Browse communities
Browse communities
Presenting a webinar?

Top 10 Emerging IT Audit Issues

Michael Juergens; Deloitte & Touche LLP, Principal
Compliance requirements and resource constraints have focused IT audit procedures on the bare essentials of IT controls. And yet, at the same time, technology and the current economic climate are introducing new IT risks that IT auditors should be aware of. In this presentation, we will cover the top 10 emerging IT issues that IT auditors should be aware of. In addition, we will cover the key risk areas for each issue, and provide practical recommendations for how IT auditors should deal with these risks.
Sep 29 2009
49 mins
Top 10 Emerging IT Audit Issues
Join us for this summit:
  • Live and recorded (2050)
  • Upcoming (67)
  • Date
  • Rating
  • Views
  • L’ambiente dei tuoi clienti è sempre più complesso, Backup Exec 15 permette loro di esguire backup e recovery in modo semplice ed efficace, sempre e ovunque.
    Segui questo webinar e scopri come Backup Exec 15 può semplificare e rispondere alle esigenze delle diverse infrastrutture.
  • If your organization is reliant on a rapidly aging version of SQL Server, you need to join SQL Server experts Michael McCracken from HOSTING and Rodney Landrum, a Microsoft SQL Server MVP, from Ntirety for this in-depth discussion of the hows, whys and whats of upgrading from Microsoft SQL Server 200X to SQL Server 2014. The interactive webinar will cover:
    •The benefits of upgrading
    •Considerations to understand
    •How to smooth the transition
    •Q & A
  • The Fastest, Easiest Way to Backup and Store Data—so You Can Do More Important Things

    Are you still spending too much time backing up and storing data rather than using that information to drive business innovation? If so, it just might be time to consider an all-in-one backup target appliance (BTA).

    Join us as Seagate appliance experts Anne Haggar and Samuel Nagalingam will help you answer these important questions:

    1. Why are backup target appliances gaining steam in the market?
    2. How do you know if a BTA is right for you?
    3. How can Seagate’s BTA solve the problems you have managing your information and backing up enterprise applications?

    After taking a high-level look at the latest trends in BTA technology, Anne and Samuel will introduce you to the powerful, all-new Seagate Backup Target Appliance—an all-in-one solution that provides an onsite backup point for your most important information, let’s you optionally run the EVault Director Backup and Recovery Software, and allows you to replicate to another BTA or to the cloud.

    Find out how you can protect the information that matters most—wherever it resides—freeing you to use the information to drive innovation.
  • Software defined architectures are all the buzz, helping to start conversations about transforming customer data centers from cost centers into competitive advantages. But in today’s economy, no business can afford to stand still. And a business is only as agile as its IT organization allows. An agile data center and IT department can:

    •Protect the infrastructure and easily recover if faults are found or predicted
    •Control access to data while meeting compliance and regulatory requirements
    •Deliver services quickly, resiliently, and cost-effectively

    Join us on at 10am GMT on 16th April 2015 and learn how Symantec’s view of the “Agile Data Center” covers delivering the right resources in the right way to the users. Whilst bringing a broader view on how you can introduce critical solutions and new revenues around disruptive customer events.
  • For years ClearCase was the standard for enterprise SCM. If you had a large number of developers and lots of projects ClearCase was a great choice, while ClearCase MultiSite provided basic support for distributed teams. Now industry trends are converging toward a new generation of development tools and processes. Today, continuous delivery brings agile development and DevOps together, promising much shorter development cycles and higher quality.

    Learn how moving from ClearCase to Subversion can improve your development processes and significantly reduce deployment cost and complexity. You'll also learn practical ClearCase to Subversion migration techniques.

    Topics Covered:
    • Differences and similarities between Subversion and ClearCase
    • How to merge in Subversion
    • Continuous delivery using Subversion: bringing agile and DevOps together for faster delivery and higher quality
    • ClearCase vs. Subversion in a distributed development environment
    • Migrating from ClearCase to Subversion
  • File sync has become commonplace in business environments, due in large part to the technology’s ease of use. But despite the potential for file sync to address many of today’s common business challenges, most file sync deployments aren’t used beyond basic file sharing.

    In this BrightTALK exclusive webinar, eFolder explores five unique file sync and share deployments and shares how real organizations such as yours are deploying business-grade file sync solutions to dramatically improve employee productivity and transform their businesses.
  • How can you migrate critical data, applications and servers without the risk of downtime and decreased productivity in the business? This short video shows how you can solve this dilemma - migrating 10s to 1000s of servers with a platform independent solution.
  • Join Ntirety, a division of HOSTING and the leading data services organization in the country, in this discussion of the impact that database administration can have on individuals, organizations and — most importantly — bottom line revenue. This interactive webinar will cover:
    •DBA Burnout and Retention
    •The DBA’s Role in Major Platform Shifts and Regulatory Compliance
    •The Accidental DBA Due to Staff and Skills Shortages
    •The “Half a DBA” Problem -- When You Don’t Need a Full-time DBA
    •The IT Budget Crunch
    •Q & A
  • More than 75% of organizations in the U.S. and U.K. have experienced at least one DNS attack according to SC Magazine. DNS Attacks are increasing in frequency and evolving constantly. They range from common amplification, reflection, and flood attacks to more sophisticated and stealthier types. These might have fancy names like random subdomain, phantom domain, and domain lock-up, but their effects on DNS are far from pretty. Join this webinar as we reveal the top 10 attacks on external and internal DNS servers; and the impact they have on your operations.
  • GitLab provides streamlined social coding and collaboration for Git development teams. But under the hood it's a powerful enterprise Git management platform. In this webinar we'll present best practices for managing permissions and users with LDAP and Active Directory, working with large binary files, code reviews and workflows, and clustering and replication. From security to performance and disaster recovery planning, this webinar will guide you to a rock-solid GitLab deployment.
  • Channel
  • Channel profile
  • DDoS Attacks: More Dangerous to You; Never Easier to Launch Apr 21 2015 5:00 pm UTC 45 mins
    Christina Richmond, Program Director, IDC and Joe Loveless, Product Marketing, Neustar
    If your organization cannot afford downtime from DDoS attacks, join this timely discussion from Neustar, with special guest perspective from IDC’s Christina Richmond. Explore the complexity and purpose behind today’s attacks and what you can do to defend your Internet presence. You will learn:

    · What the DDoS threat environment looks like today
    · Why “smokescreening” is a particular danger
    · Where attacks can have impact across your organization
    · How you can take steps to thwart DDoS threats
  • Leveraging Risk, Physical and Cyber Security and Continuity Planning Apr 21 2015 4:00 pm UTC 45 mins
    Eric Kretz, Director, Continuity of Operations (COOP) Division, National Continuity Programs (NCP)
    Generally, risks associated with continuity planning, from physical to cyber-security, are part of an ever-evolving threat to our systems and technologies. Continuity planning is simply the good business practice of ensuring the execution of essential functions through all circumstances, and it is a fundamental responsibility of public institutions and private entities responsible to their stakeholders. What are some of the risks associated with continuity planning? Why is managing risk important for continuity? What are some of the methods used to mitigate risks in continuity planning?

    The COOP presentation will provide an understanding of Continuity and Continuity of Operations, explain the importance of a viable Continuity capability, and emphasize the need for a viable Continuity capability in all organizations, to demonstrate some of the linkages between continuity programs and:

    • Risk Management
    • Physical Security
    • Emergency Management
    • Cyber Security/ Information Technology

    Join us on April 21 as NCP’s senior continuity practitioner shares resilient continuity programs and outreach efforts. Hear from Eric Kretz, NCP, as he talks about Information Integration: Leveraging Risk, Physical and Cyber Security and Continuity Planning.
  • SIEM Detection & Response Cases Apr 21 2015 3:00 pm UTC 30 mins
    Tom Clare, Director, Arctic Wolf
    Before tackling a SIEM project to improve detection and response, learn from these case studies as their scenario likely matches yours. To firebreak your network brings together technologies, processes and people in the right balance across four phases. More than a security point solution or another box, you need to turn craft into a discipline to improve detection and response.

    Learn from your peers about the following:
    - Before environment and issues
    - Transition effort, cost and impact
    - After environment and benefits
    - Best practices for managed SIEM
    - Your network and next steps
  • Webroot’s 2014 Threat Brief Preview Recorded: Apr 16 2015 38 mins
    Grayson Milbourne, Security Intelligence Director
    This presentation provides an overview of the threats against a wide range of organizations and individuals during 2014. This overview is based on research and analysis conducted by the Webroot Threat Research team. The report includes analysis of IP addresses associated with malicious activity, details on the reputation of URLs by category and location, phishing detection statistics, insights into file reputation and encounter rates with malware and PUAs and information on mobile app security for Android devices. All data presented comes from Webroot’s Intelligence Network and was observed during 2014.
  • Next-Generation Security for Amazon Web Services Recorded: Apr 16 2015 37 mins
    Matt Keil, Product Marketing, Palo Alto Networks
    Public cloud computing resources such as Amazon Web Services (AWS) are helping organizations like yours develop and deploy new applications rapidly; expand into geographic regions seamlessly and extend competitive advantages. Cyber criminals are well aware of the rapid expansion into the public cloud and are looking for weaknesses in your security posture. Don’t let them find one. The VM-Series for AWS, allows you to securely extend your corporate datacenter into AWS, using our next-generation firewall and advanced features to protect your data while native management features ensures policies keep pace with the changing to your applications.

    In this webinar, attendees will learn:
    - Common customer use cases for AWS
    - Key security challenges and considerations
    - How the VM-Series can protect your AWS environments
  • Improve Threat Detection with OSSEC and AlienVault USM Recorded: Apr 15 2015 60 mins
    Garrett Gross, Sr. Technical Product Marketing Manager, Bjorn Hovd, Systems Engineer
    Host-based IDS systems, or HIDS, work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM features a complete integration of OSSEC, one of the most popular and effective open source HIDS tools.

    In this live webinar, we'll show you how USM helps you get more out of OSSEC with:
    Remote agent deployment, configuration and management
    Behavioral monitoring of OSSEC clients
    Logging and reporting for PCI compliance
    Data correlation with IP reputation data, vulnerability scans and more
    We'll finish up by showing a demo of how OSSEC alert correlation can be used to detect brute force attacks with USM
  • Surfacing Critical Cyber Threats Through Security Intelligence Recorded: Apr 15 2015 62 mins
    Dr. Sameer Bhalotra, Former White House Director; Chris Petersen, CTO; Robert F. Lentz, Former CISO for the Dept of Defense
    The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether.

    In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats.

    Learn about:
    • Emerging cyber threat vectors in 2015.
    • Security Intelligence and the critical role it plays in addressing high-impact threats
    • Using the SIMM to assess your current Security Intelligence Maturity
    • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management
  • The Dark Side of Anonymizers: Protect Your Network from the Unknown Recorded: Apr 14 2015 44 mins
    Joanna Burkey, DVLabs Manager, HP TippingPoint
    While anonymizers can serve a positive purpose by protecting a user’s personal information by hiding their computer’s identifying information, their use in your network environment can be dangerous. Anonymizers can evade enterprise security devices, and their misuse can make your organization susceptible to malware and unwanted intrusions. Attend this session to learn how you can detect and block elusive anonymizers from wreaking havoc on your network.
  • Visualize Data for Actionable Insight into Your B2B Processes Recorded: Apr 12 2015 2 mins
    OpenText DEMO
    An overview of how businesses can gain visibility into B2B transactions to speed decision-making, respond to changing customer and market demands, and optimize business processes.
  • Discover how to simplify your LMS Experience -LearnFlex SimplifyDPS Recorded: Apr 12 2015 47 mins
    Joel Kristensen, Solutions Consultant, OpenText
    LearnFlex Learning Management Solution (LMS) enables your organization to create and share knowledge in a simple, automated, and integrated way. LearnFlex makes the process of automating, tracking, managing, and reporting on all aspects of your enterprise-level learning initiatives easier—all while demonstrating a clear return on investment.
  • Designing an Effective IPv6 Addressing Plan Recorded: Apr 10 2015 44 mins
    Tom Coffeen, Chief IPv6 Evangelist
    The developed world's global Internet registries have officially depleted their supply of free IPv4 addresses. IPv6 is not just the future—it’s already here (65% of Verizon’s traffic is over IPv6!). Some organizations even have their IPv6 allocations already. But since a single site assignment in IPv6 contains 1 trillion, trillion, addresses (or 279 trillion Internets!), designing an effective plan can be both intimidating and unnecessarily time consuming. With that many addresses, where do you start? Join us for this webinar as Tom Coffeen, Infoblox IPv6 evangelist and O'Reilly author of IPv6 Address Planning, discusses how to design, deploy, and successfully adopt an effective IPv6 addressing plan. Both IPv4 exhaustion and IPv6 adoption are real and happening now. Take the first step to realizing an effective IPv6 address plan and adoption strategy, and watch this webinar today.
  • Is your email running rogue? Leverage your DM to start managing your email Recorded: Apr 10 2015 58 mins
    Larry Roy, Senior Director, Product Management, OpenText, and Stevan Quincy, Senior Solutions Consultant, OpenText
    Email exchange is the biggest source of content production in any enterprise and its management is usually left in the hands of the senders and receivers as to what to save, archive, or delete. From an IT perspective operating this way is unsustainable as email volumes continue to grow. OpenText eDOCS experts explain how integrating email with your eDOCS content repository will speed up your discovery process and ease the burden on your IT resources.
  • From the Front Lines: The Top 10 DNS Attacks Recorded: Apr 9 2015 31 mins
    Srikrupa Srivatsan, Sr. Product Marketing Manager, Infoblox
    More than 75% of organizations in the U.S. and U.K. have experienced at least one DNS attack according to SC Magazine. DNS Attacks are increasing in frequency and evolving constantly. They range from common amplification, reflection, and flood attacks to more sophisticated and stealthier types. These might have fancy names like random subdomain, phantom domain, and domain lock-up, but their effects on DNS are far from pretty. Join this webinar as we reveal the top 10 attacks on external and internal DNS servers; and the impact they have on your operations.
  • Optimize Customer Signup Flows Online and in Your Mobile App Recorded: Apr 9 2015 48 mins
    Chris Morton, President, Block Score; Lisa Aguilar, Marketing Manager, Jumio; James Bickers, Sr Editor, Networld Media
    In today’s online and mobile environment, financial service organizations are struggling to comply with a multitude of regulatory requirements that impede online and mobile customer signups. What is the best way to signup customers while still complying with regulations and mitigating fraud?

    Join us for a live webinar, “Optimizing customer signup flows in your mobile and web channels” and listen in as experts in ID authentication and identity verification discuss various strategies that will help you:

    · Quickly and safely signup customers through your mobile and online channels
    · Remain compliant with regulatory requirements without adding additional operational overhead
    · Reduce customer sign-up abandonment

    Don’t lose another customer because you can’t offer a real-time sign-up process through your online and mobile channels. Join us and learn how to optimize your sign-up flows, and enable anytime, anywhere through any digital channel customer account opening.
  • Looking Forward to HIMSS 2015: What are the latest trends? Recorded: Apr 8 2015 49 mins
    Lysa Myers, Security Researcher III, ESET North America
    ESET security researcher Lysa Myers discusses developments in healthcare IT system security that you may see at the HIMSS conference in Chicago next week. Find out what is being done to better protect patient data privacy and more.
  • How Mobile Data Protection Can Accelerate Top CIO Initiatives Recorded: Apr 8 2015 56 mins
    Seyi Verma, Sr. Product Marketing Manager
    The proliferation of data on mobile devices has created huge headaches for CIOs as they attempt to protect data, stay in compliance and move workloads to the cloud. How IT approaches data protection for mobile devices can support or hinder these high level efforts. Endpoint backup, traditionally viewed as a functional requirement below the radar of CIOs, is evolving to offer not just data backup and restore, but also a modern way to address costly data governance challenges such as compliance and eDiscovery. This webcast will cover real-world case studies of Fortune 1000 companies leveraging endpoint backup solutions to gain significant business advantages including cost control, compliance and embracing the cloud.
  • ISA 62443 Patch Management Overview and Methods for Zero-Day Threat Protection Recorded: Apr 8 2015 67 mins
    Joe Weiss, Managing Director for ISA99; William Cotter, Systems Engineering Specialist; Delfin Rodillas, Sr. Manager of SCADA
    The growing presence of widely known and used Commercial Off-the-Shelf (COTS) systems in Industrial Control Systems (ICS) provides an increased opportunity for cyber attacks against ICS equipment. Such attacks, if successful, could have severe impact to not only process availability but also safety. Patch management is one particular area of cybersecurity which requires special attention when applied to ICS. It is part of a comprehensive cybersecurity strategy that increases cybersecurity through the installation of patches that resolve bugs, operability, reliability, and cyber security vulnerabilities. The ISA-TR62443‑2‑3 technical report, developed by the ISA 99 Working Group 6, addresses the patch management aspect of ICS cyber security. Also part of an effective strategy is the use of compensating cybersecurity controls to protect ICS systems from exploits and malware in between often long patching cycles. Novel network and host based technologies have recently become available to address even zero-day threats which bypass conventional signature-based approaches.

    Attendees of this webinar will leave with a better understanding of:
    -The unique aspects of ICS that entail a different and more rigorous approach to patch management than that used in business networks
    - An overview of the ISA 99 standards efforts with detail review of the main aspects of the ISA-TR62443-2-3 Technical Report on Patch Management in IACS
    - Advancements in compensating cybersecurity controls for protecting systems from zero-day threats
  • Why DDoS Makes for Risky Business – And What You Can Do About It Recorded: Apr 8 2015 55 mins
    Dave Shackleford, IANS Lead Faculty and Tom Bienkowski, Director of Product Marketing
    Despite years of headlines, and countless examples, many organizations are still under the impression that DDoS attacks are a problem for somebody else (i.e. their ISP), or that it’s a problem that can be defended using an existing on-premise security solution, such as their firewall or IPS. In a risk obsessed world, these organizations are ignoring the very real likelihood of becoming a target for DDoS attacks, along with the severe operational and business consequences of falling victim to an attack.

    It’s time to debunk some misconceptions about DDoS.

    Attend this webinar to learn:

    - Why a single layer of DDoS protection isn’t enough
    - How the impact of a DDoS attack is significantly more costly than protection options
    - The correlation between DDoS attacks and advanced threats revealed in our latest research and how both are used during multiple phases of an advanced threat campaign.
  • Global CISO Forum Podcast Episode 2: Should CISOs hit the road? Recorded: Apr 1 2015 51 mins
    Keith Rayle, Principal at World Wide Technology and Ron Baklarz, CISO of Amtrak
    This week, the Global CISO Forum Podcast interviews Keith Rayle, Principal at World Wide Technology and Ron Baklarz, CISO of Amtrak.
  • Your organization has been breached, now what? Recorded: Mar 31 2015 32 mins
    Dal Gemmell, Director of Product Management and Steve LaBarbera, Director of Security Solutions, SentinelOne
    Unfortunately, there is a high likelihood that organizations will suffer a breach by advanced malware. Learn how to minimize response time through real-time forensics to understand the scope of compromise including:

    - Identifying attacked endpoints
    - Finding indicators of compromise
    - Analyzing malicious activity
    - Tracing outbound communication, and more
trends, developments, and technology
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Top 10 Emerging IT Audit Issues
  • Live at: Sep 29 2009 4:00 pm
  • Presented by: Michael Juergens; Deloitte & Touche LLP, Principal
  • From:
Your email has been sent.
or close
You must be logged in to email this