Top 10 Emerging IT Audit Issues

Manage webcast
Michael Juergens; Deloitte & Touche LLP, Principal
Compliance requirements and resource constraints have focused IT audit procedures on the bare essentials of IT controls. And yet, at the same time, technology and the current economic climate are introducing new IT risks that IT auditors should be aware of. In this presentation, we will cover the top 10 emerging IT issues that IT auditors should be aware of. In addition, we will cover the key risk areas for each issue, and provide practical recommendations for how IT auditors should deal with these risks.
Sep 29 2009
49 mins
Top 10 Emerging IT Audit Issues
  • Live and recorded (2232)
  • Upcoming (44)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • Building on the Secure Cloud Aug 13 2015 5:00 pm UTC 15 mins
    Patrick Wirtz, Innovation Manager, The Walsh Group
    Hear how Patrick Wirtz, Innovation Manager at The Walsh Group, has leveraged a secure Cloud environment to streamline IT processes, shift focus to key business priorities, and grow his business.
  • Black Hat Recap – Implications for the Enterprise Aug 12 2015 5:00 pm UTC 60 mins
    Cameron Camp, Security Researcher
    Join Security Researcher, Cameron Camp, as he reviews the latest in cyber security covered at this year's Black Hat Conference.
  • Twelve Recommendations for Your Security Program in 2015 Aug 11 2015 7:00 pm UTC 45 mins
    Rick Holland - Principal Analyst, Forrester Research and David Dufour - Sr. Director of Security Architecture, Webroot
    In 2014, Forrester Research saw a significant shift in customers’ awareness of cybersecurity risks. In response, Forrester has developed strategic and tactical recommendations for enterprise security programs in a March 2015 report entitled “Twelve Recommendations For Your Security Program In 2015.” In this webcast, guest speaker Rick Holland from Forrester and Webroot’s David Dufour will review and discuss those recommendations, with a particular focus on the use of big data and threat intelligence, and the impact of IoT.
  • The Trustworthy Cloud Aug 11 2015 5:00 pm UTC 15 mins
    Michael Quinn, General Manager, Cybersecurity & Data Protection, Microsoft
    Decades of experience in fighting cybercrimes has greatly informed how Microsoft develops products. Michael Quinn (General Manager, Cybersecurity & Data Protection, Microsoft) discusses the features, policies, and practices that make the Microsoft Cloud so secure and set it apart from other options on the market.
  • The Microsoft Digital Crimes Unit Aug 5 2015 5:00 pm UTC 20 mins
    David Finn, Executive Director, Digital Crimes Unit, Microsoft
    Cybercrime impacts millions of people around the world. David Finn, Executive Director of the Microsoft Digital Crimes Unit, gives you a behind the scenes look at how Microsoft is going on the offensive to stop criminals, refer perpetrators to law enforcement, and create a safe digital world.
  • An Offensive Strategy for Today's Cyber Warzone: Winning With Cyber Campaigns Recorded: Aug 3 2015 63 mins
    Chris Inglis, former Deputy Director of the NSA and Al Corchuelo, President, Recruit Leaders LLC
    In this webinar, Chris Inglis, former Deputy Director of the NSA will share research and actionable insights on:

    -What it takes to build a winning cyber security strategy

    -Why cyber campaigns are much more effective than reactive cyber tactics

    -How to enhance your organization's cyber security profile and maintain a sustainable security posture

    About Chris Inglis:

    Mr. Inglis retired from the Department of Defense in January 2014 following over 41 years of federal service, including 28 years at NSA and seven and a half years as its senior civilian and Deputy Director. Mr. Inglis began his career at NSA as a computer scientist within the National Computer Security Center followed by tours in information assurance, policy, time-sensitive operations, and signals intelligence organizations. Promoted to NSA's Senior Executive Service in 1997, he held a variety of senior leadership assignments and twice served away from NSA Headquarters, first as a visiting professor of computer science at the U.S. Military Academy (1991-1992) and later as the U.S. Special Liaison to the United Kingdom (2003-2006).
  • How the United States Postal Service secured their email channel against fraud Recorded: Jul 30 2015 26 mins
    Michael Ray, Inspector in Change of Revenue, Product & Cyber Security at the United States Postal Inspection Service
    Email is #1 source of risk in today's enterprise, yet also the #1 digital communication channel for businesses today. The United States Postal Service sends more than thirteen million emails per day, which makes their email channel and brand a high-profile target for criminal email cyberattacks. In this case study webinar, hear from Michael Ray, Inspector in Change of Revenue, Product & Cyber Security at the United States Postal Inspection Service, as he shares their story of how they implemented Agari to protect their brand and their customers against fraudulent attacks by securing their email channel.
  • Hunting Hackers in the Carding Underground Recorded: Jul 30 2015 53 mins
    Grayson Lenik, Director of Digital Forensics and Incident Response at Nuix
    The rise in e-commerce data breaches over the past year raises important questions: Why is cardholder data such a big target, how do the bad guys get in and why are we seemingly powerless to stop them?

    This session will examine the black market for card data, the three most common attack vectors, and the wrong way to encrypt databases.

    You will see real-world examples of malware discovered during investigations and gain insights into the skill sets of each attacker.
  • Contextual Analytics: A Deep Dive into the Contextualization of Threat Data Recorded: Jul 30 2015 27 mins
    David Dufour, Senior Director of Security Architecture, Webroot
    This presentation will provide an overview of contextualization and how contextualized data can be used to prevent both known and unknown threats. It will dive deep into the technologies used in the collation and analysis process across both single and multiple threat types. It will conclude with real world use cases where contextualized data can help identified and prevent threats.
  • Internet Security Best Practices From The Global 1000 Recorded: Jul 30 2015 51 mins
    Daniel Druker, Chief Marketing Officer at Zscaler
    The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down.

    So what can you do today to keep your security ahead of these trends?

    This webcast will discuss actionable best practices gleaned from more than 5,000 leading global organizations - including United Airlines, Humana, Sealed Air, British American Tobacco, the United States Marines and NATO.

    We will also talk about:

    - The latest strategies and techniques cyber-criminals are using today
    - Concrete steps you can take to keep your organization safe
    - What to do about Internet security in today's cloud and mobile first IT landscape
  • Surviving the incident response surge: Detecting and Investigating Incidents Recorded: Jul 29 2015 50 mins
    Christian Kirsch, Principal Product Marketing Manager, Rapid7
    As security incidents grow in frequency and complexity businesses struggle to be prepared to respond and mitigate the threat. Incident detection and response is expected to take up the majority of security budgets by 2020 but solutions are siloed and specialized staff is hard to hire and retain. How can security professionals who may not be experts in incident response detect and assess the scope of potential incidents or breaches effectively? This case study will explore this question leveraging real-world examples that illustrate how to confidently detect and respond to security incidents 10x faster.

    Participants will learn:
    · Methods for simplified discovery of anomalous user behavior

    · Strategies for enabling fast incident response decisions

    · How to cope when bombarded with false positive alerts

    · Common attacker methods (and why they’re so often successful)

    · Why you need to monitor privileged and risky accounts
  • Constrained or Unleashed:Is your Identity Mgt Ready for Consumer-scale Business? Recorded: Jul 29 2015 57 mins
    John Hawley, Vice President of Security Strategy at CA Technologies
    Consumer-Scale Identity Management Deployments require different approaches than the typical employee use case. However, there are profound benefits - from overall risk reduction to enhanced engagement and loyalty with customers. This webcast will highlight the key challenges in moving identity management from the IT user to a much larger business user population and highlight best practices for success.

    As a two part series, this webcast will be followed by "Improving Your User Experience for Successful Consumer-Scale Identity Management", scheduled on August 19th.
  • Sophisticated Incident Response Requires Sophisticated Activity Monitoring Recorded: Jul 29 2015 41 mins
    Mike Sanders, Principal SE and Team Lead, Imperva and Bryan Orme, Principal, GuidePoint Security
    Are you prepared for a data breach? Are you confident you will find a breach in a timely manner? Facts are over 70% of businesses report a security breach and 75% of breaches are undetected for days or even months. Once discovered, incident response teams are under extreme pressure to close the breach, figure out what happened, what was lost, and calculate the risk. Organizations need a sophisticated incident response plan.

    Attend this webinar and learn how to:
    · Discover sensitive data, risk, and vulnerabilities
    · Detect and block active attacks
    · Investigate incidents and automate remediation
    · Demonstrate consistent policy application across all sensitive data
  • Data Security in 2015: Is it getting better? Recorded: Jul 29 2015 49 mins
    Graham Cluley
    Join data security expert Graham Cluley as he presents a mid-year review of the information security stories that have made news so far in 2015, and how the predictions he made in our January webinar have fared.

    With over 300,000 new pieces of malware created every day, company data has never been at greater risk. Hear from Graham about the vulnerabilities and risks that remain, and what organizations can do to address them.

    All webinar registrants will receive a copy of Graham’s report “Information Security in 2015: Just how much worse can things get?” on 2015 threats and keeping your data safe.
  • Uncovering Security Performance Myths & Realities Recorded: Jul 28 2015 62 mins
    Tom Turner, EVP, BitSight
    Organizations have long struggled to find objective ways to measure and compare performance, leaving many executives to trust metrics and data points that may not be painting the clearest picture of security posture.

    To highlight this issue, BitSight recently surveyed over 300 IT executives in 4 major industries to assess their confidence in their security performance. We then compared responses to our own security ratings data, which measures effectiveness across key performance areas including security events, configurations, and user behaviors.

    In this webinar, BitSight EVP of Sales & Marketing Tom Turner takes a deeper look into these fidings and discusses the business implications of optimism bias.

    Download this webinar to learn:

    How security performance varies among Finance, Healthcare, Retail, and Energy/Utilities
    Whether optimism bias exists in these industries and how it may be affecting overall security performance
    Why continuous performance monitoring should be a critical component of enterprise risk management and how leading organizations are using BitSight Security Ratings to manage their cyber risk
  • Detect Ransomware Before Its Too Late with AlienVault USM Recorded: Jul 28 2015 58 mins
    Mark Allen, Technical Sales Engineer
    By now you've probably heard about new ransomware threats like CryptoWall, which encrypts your data and demands payment to unlock it. These threats are delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server, they start to encrypt files throughout your network. Therefore, spotting infections quickly can limit the damage.

    AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the hackers’ command and control server. How does it all work? Join us for a live demo that will show how AlienVault USM detects these threats quickly, saving you valuable clean up time by limiting the damage from the attack.
    You'll learn:
    How AlienVault USM detects communications with the command and control server
    How the behavior is correlated with other signs of trouble to alert you of the threat
    Immediate steps you need to take to stop the threat and limit the damage
  • Lessons Learned From the Biggest Security Breaches Recorded: Jul 28 2015 58 mins
    Michael Sutton, VP of Security Research at Zscaler,John Kindervag, VP and Principal Analyst at Forrester Research
    The risk of experiencing a security breach is now higher than ever. Over the last 12 months, some of the highest profile companies have been compromised including Anthem, Sony, Home Depot, JPMorgan Chase, Target and more.

    2015 is turning out to be no different. Clearly no organization is immune to a breach and human error continues to play a primary role.

    This webcast will address:
    - Key trends and traits common to high profile security breaches
    - Critical takeaways and lessons learned for a comprehensive security strategy
    - Best practices to reduce the risk of a security breach
  • Insider threats - How to fight vulnerability from within the company Recorded: Jul 28 2015 34 mins
    Niels von der Hude , Director of Market Development, Beta Systems Software
    Recent studies have shown that 50-70% of all attacks on information security are coming from within the organization, and often the length of time that the breach existed is unknown. There are many issues involved in closing the gaps that cause such insider incidents and strengthen the protection of data. Using the "need to know" principal, organizations can limit who has access to data. Controls that adjust given access rights to actual needs exist and should be utilized. This session will focus on how to adjust data access rights, implementing the "least privilege principal", and the use of detective and proactive risk-oriented controls.
  • Security Lessons Learned from Target, Niemen Marcus, Sony and Other Breaches Recorded: Jul 28 2015 98 mins
    Randy Franklin Smith: Windows Security Subject Matter Expert; Erick Ingleby: Product Manager, LogRhythm, Inc.
    With major data breaches on the rise, it’s hard to deny that they've become a common occurrence in the security threat landscape. Large companies such as Target, Nieman Marcus and Sony (among others), have suffered major data breaches in the past year.

    As security professional, it is important to understand why and how these organizations were breached so you can learn from what was done right, what worked and what didn’t.

    In this webinar, Randy Franklin Smith, Windows Security Subject Matter Expert, and Erik Ingleby, Product Manager at LogRhythm, will discuss lessons learned from recent breaches. By analyzing the available information about recent data breach incidents from the perspective of detection, Smith and Ingleby have assembled a list of security monitoring lessons and ideas.

    You’ll get tips on how to eliminate double false positives, a number of generalized monitoring scenarios and guidelines on how to monitor for new executables running for the first time on your environment.
  • A Business Risk Approach to IT Governance Recorded: Jul 23 2015 62 mins
    Eric Kavanagh (Moderator); Paul Quanrud, TCS; Keith Breidt, Booz Allen Hamilton; Yo Delmar, MetricStream
    As corporate information technology infrastructure increases in size and complexity, corporations are recognizing the need for a better mechanism for assessing IT's role and alignment to the key corporate initiatives. What began as a series of best practices has evolved into the field known as IT governance.

    IT governance is no longer just a theoretical concept, it is a fundamental business necessity, and an iterative process which requires senior management commitment over the long term in order to see results. By implementing a business risk approach to IT governance corporations can deliver immediate benefits to the entire organization.

    Join Eric Kavanagh, the Bloor Group; Paul Quanrud, TCS; Keith Breidt, BAH; and Yo Delmar, MetricStream; for this educational session as they address some of the key concepts and challenges with IT governance. They will answer as many questions as we can fit in to the 45 minute Q&A, and will provide research materials for you to takeaway.

    If you would like to attend please confirm your position below.
trends, developments, and technology
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Top 10 Emerging IT Audit Issues
  • Live at: Sep 29 2009 4:00 pm
  • Presented by: Michael Juergens; Deloitte & Touche LLP, Principal
  • From:
Your email has been sent.
or close
You must be logged in to email this