Hi [[ session.user.profile.firstName ]]

Governance, Risk, and Compliance

  • Date
  • Rating
  • Views
  • Inherent risks in web, mobile and cloud applications are keeping security practitioners up at night, according to the 2015 SANS survey on application security.

    In this webcast, learn about the growing threats against applications, why applications are so risky, why you need to include application security in your enterprise security program, and how to get started.

    Attend this webcast and be among the first to receive the associated whitepaper written by SANS Dean of Research, Johannes B. Ullrich, Ph.D.
  • We all know that security gaps are widening due to technology shifts and advanced threats. Whether you are in finance, energy, tech, or manufacturing, the infosec challenges are much the same.

    Chart Industries — a global manufacturer with 5,000 employees and 45 locations — was facing a huge volume of malicious activity every day resulting in excessive break-fix work for their small security team. They had thousands of unmanaged mobile and guest devices connecting to their networks. And neither web proxies nor endpoint security could fully protect them. They needed a new layer of malware and breach protection. But it also had to be a painless deployment and it needed to be a transparent experience for their employees and guests.

    Hear directly from Jack Nichelson, Chart’s Director of IT Infrastructure and Security to learn:
    -Why they use a layered approach to security and how OpenDNS complements their security stack
    -How long it took to deploy OpenDNS Umbrella globally
    -How his security analyst, Kevin Merolla, quickly responds to incidents or false positives using OpenDNS Investigate
  • Levi Strauss & Co., one of the world’s largest brand name apparel companies and a global leader in jeanswear, enhances its security with threat intelligence to better protect its worldwide operations — including its online and physical stores.

    Listen to Harris D. Schwartz, Head of Global Cyber Security at Levi Strauss & Co., explain how Levi Strauss applies real-time threat intelligence to monitor the most critical risks, direct threats, and emerging trends that could impact the organization. Schwartz explains how threat intelligence is used for:

    * Real-time alerts on direct cyber threats made on the deep and dark Web including hacker forums.
    * Monitoring threats against IT infrastructure, domain, or IPs (CIDR).
    * Notifications about breached/exposed credentials.
    * Warnings about exploits/attacks/threats/breaches related to suppliers, industry peers, and vendors.
    * Creating a daily email digest of top trending and emerging observables: TTPs, including malicious IPs, CVEs, hackers, and more.

    Levi Strauss & Co. products are sold in more than 110 countries worldwide through a combination of chain retailers, department stores, online sites, and a global footprint of approximately 2,700 retail stores and shop-in-shops.


    Harris D. Schwartz is a global security, risk and investigations professional, with over 20 years of private sector experience; experience in the design, development and implementation of comprehensive security, investigations and threat intelligence strategies in a variety of business climates and organization cultures. Schwartz has developed security and risk programs for a variety of business sectors, designing comprehensive threat mitigation solutions, coordination and managing and mentoring of direct reports and multiple departments.
  • Cloud Cybersecurity Lessons From 1B Files and 10M Users

    Did you know that only 5% of all organizations actively care to protect user credentials in the cloud? Or that 1% of users in Financial Services represent 99% of exposure risk?

    Our cyberlab data scientists gathered data from 1B files and 10M users to compile a fascinating cybersecurity report outlining The Riskiest Industries in the Cloud.

    Join this webinar to see where your organization stands against your peers and competitors.
  • Powerful technologies from the core to the edge are enabling new insights and transforming value creation. But these opportunities create new risks and urgently beg for innovative approaches to securing our most precious information. Learn how a new architecture of cloud security expertise, endpoints and apps will enable high-confidence computing and deliver security and privacy anywhere, anytime.
  • You can't have a discussion on the next generation of information security without talking about securing the cloud. The “move to the cloud” has long been considered a key initiative by organizations worldwide. With this move, there’s a level of increased risk that enterprises must address. What’s different is using cloud services requires abdicating some control over how systems and data are being protected. We begin this discussion on this footing.

    Join Scott Hogrefe, VP of Market Data for Netskope, who will lead this discussion about what security professionals need to know about:

    - Their cloud risk
    - How to quantify it for their corporate leadership and board of directors
    - How to convey it in the context of their overall cloud strategy
    - 6 steps to take right now to address cloud security risk
  • Privileged access is a game of managing risk, and breaches leveraging privileged access exploits will solidify as the ‘attack of choice’ this year. Privileged account credentials with connections to valuable systems give hackers access to critical systems without triggering any alarms, making those people and roles the ideal target for hackers. It’s no wonder that we’ve seen this particular attack vector utilized time and time again, and beyond that, outside third-parties and vendors with privileged access are particularly juicy targets because they often use legacy access methods like tunneling that create unrestricted and unmonitored attack footholds on a network.

    Effectively controlling and monitoring privileged access is central to an effective defense in depth strategy. This webinar will offer insight into how to mitigate cybercrime risks and create a winning network protection strategy.
  • Join us Tuesday, Jan. 19, to see how ThreatSecure Network, which detects advanced threats and anomalous network behavior to disrupt cyberattacks, integrates with Tenable’s SecurityCenter and Log Correlation Engine (LCE) to streamline threat and risk detection capabilities for your organization.
    Learn how this integration will enable teams to:

    ·Decrease the time of incident detection and reporting

    ·Analyze data and make informed decisions on threat severity via a single interface

    ·Demonstrate and determine the impact of malware across the network

    ·Recognize and respond to post-threat detection changes on critical assets

    Discover how to empower your team with enhanced continuous monitoring, compliance, vulnerability and advanced threat detection, and maximize your Tenable SecurityCenter and LCE investments.
  • Heather Hinton, CTO for IBM Security and Compliance Architecture & Innovation, Sesh Murthy, Cloud Raxak CTO, and Raghuram Yeluri, Intel Security Architect, will discuss how to secure applications across the hybrid cloud through automated compliance. Automated security compliance can reduce cloud security costs up to 50% while also reducing the risk of a security breach. They will discuss the best ways to leverage cloud computing, while staying compliant with the security requirements of regulated industries including financial services, retail, healthcare, and more.

    The Hybrid cloud is being embraced by a majority of enterprises of all sizes. A recent survey shows that 74% of enterprises have a hybrid cloud strategy, and 94% of enterprises are using some form of XaaS--software, platform, and infrastructure as a service.

    The challenge in moving workloads to the Cloud, has been the cost and complexity of ensuring initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical to maintaining positive ROI.

    Raxak Protect is an automated security compliance SaaS platform and managed service, that enables cloud apps to be deployed securely, quickly, cost-effectively, and without human error, across both private and public clouds.

    In this webinar, IBM and Cloud Raxak will describe how:

    1. To secure IBM dedicated and shared hybrid cloud solutions using Raxak Protect automated compliance.

    2. To deliver audit-ready evidence of security compliance for any workload including regulated workloads in finance (FFIEC), healthcare (HIPAA) and Retail (PCI).

    3. Raxak Protect leverages hardware features like Intel Cloud Integrity Technology to create an immutable root of trust for assured compliance.

    Reserve your seat today!
  • Due to the ever-changing nature of the Crypto* family and other ransomware, the sad truth is that no vendor can guarantee 100% protection. But, between advanced defenses with heuristic detection and a solid cybersecurity best practices strategy, it is possible to protect your business and data from these insidious threats.

    This webinar will examine:
    » How ransomware is developed, and who the newest players are
    » Why ransomware is so good at getting around the usual defenses
    » Your best chance at beating the threat (and minimizing the impact in the case that you don’t)

Embed in website or blog