none seem to address the core issues. Launched only two years ago, HYCU, Inc took a different approach by building backup solutions custom-built for each environment they protect.

    Join HYCU, Inc’s CEO, Simon Taylor as he sits down with Storage Switzerland Lead Analyst, George Crump to discuss HYCU’s unique approach to the fiercely competitive backup market.
  • Vendor Risk Management for 2020 and Beyond
    Vendor Risk Management for 2020 and Beyond
    Sam Abadir, Lockpath Recorded: Aug 15 2019 48 mins
    Vendors are essential to your company's success; most organizations can’t operate without them. However, vendors require a different approach to risk management.

    Outsourcing your activities does not mean you outsourced managing the risk of those activities. The public, the regulators and the courts still hold you responsible. Without a considered approach to third-party risk management, the risk management of vendors and suppliers can easily get out of your control.

    In this live webinar, Lockpath’s Sam Abadir will share what vendor risk management for 2020 and beyond looks like, including:

    • What vendor risk management encompasses

    • How your organization can gain efficiency from proper vendor risk management

    • Advantages of managing vendors on an Integrated Risk Management or Governance Risk and Compliance platform

    • Creating strategies for sustained growth in 2020 and beyond

    Find out what you need to know to manage vendor risk in 2020 and beyond by attending this educational webinar. Register now!
  • Cyber Security Brief: Tube data collected, Baltimore ransomware & BlueKeep
    Cyber Security Brief: Tube data collected, Baltimore ransomware & BlueKeep
    Cyber Security Brief podcast Recorded: Aug 15 2019 21 mins
    On this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few weeks ago. Also this week, the teen who appeared in court in Australia charged with hacking Apple, and the latest Bitcoin scams doing the rounds online.
  • Strengthen Endpoint Security with Real-time Visibility and Remediation
    Strengthen Endpoint Security with Real-time Visibility and Remediation
    Rob Barker, Product Manager, Symantec Recorded: Aug 15 2019 46 mins
    In today’s world of increasing threats, there is a greater need to reduce the latency in data collection and act quickly based on that data. Join us on August 15 for a special webinar focused on our new real-time visibility and remediation capabilities to help protect and secure endpoints.

    In this webinar, we will discuss and demonstrate how Symantec endpoint management provides:

    Real-time management
    • gain deep visibility into your organization’s endpoints and software
    • make better-informed decisions
    • take faster actions such as identifying vulnerabilities and quickly deploying the appropriate patches and updates

    Integration with Symantec Endpoint Protection (SEP)
    • quarantine endpoints that fail a compliance scan to prevent the spread of infection
    • monitor the health of the SEP agent and quickly remediate if needed

    Don’t miss this great opportunity to learn how Symantec endpoint management solutions can strengthen endpoint security and maximize user productivity.

    Register Today
  • DFLabs and SEMNet: Strengthening Security Operations with SOAR
    DFLabs and SEMNet: Strengthening Security Operations with SOAR
    Andrea Fumagalli, VP of Engineering at DFLabs and John Chai, Solution Engineer at SEMNet Aug 22 2019 7:00 am UTC 60 mins
    In the race to keep up with the increasing number and sophistication of cyberattacks, organizations need to have the capability to not only try to prevent attacks, but to also respond to them when they should occur, before they turn into more damaging security breaches.

    With security operations teams experiencing a number of common challenges and pain points, including a lack of skilled cyber security professionals, a growing volume of security alerts being received, as well as a lack of integration of existing tools in the security tool stack to name a few, organizations are recognizing the need for security orchestration and automation and response (SOAR) technology to help to overcome them.

    Partnering with DFLabs, SEMNet is able to offer its award-winning SOAR solution, IncMan SOAR to customers throughout Asia pacific, providing them with the localized knowledge, guidance and support needed to enable them to successfully implement efficient and effective security operations and incident response programs.

    During this webinar you will learn:

    - What is Security Orchestration, Automation and Response (SOAR) technology?
    - Why there is a growing need for SOAR solutions?
    - The problems SOAR technology can help you solve
    - How it helps to improve security operations and incident response programs
    - How DFLabs and SEMNet partner together to make this possible

    Plus, you will get to see IncMan SOAR live in action, discover some of its use cases and ask any questions you may have.

    Together, DFLabs and SEMNet can ensure security operations teams have the right SOAR solution in place, with standardized processes and workflows to detect, respond to and remediate security incidents in the fastest possible time frame, before significantly impacting your organization.

    Please note: Your registration information will be shared with SEMNet who may contact you in follow-up to your registration and/or attendance of this webinar.
  • Cyber Security Brief: Bug bounties, bad passwords, and Radiohead
    Cyber Security Brief: Bug bounties, bad passwords, and Radiohead
    Cyber Security Brief podcast Aug 22 2019 8:00 am UTC 21 mins
    On this week’s Cyber Security Brief podcast, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead called the bluff of a ransomware criminal.
  • Delivering an Effective Cyber Security Exercise: Enhanced Breach Response
    Delivering an Effective Cyber Security Exercise: Enhanced Breach Response
    Daniel Norman, Research Analyst, ISF Aug 22 2019 12:00 pm UTC 44 mins
    Organisations are constantly under threat with over two-thirds of them experiencing data breaches in 2018. As a result, preparedness and resiliency are paramount to protecting an organisation’s information from cyber attacks.

    Business leaders and their security teams can improve their ability to handle cyber attacks by running cyber security exercises. These exercises should help the organisation identify areas of improvement in people, process and technology, reducing the impact should a real cyber attack occur.

    In this webinar Daniel Norman, Research Analyst, ISF will share how organisations should approach running internal cyber security exercises to support breach identification, prevention and response.
  • How Gigabit Performance and Predictable Pricing are Disrupting the Wireless WAN
    How Gigabit Performance and Predictable Pricing are Disrupting the Wireless WAN
    Johna Till Johnson, Nemertes; Donna Johnson, Cradlepoint Aug 22 2019 4:00 pm UTC 45 mins
    Technology professionals tend to think of wireless WAN services as a tradeoff: Convenience at the expense of cost and performance.

    No more. 5G speeds range from 1 to 10 Gbit/s (depending on configuration), and carriers are moving towards flat-rate pricing models that encourage the use of 5G services. Coupled with technologies like SD-WAN, 5G will enable companies to deploy wireless in novel, game-changing ways.

    Tune into this webinar with Johna Till Johnson of Nemertes and Donna Johnson of Cradlepoint to find out how, and learn what it will take to put WWAN to work in your environment.

    About Nemertes — Nemertes is a global research-based advisory and consulting firm that analyzes the business value of emerging technologies. Since 2002, we have provided strategic recommendations based on data-driven operational and business metrics to help organizations deliver successful technology transformation to employees and customers. Simply put: Nemertes’ better data helps clients make better decisions.
  • How to Leverage NIST CSF
    How to Leverage NIST CSF
    Sam Abadir, Lockpath Aug 22 2019 4:00 pm UTC 60 mins
    Many organizations have difficulty leveraging information in their cybersecurity and business operations to make the right risk decisions, establish the right risk priorities and appropriately allocate budget to best achieve their risk management goals.

    Many believe that NIST CSF is another standalone methodology instead of a tool designed to help your organization understand and build a roadmap to achieve the right level of cybersecurity. Successful NIST CSF programs help integrate, message and prioritize cybersecurity efforts not only within IT but across the entire business.

    In this live webinar, Lockpath’s Sam Abadir will share what implementing a NIST CSF solution entails, including:

    • Framework support
    • Budget expectations vs. reality
    • Correctly assessing an organization’s needs to implement NIST CSF
    • Proper management and management skills
    • Prioritizing cybersecurity within an organization

    Find out what you need to know to implement a NIST CSF solution by attending this educational webinar. Register now!
  • How to Design an Adaptable, Flexible and Compliant Social Selling Program
    How to Design an Adaptable, Flexible and Compliant Social Selling Program
    Roman Tobe, Product Marketing Manager Proofpoint & Jeremy Goldstein, Sr. Solutions Consultant Hootsuite Aug 22 2019 5:00 pm UTC 60 mins
    Social media presents a big opportunity to develop relationships with clients and prospects. But the myriad regulations around it can be hard to interpret. It’s easy for advisers to wind up non-compliant or feel stifled and avoid the channel altogether.

    If you’re like your peers, you may wonder how to create a great experience for clients and advisers while staying compliant. Adding to the challenge, regulations are evolving as regulators and firms continue to observe the nuances of social. So the question is how do you design a social selling program that’s compliant, flexible and adaptable?

    Join Hootsuite and Proofpoint as our experts share:

    - How top firms balance compliance with their adviser experience
    - What experts believe is in store for social selling and compliance in the future
    - How Hootsuite and Proofpoint provide a solution that enables advisers and protects firms
  • Breach Detection and Response:Establishing Incident Response Processes and Plans
    Breach Detection and Response:Establishing Incident Response Processes and Plans
    Josh Rickard, Security Research Engineer, Rebekah Wilke, SOAR Advocate, at Swimlane Aug 22 2019 5:00 pm UTC 45 mins
    Many organizations lack adequate personnel, processes, procedures and technologies to detect breaches in real time. They have an even harder time responding promptly and accurately.

    In this webcast, Swimlane Research Engineer Josh Rickard and SOAR Advocate Rebekah Wilke will discuss the importance of establishing sufficient incident response processes and clear guidelines surrounding incident response plans.

    The two security orchestration, automation and response (SOAR) experts will outline how formulating, implementing and maintaining an up-to-date, robust breach detection and incident response plan will:

    - Reduce mean time to detection (MTTD) and mean time to resolution (MTTR).
    - Ease analyst burnout, enabling retention.
    - Allow analysts the opportunity to focus on anomalous behavior that could have a larger impact on the business.
    - Expedite disaster recovery for reduced security risk.
  • Case Study: Real-World Breach Response
    Case Study: Real-World Breach Response
    Brian DiPaolo, Chief Technology Officer; Mark Holdsworth, Managed Services Practice Manager Aug 22 2019 7:00 pm UTC 60 mins
    Accudata’s customer, a large ecommerce services provider, detected malware in an email sent to customers. However, their IT team discovered the malware was just the tip of the iceberg and began to dig deeper. Realizing the scope and magnitude of the breach, Accudata’s security and managed service teams were brought in to mitigate the attack and quickly began the remediation process.

    In this 60-minute presentation, Chief Technology Officer Brian DiPaolo and Managed Services Practice Manager Mark Holdsworth detail the challenges of identifying and eliminating an active attacker in order to bring the business back online.
  • Join our webinar to learn how you can reduce 70% of your infrastructure costs
    Join our webinar to learn how you can reduce 70% of your infrastructure costs
    Adam Dagnall, James Clark Aug 23 2019 10:00 am UTC 60 mins
    By using Splunk SmartStore it let’s you decouple the compute and storage layers, so you can independently scale those resources to best serve workload demands. With SmartStore, Splunk Indexers retain data only in hot buckets that contain newly indexed data. Older data resides in the warm buckets and is stored within the scalable and highly cost-effective Cloudian cluster. SmartStore manages where data is stored, moving data among indexers and the external Cloudian storage based on data age, priority and users’ access patterns. As of today, clients can immediately achieve a 70% saving on Splunk Infrastructure.

    Cloudian is Part of the Splunk Technology Alliance Program
  • Cyber Security Brief: Twitterbots, ransomware retirements, and email mishaps
    Cyber Security Brief: Twitterbots, ransomware retirements, and email mishaps
    Cyber Security Brief podcast Aug 27 2019 8:00 am UTC 19 mins
    On this week’s Cyber Security Brief podcast, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.
  • Fibre Channel and Security
    Fibre Channel and Security
    Nishant Lodha, Marvell; Brandon Hoff, Broadcom; J Metz, Cisco Aug 27 2019 5:00 pm UTC 75 mins
    Fibre Channel has long been known to be a very secure protocol for storage. Even so, there is no such thing as a “perfectly secure” technology, and for that reason it’s important to constantly update and protect against threats.

    The sheer variety of environments in which Fibre Channel fabrics are deployed makes it very difficult to simply rely only on physical security. In fact, it’s possible to access different storage systems by different users, even when spanned over several sites. Fibre Channel enables security services to specifically address these concerns, and prevent misconfigurations or access to data by non-authorized people and machines.

    This webcast is going to dive deep into the guts of security aspects of Fibre Channel, looking closely at the protocols used to implement security in a Fibre Channel fabric. In particular, we’re going to look at:

    •The definitions of the protocols to authenticate Fibre Channel devices
    •What are the different classes of threats, and what are the mechanisms to protect against them
    •What are session keys and how to set them up
    •How Fibre Channel negotiates these parameters to insure frame-by-frame integrity and confidentiality
    •How Fibre Channel establishes and distributes policies across a fabric

    Please join us to learn more about the technical considerations that Fibre Channel brings to the table to secure and protect your data and information.
  • Building a Culture of Security within Healthcare Organizations
    Building a Culture of Security within Healthcare Organizations
    Gretel Egan, Security Awareness Training Strategist, and Ryan Witt, Managing Director Healthcare Industry Practice Aug 27 2019 5:00 pm UTC 59 mins
    Are you taking a patient-centric approach to cybersecurity? As a patient yourself, you no doubt care about the quality of your care... but you also want your personal data and medical history to remain private. Patient care is about more than caring for the body and mind. It’s also about data security.

    In this webinar, we will discuss the importance of visibility and agility when it comes to identifying end-user vulnerabilities, and how healthcare organizations can efficiently implement security awareness training and build a culture that prioritizes data, device, and patient security.

    Join us to learn:

    - What we mean by a “patient-centric” cybersecurity mindset
    - How to overcome common training obstacles and deliver the most effective cybersecurity education program
    - How to understand the current state of healthcare cybersecurity and the challenges faced by the industry
  • Transforming Employee Experience with Intelligence
    Transforming Employee Experience with Intelligence
    Jane Foreman, Citrix and Laura Kaminski, Citrix Aug 27 2019 6:00 pm UTC 34 mins
    With app and data sprawl at an all-time high, the way we work has never been more convoluted. The complexity that most modern workers experience, demands advances in technology to group and filter workflows—enabling increased productivity without switching apps and devices.

    Citrix recently unveiled new Citrix Workspace intelligence features, incorporating feedback from customers, to address the core challenges in today’s evolving workspace. Watch this webinar to discover how Citrix Workspace is organizing work for employees and enhancing their productivity by:
    •Eliminating frequent switches across apps to increase focus
    •Delivering one universal search across your entire workspace
    •Prioritizing notification feeds and using machine learning to automate tasks
  • Webinar: Accelerating the Digital Transformation: Why Security Policy Management
    Webinar: Accelerating the Digital Transformation: Why Security Policy Management
    Colby Dyess, Director Cloud Marketing, Tufin Aug 28 2019 3:00 pm UTC 60 mins
    Public cloud providers have built some of the secure environments in modern history, yet It seems every week another security breach makes headline news. Upon inspection it is revealed that most breaches are due to misconfigurations by end-users, not the providers. So why does this keep happening and what can be done to avoid being next week’s headline?

    This session describes why organizations struggle with cloud-native security, and how security policy automation address those challenges. Audience members will learn how Tufin cloud solutions help users gain visibility into their cloud security posture, establish Zero Trust security model and improved compliance across hybrid and multi-cloud environments.
  • What the Symantec Acquisition Means for Your Email Security Future
    What the Symantec Acquisition Means for Your Email Security Future
    Ryan Kalember, EVP of Cybersecurity Strategy for Proofpoint Aug 28 2019 4:30 pm UTC 60 mins
    It’s official – the Symantec Enterprise Security business is being sold to Broadcom. You may be concerned about what this acquisition means for your Symantec email security solution. Legacy solutions are not able to keep up with today’s threat landscape and acquisitions create uncertainty. In this unpredictable time, it’s important that you have a solution for email security that is keeping up with the evolving threats.

    As a market leader in email security, Proofpoint can provide confidence in your email security future. Join us for an informational webinar to learn:

    - How the email threat landscape has changed with attackers evading legacy approaches
    - How leaders like Proofpoint have innovated to keep up
    - How we have helped customers migrate from legacy products to Proofpoint
  • Cognitions of a Cybercriminal: Get Visibility into Adversary Behavior
    Cognitions of a Cybercriminal: Get Visibility into Adversary Behavior
    Tom Kellermann, Chief Cybersecurity Officer, Carbon Black. Rick McElroy, Security Strategist, Carbon Black. Aug 29 2019 3:00 am UTC 60 mins
    With the rising volume of cyberattacks, and the increase in non-malware techniques, CISOs need to evolve their defenses. This means obtaining better visibility into cybercriminal and better visibility into their environment. The place to start is with a clear understanding of how today’s cybercriminals think as they execute a cyberattack on a targeted organization.

    This webinar is based on findings from Carbon Black’s behavioral data and provides CISOs with an added layer of information to enhance Kill Chain and ATT&CK strategies for threat hunting.

    Register for this webinar to gain:

    - An understanding of how cybercrime has evolved in the past 2 years.
    - Profiles and motivations of today’s cybercriminals.
    - A breakdown of cybercriminal behavior presented in 3 clear phases.
    - Data and analogies to help you explain the threat to executives.
    - Specific actions to take to accordingly reevaluate your security posture.
  • Next Generation Security Operations: Symantec Threat Intelligence
    Next Generation Security Operations: Symantec Threat Intelligence
    Peter Sparkes, Senior Director, Cyber Security Services, Asia Pacific and Japan, Symantec Aug 29 2019 5:00 am UTC 37 mins
    Preparing for the threats of tomorrow will require faster, deeper integration of technology, process, intelligence and warriors. However, making so many moving components work seamlessly together can be a challenge.

    Join Peter Sparkes, Symantec’s Senior Director of Cyber Security Services for Asia Pacific and Japan, in this webinar as he discusses the OODA Loop Strategy:

    - Observe: Expanding detection and extending coverage across the ecosystem
    - Orientate: Utilising threat intelligence with planning, process and playbooks
    - Decide: Empowering the analyst and the impact on business
    - Act: Proactive defense through managed endpoints detection and response and orchestration

    Register now to watch the webinar.
  • Cyber Security Brief: GDPR Special: The Impact of the Regulation One Year On
    Cyber Security Brief: GDPR Special: The Impact of the Regulation One Year On
    Cyber Security Brief podcast Aug 29 2019 8:00 am UTC 25 mins
    In this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are likely to face companies in the future.
  • Come Definire le Zone della rete
    Come Definire le Zone della rete
    Flavio Di Cosmo, Sales Engineer SEMEA Aug 29 2019 10:00 am UTC 45 mins
    La definizione delle zone è un elemento cruciale per ottenere la segmentazione della rete e attuare un approccio Zero Trust, ma raramente si tratta di un processo semplice. Alcuni hanno difficoltà a capire da dove iniziare, altri trascurano la gestione costante delle zone, mentre ancora più aziende operano una segmentazione eccessiva, rendendo la propria rete ingestibile. La buona notizia è che gli errori degli altri si possono evitare.

    Unitevi a noi il 29 agosto per scoprire in che modo le organizzazioni creano zone nella propria rete e le mantengono con successo. La sessione vi aiuterà a evitare le trappole e a utilizzare strategie collaudate basate sugli insegnamenti tratti dalla segmentazione di alcune delle reti aziendali più grandi e complesse del mondo.

    Iscrivetevi ora per ricevere indicazioni pratiche su come definire zone di rete efficaci che vi permetteranno di segmentare la vostra rete con successo.
  • Comment définir les zones réseau ?
    Comment définir les zones réseau ?
    Anthony Le Pipe, Sales Engineer WEMEA Aug 29 2019 11:00 am UTC 45 mins
    Définir des zones est un élément essentiel qui permet de segmenter le réseau et de parvenir au « Zéro trust », mais il s’agit, très rarement, d’un processus simple. Certains ont du mal à savoir par où commencer, d’autres négligent la gestion continue des zones, tandis que d’autres encore segmentent leur réseau plus qu’il n’en faut, le rendant impossible à gérer. La bonne nouvelle est que vous pouvez éviter de reproduire les erreurs des autres.

    Rejoignez-nous le 29 août pour mieux comprendre comment les entreprises réussissent à établir et à maintenir des zones réseau. Cette session vous aidera à éviter les pièges et à utiliser des stratégies éprouvées qui reposent sur des leçons tirées de la segmentation de certains des réseaux d’entreprise les plus grands et les plus complexes au monde.

    Inscrivez-vous dès maintenant pour obtenir des conseils pratiques sur la détermination de zones réseau efficaces qui vous permettront d’obtenir une segmentation réussie du réseau.
  • Incident Response service: Numbers, challenges and tactics
    Incident Response service: Numbers, challenges and tactics
    Ayman Shaaban, Digital Forensics and Response Manager of Kaspersky Global Emergency Response Team Aug 29 2019 1:00 pm UTC 75 mins
    Incident Response service: Numbers, challenges and tactics

    Kaspersky’s Incident Response Team faces daily challenges as it handles information security incidents as a third-party service provider, constantly using its experience and expertise to offer complete analysis and quick recovery successfully. To completely eliminate threats, the team covers the entire incident investigation cycle, getting involved in containment, digital forensics investigation and malware analysis, as well as helping to improve security processes after incidents.

    In this talk, Digital Forensics and Incident Response Manager of Kaspersky Global Emergency Response Team (GERT), Ayman Shaaban, will share his knowledge of the latest incident trends based on his day-to-day experiences. He will also present statistical analysis of recent incidents aimed at financial organizations, government agencies, industrial bodies and more.
    This webinar session will discuss:
    •The GERT team and IR services
    •The most frequent reasons our incident response service was requested
    •Attack vectors
    •How different types of attack effect different types of businesses
    •Attack scenarios and the details of some of the most noteworthy cases
    •What can help in reducing the risk of getting compromised
  • Introducing Red Cloak™ Threat Detection & Response
    Introducing Red Cloak™ Threat Detection & Response
    John H. Collins, CISSP - Director, Solution Engineering SaaS Security Applications Aug 29 2019 1:00 pm UTC 58 mins
    For more than 20 years, you’ve known the world-leading threat intelligence and industry-recognised services from Secureworks. Now, it’s time you know Red Cloak Threat Detection and Response, and hear directly from our experts.

    Red Cloak Threat Detection and Response is a cloud-based security analytics application that transforms the way your security team detects, investigates and responds to threats across your endpoints, network and cloud. Built by a team of data scientists and engineers with experience solving big data cybersecurity challenges for intelligence agencies, Red Cloak TDR enables you to detect advanced threats, trust your alerts, streamline and collaborate on investigations and automate the right action.

    What You Will Learn:

    - What is Red Cloak TDR?
    - The benefits of TDR in advanced threat detection
    - How TDR helps to improve investigation to enable organisations to take the right action.
  • How to Define Network Zones
    How to Define Network Zones
    Jonathan Campbell - Sales Engineer, NEMEA Aug 29 2019 1:30 pm UTC 45 mins
    Defining zones is a critical part of network segmentation and achieving Zero Trust, but it’s very rarely a simple process. Some struggle to identify where to start, others neglect the ongoing management of zones, while still more over-segment their network into a state of unmanageability. The good news is that you can avoid the mistakes of others.

    Join us on August 29th to gain insight into how organisations successfully establish and maintain network zones. The session will help you avoid pitfalls and utilise proven strategies based on lessons learned from segmenting some of the largest and most complex enterprise networks in the world.

    Register now to get practical guidance on defining effective network zones that will ensure your success in network segmentation.
  • Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation
    Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation
    Jacqueline O'Leary,Principal Analyst; Raymond Leong, Principal Threat Analyst; Dan Perez, Principal Threat Analyst Aug 29 2019 3:00 pm UTC 60 mins
    Defending the frontlines of cybersecurity is a never-ending battle, with new advanced persistent threat (APT) groups lurking to steal data, compromise infrastructure, and interfere with victim business operations. FireEye’s newly named threat group, APT41 is no exception. Their aggressive and consistent mode of operation, and highly sophisticated tactics, distinguishes them from other adversaries making them a double threat to contend with.

    APT41 uniquely balances espionage activity concurrently with financially motivated activity driven by personal gain. Since 2012 FireEye has observed APT41 conduct in a wide range of operations including data theft, innovative supply-chain attacks, and the use of unique tools and targeting techniques.

    Join this webinar to hear FireEye Threat Intelligence experts, Jacqueline O’Leary, Raymond Leong and Dan Perez, provide:

    •Insights into attribution and shared tactics between espionage and financially motivated operations
    •Supply chain compromises attributed to APT41 activity
    •Unique malware capabilities and techniques
    •Details on connections to identified personas
  • Resolving IT Security Incidents Faster & More Predictably w/ Smart Orchestration
    Resolving IT Security Incidents Faster & More Predictably w/ Smart Orchestration
    Hugh Pyle, Product Manager, IBM Resilient and Diptesh Shah, Director Product Management, Everbridge Aug 29 2019 3:00 pm UTC 60 mins
    Security Operation Centers (SOCs) today are complex environments with a growing volume of attacks, a persistent skill shortage, and a complex regulatory landscape that requires more stakeholders to be involved in the incident response process. Because of this, SOCs constantly struggle to respond rapidly and consistently to the most urgent incidents. The integration between Everbridge IT Alerting and IBM Resilient helps SOCs overcome these challenges and achieve consistent, predictable, and faster response & resolution to complex cyberattacks.

    Join experts Hugh Pyle, Product Manager, IBM Resilient and Diptesh Shah, Director of Product Management, Everbridge IT Alerting for this webinar to learn:
    *How the IBM Resilient-Everbridge IT Alerting integration works within your SOC to streamline coordination and communication during security incident response
    *Strategies to implement Smart Orchestration and automation in your incident response process to engage the right people at the right time to quickly resolve incidents and keep stakeholders informed
    *Actions that can be taken today for maximizing the effectiveness of your SOC and incident response process