Cybercrime's Favorite Target - The Crown Jewels in Your Databases

Brandon Dunlap, Brightfly (Moderator); Patricia Zullo, Dir, Database Security Sales, McAfee; Chris Trautwein, ISO, (ISC)2;
Despite facing an ever-growing number of cyber-threats targeting highly sensitive and valuable information, many organizations fail to establish a last line of defense for their business-critical databases without compromising performance for threat protection. Join security experts from (ISC)2 and McAfee on August 16, 2012 at 1:00pm Eastern time for a discussion on how the right database security strategy and posture can help organizations of all sizes and types achieve robust security, continuous compliance, and optimal security management costs and practices.
Aug 16 2012
59 mins
Cybercrime's Favorite Target - The Crown Jewels in Your Databases
(ISC)2 Security
Join us for this summit:
More from this community:

Cloud Computing

Webinars and videos

  • Live and recorded (3298)
  • Upcoming (89)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
Up Down
  • Countering Adversaries Part 3: Hacktivists and SQL Injection Attacks May 22 2014 5:00 pm UTC 75 mins
    Activists break into organizational web applications and databases to find personal and organizational data in order to expose this private information. The Verizon Data Breach investigations report says “Hacktivists generally act out of ideological motivations, but sometimes just for the fun and epic lutz.” In this third webcast of a three part series, (ISC)2 and Oracle will examine their number one tool of choice: SQL injection attacks. SQL injection attacks are both simple to perform and difficult to detect. We’ll discuss detecting and blocking SQL injection attacks in order to protect your most sensitive customer and organizational data from “epic lutz”.​
  • Out of Sight, Out of Mind? – Advanced Techniques of Evasion May 8 2014 5:00 pm UTC 75 mins
    The combination of several known evasion methods into new attack strategies, Advanced Evasion Technique (AET) attacks can provide attackers with unseen and undetectable access inside your network. AETs are exploiting weak detection points in firewalls and IDS, all the way down to the packet level. Even worse, AET’s are known to mutate, sometimes rapidly, as attackers drive innovation in their methods. Join (ISC)2 and McAfee for a discussion on the AET threat and how defend against it on May 8, 2014 at 1:00pm Eastern for our next roundtable webinar.​
  • Countering Adversaries Part 2: Organized Crime and Brute Force Recorded: Apr 24 2014 60 mins
    Hailing from Eastern Europe and North America, organized criminals have a penchant for using brute-force hacking and multiple strands of malware to target financial and retail organizations for monetary gain, according to the Verizon DBIR. It is common for these cybercriminals to directly access databases and extract payment cards, credentials, and bank account information. Join (ISC)2 and Oracle as we discuss tactics employed by these cybercriminals and how organizations should implement a defense in depth database security strategy to help mitigate the threat.
  • From The Trenches: BYOD Program Deployments Recorded: Apr 10 2014 62 mins
    Join this unique roundtable chat with three InfoSec Professionals who have recently climbed the BYOD mountain and come back down to share their stories. We’ll discuss the industry and regulatory differences, managing user expectations of privacy, legal implications and technical pitfalls in this 60 minute Security Leadership Series webinar, brought to you on April 10, 2014 at 1PM Eastern in partnership with Capella University.
  • Countering Adversaries Part 1: Espionage and Stolen Credentials Recorded: Mar 27 2014 60 mins
    By profiling criminal activity, the Verizon Data Breach Investigations Report has been able to identify three distinct threat actors including espionage, organized crime, and activists. Organizations can take proactive steps to mitigate potential risks by understanding each threat actor’s methods and targets. In this three part series, (ISC)2 and Oracle will examine these three threat actors, the industries they target, and how to protect sensitive customer and organizational data. We begin with countering espionage threats and their preference for using stolen credentials.
  • Quick decisions - Using Real Time Security Management to Make the Right Call Recorded: Mar 20 2014 60 mins
    Ferris Bueller famously said “Life moves pretty fast. If you don’t stop and look around once in a while, you could miss it”. The same can be said of security practitioners. Their job and responsibilities move quickly and change suddenly based on shifting threats, business pressures and constant auditing. Today's security professional has to make quick “reads” and decisions about how to react. Real-time security management tools can assist in “looking around” several critical security areas such as defenses, awareness, monitoring and response. The data and critical information distilled help to inform the quick and decisive decisions needed when acting on a security incident or threat where speed is important. Join (ISC)2 and McAfee for our Roundtable on March 20, 2014 at 1PM Eastern when we look at the use of real-time security management to make quick and correct decisions for your organization. ​
  • Keeping Pace with PCI Changes Recorded: Feb 18 2014 58 mins
    With the release of of PCI DSS v3.0 in November, the PCI Standards Council has raised the bar for retailers, card processors and application developers. While the Council allows 14 months for companies to shift to the new standard, the analysis needs to begin now. Join (ISC)2 and Bit9 on February 18, 2014 at 1PM Eastern for a Roundtable discussion where we'll go beyond just enumerating the changes and dive into how this latest release will impact your organization in 2014.
  • Security Series Part 6: Unleashing the Power of Big Data through Secure APIs Recorded: Feb 13 2014 62 mins
    Quite often what makes an organization unique can be found in the volumes of data it has stored and hidden from the outside world. But while access is prevented and data is protected, new revenue streams are prohibited. Please join us to learn how securely externalizing your core Big Data assets through a Secure API Data Lens can result in new business models and revenue streams never attainable until now.
  • Security Series Part 5: Key Takeaways from 2013 & Predictions for 2014 Recorded: Jan 16 2014 59 mins
    Opening up the enterprise to enable new, revenue generating ways of engaging employees, partners, and customers, while still protecting the business and privacy continues to present new opportunities and evolve in the marketplace. As 2014 starts out, it’s time to review which important trends have emerged or shifted in the last year, and predict what we expect will happen in the world of identity and cyber-security in the coming year. Our takeaways and predictions are based on gathering thoughts and ideas from many practitioners and industry experts, and synthesizing it down to a key set of insights that provide a clear understanding of where the world of identity and security is going. Please join us for a thought provoking, actionable discussion on where we’ve come and where we are heading in the identity marketplace.
  • Security Series Part 4: The Economics of Digital Identity Recorded: Dec 19 2013 61 mins
    Digital identities help solve a crucial problem in today’s highly interconnected IT world-namely knowing the identity of the individual interacting with you. Unfortunately, there are no ways to perfectly determine the identity of a person or thing in cyberspace. Even though there are numerous attributes associated to a person’s identity, these attributes or even identities can be changed, masked or dumped. This session will look at how organizations can leverage these existing digital identities in a manner that does not increase risk or impede user productivity and satisfaction and also share some recent research from the Ponemon Institute on this topic.
  • Crime Scene Investigation Recorded: Dec 17 2013 61 mins
    While breaches happen more often than infosecurity practitioners would like, no two breaches are the same. Some breaches are simply nuisance incidences where nothing of value is accessed and remediation is put in place. Others reveal themselves as a full blown criminal act and require a full investigation, forensic examination and the involvement of law enforcement. However, many breaches fall in a “gray area” in which the decision to investigate fully becomes a difficult call. Join (ISC)2 on Tuesday, December 17th at 1pm for a roundtable discussion on when to deploy forensics tools, what digital evidence to gather and how and why to bring in law enforcement.
  • Protecting Patient's Sensitive Data - Dealing With The Final HIPAA Omnibus Rule Recorded: Dec 12 2013 61 mins
    On September 23, 2013, the HITECH Omnibus Final Rule went into effect. The final ruling has far reaching authority and penalties for noncompliance; unfortunately, most are unclear what the requirements mean for their organization and how to protect their sensitive customer data. Join (ISC)2 and Oracle on December 12, 2013 at 1PM Eastern for a roundtable discussion covering the following:

    • The important legal requirements surrounding breach notifications
    • Business Associates’ responsibility and “willful negligence”
    • What healthcare organizations are doing to secure the 66% of sensitive and regulated data that resides in their databases.
  • Security Series Part 3: Accelerate Mobile App Delivery: API Security for DevOps Recorded: Nov 21 2013 61 mins
    The relationship between Development and Operations continues to become more intertwined as cloud and mobile service expectations rise. Faster application release cycles and improved quality equates to improved operational performance and customer satisfaction. But how can good API Security & Management practices help to accelerate the delivery of mobile apps? And what’s the most effective way to secure them? Please join us to discuss API Security & Management practices to improve your DevOps application delivery process.
  • Hiding in the Clouds Recorded: Oct 31 2013 61 mins
    The mad rush to cloud services, coupled with the "consumerization of IT" has brought about the perfect storm for the enterprise, but what about the risks to the consumers themselves. Join (ISC)2 and Capella University for this Security Leadership Series Roundtable on October 31, 2013 at 1:00pm Eastern where we will explore the legal and technical risks faced by your friends, family and co-workers and how we, as Security professionals, can help them identify a safe and sound on-line experience for themselves and our enterprises that they inhabit.
  • Security Series Part 2: IAM as Cloud Services: Right Fit for Your Organization? Recorded: Oct 24 2013 62 mins
    Cloud computing services offer significant potential economic and operational efficiencies. However, these efficiencies are often accompanied by new regulatory requirements around the security of applications and data that are stored in the cloud.

    In addition, many organizations are seeing an explosion in the numbers of users that are interacting with their services, whether these are existing customers conducting transactions or ‘fans’ who are interacting with your services through social media. And while there are clear benefits from consuming IAM services from the cloud, there are important risk factors that have to be considered as well.

    This session will review the pros and cons of IAM Cloud Services and provide guidance and best practices based on specific use cases to help guide organizations to a model that meets their risk profile.
  • Security Series Part 1: Unifying the Fractured Enterprise One Channel at a Time Recorded: Sep 19 2013 62 mins
    As the enterprise expands and becomes more interconnected through the adoption of social identities, SaaS and mobile technologies, IT and Security practices must change. As the perimeter has evolved into a more connected and open environment, security has been fractured. This now requires the CIO and the entire IT and Security organization to quickly embrace a new identity-centric security model that enables continued business agility, all while protecting the business. During this webinar we will discuss the following topics:
    •Security implications of the new open enterprise and challenges dealing with the interconnectivity of users, apps and machines
    •Securely delivering new business services across multiple channels including Web, APIs and mobile
    •Enabling your new mobile and cloud business to connect through security standards such as OAuth and OpenID Connect
  • The Challenges and Benefits of Continuous Monitoring and BYOD Recorded: Sep 12 2013 57 mins
    They say knowledge is power. Possessing the ability to have increased visibility into your network traffic, devices, systems, apps and users can only increase your security, resilience and knowledge of what’s happening in your infrastructure. Join (ISC)2 along with sponsors Gigamon and ForeScout on September 12, 2013 at 1:00pm Eastern for our next roundtable webinar where we’ll examine key requirements and technologies for IT to gain enterprise visibility, control and automation. We’ll also discuss common network visibility, access and endpoint compliance gaps; BYOD, policy and security automation; and approaches to leveraging infrastructure and security investments that effectuate IT-GRC security controls.
  • Using New Design Patterns to Improve Mobile Access Control Recorded: Aug 29 2013 61 mins
    Security Briefings Part 3 - Using New Design Patterns to Improve Mobile Access Control

    The widespread popularity of consumer mobile applications continues to influence how corporate applications are being created and deployed. IT teams who initially deployed web gates to manage HTTP based web applications are under pressure to support a whole new set of native mobile communications and security protocols.

    On August 29, 2013 at 1PM Eastern, (ISC)2 and Oracle conclude their Security Briefings series with Part 3 as Oracle expert Sid Mishra joins Moderator Brandon Dunlap to discuss the patterns of mobile application access and the impact they have on your existing application infrastructure.
  • (ISC)2 Security Congress 2013 - Sneak Preview Recorded: Aug 21 2013 60 mins
    (ISC)2 will hold its 3rd Annual Security Congress at the Annual ASIS Conference this September in Chicago, IL. This year’s conference promises to be bigger and better as it brings together thought leaders in traditional and information security for three days of educational sessions and an exhibit floor featuring over 350 solution providers. Join (ISC)2 and several of the conference speakers who’ll be presenting at the Security Congress on August 21, 2013 at 1:00pm Eastern as we discuss their sessions, get a preview of what will be discussed at the event and examine some of the “hot button” issues facing security practitioners today.
  • Optimizing Directory Architecture for Mobile Devices and Applications Recorded: Jul 25 2013 58 mins
    Security Briefings Part 2 - Optimizing Directory Architecture for Mobile Devices and Applications

    Directories are the data stores of all modern Identity Management systems. Traditional directory architecture focused on a low number of directory writes and a very high level of reads.

    The advent of mobile devices and applications has dramatically changed the access load patterns on modern directories. Mobile applications are connected 24/7 and brings significant new features such as location-based services. This has created a new performance demand for an increased number of directory writes and updates. Join (ISC)2 and Oracle on July 25, 2013 at 1PM Eastern for Part 2 of our Security Briefings series where moderator Brandon Dunlap and Etienne Remillon examine how load patterns are changing best practices to install and how to optimize your directory architecture to meet the demand.
ThinkTank
(ISC)2 hosts a monthly panel discussion around different thought engaging topics within the information security sector.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cybercrime's Favorite Target - The Crown Jewels in Your Databases
  • Live at: Aug 16 2012 5:00 pm
  • Presented by: Brandon Dunlap, Brightfly (Moderator); Patricia Zullo, Dir, Database Security Sales, McAfee; Chris Trautwein, ISO, (ISC)2;
  • From:
Your email has been sent.
or close
You must be logged in to email this