Hi [[ session.user.profile.firstName ]]

CISO Career Development Series - PCI Compliance & Leadership

Jeff Tutton, President of Global Security & Compliance at Intersec Worldwide, will discuss understanding and managing PCI compliance and the issues that arise when working with non IS management.
Recorded May 4 2012 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jeff Tutton and special guest Bill Corbitt
Presentation preview: CISO Career Development Series - PCI Compliance & Leadership

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The 2017 Threatscape Dec 6 2016 2:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF Ltd
    more info coming soon
  • Privacy vs. Security Oct 11 2016 1:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF Ltd
    more info coming soon
  • Are you ready for the notification requirements of upcoming EU Legislation? Sep 23 2016 1:00 pm UTC 45 mins
    Danielle Kriz, Sr Director, Global Policy at Palo Alto Networks and Aravind Swaminathan Global Co-Chair, Orrick
    Doing business in the European Union is changing. By May 2018, companies must comply with the new General Data Protection Regulation’s (GDPR) data breach notification requirements and the Network and Information Security (NIS) Directive’s security incident notification requirements.

    Notification requirements make it imperative to prevent incidents before they happen. To help you prepare for these new requirements, Palo Alto Networks is hosting a webinar with cybersecurity and data privacy lawyers from Orrick Herrington & Sutcliffe to discuss:

    · What are the requirements and the deadlines under each law?
    · What are the thresholds for notification, and who needs to be notified?
    · How should companies prepare for their oncoming obligations? What strategies should be in place? What have other international companies done to prepare and communicate?
    · What might be the legal consequences of non-compliance?
  • State-of-the-Art Security Framework for Breach Prevention Response Strategy Sep 22 2016 2:00 pm UTC 60 mins
    Gregory Albertyn, Sr Director Cybersecurity & Privacy at PwC, Simon Mullis, Global Technical Lead GSIs at Palo Alto Networks
    Traditional approaches of detecting and remediating threats are becoming increasingly inadequate to effectively manage risk in today’s increasingly regulated, cyber threat landscape.

    Join a live webinar and Q&A to learn how PwC and Palo Alto Networks have formed a strategic partnership to help more customers achieve cyber resilience.

    The webinar will introduce

    •The emerging regulatory landscape that is driving the need for organizations to redesign their incident response and data compliance programs
    •A state-of-the-art security framework that serves as a guide for organizations to assess, develop, and implement a breach prevention security posture.
    •Recommended security architectures, organizational structures, and computing processes that enable breach prevention.
    •Live Q&A with cybersecurity experts from PwC and Palo Alto Networks, for practical insights and real world experiences.
  • Are you safe against threats with cyberinsurance? Sep 22 2016 12:00 pm UTC 60 mins
    Fred Streefland, Leaseweb Global and Dharminder Debisarun, Palo Alto Networks
    The cynical would suggest that cyber insurance is growing as some look for a cheaper route to manage risk. However many see the cyber insurance industry as potentially the new enforcer of good security practices.

    Palo Alto Networks customer Leaseweb is an organization that recently purchased cyber insurance. We invite you to join us on Thursday September 22 for an interview with Fred Streefland, IT Security Manager at Leaseweb Global. Palo Alto Network’s Dharminder Debisarun interviews him to learn more their decision to purchase cyberinsurance. You will hear what is generally covered and how it can be part of a prevention strategy. There will also be a chance to answer questions at the end of the session.
  • Accelerating Digital Transformation through next generation security Sep 21 2016 8:30 am UTC 45 mins
    Greg Day, Chief Security Officer EMEA at Palo Alto Network
    Digital Transformation is the primary driver of business innovation for the rest of this decade. But security is in danger of being left behind, as mobile, big data and cloud solutions go mainstream. Security is often seen as the blocker to innovation, so businesses avoid talking to security professionals until it’s too late. A disregard for security exposes the business to risk at a time when data protection compliance regimes are tightening. This session shows how organizations can deploy next generation security approaches to accelerate digital transformation while increasing security and reducing risk.
  • Addressing The Challenges of the EU GDPR 2016 Sep 8 2016 1:00 pm UTC 60 mins
    Jonathan Armstrong: (Cordery Compliance), Florian Malecki; (Dell) & Luke Shutler (Absolute Software)
    The webinar will enable you to hear from an independent Legal Specialists on the real challenges and impacts of the EU GDPR and then the webinar will demonstrate how Dell & Absolute can support your business in overcoming these challenges.

    The webinar will focus on:
    • Implement a seamless, connected security strategy that works across the organisation, from device to data centre to cloud
    • Prove that a lost device is inoperable or has had its data completely wiped
    • Gain visibility of data breaches and contain and eradicate threats
    • Eliminate the blind spots between networks, identity and access management, data encryption, endpoint security and security managed services
    • Enable security decisions based on intelligence that takes into account user, content, location and context
  • Are you having a mare with Ransomware? Sep 7 2016 2:00 pm UTC 45 mins
    Paolo Passeri, Consulting Systems Engineer Security at OpenDNS
    Ransomware has become a common and dramatic problem and the recent waves of attacks are demonstrating that new variants emerge each day in what seems an endless arms race where the attackers seem to prevail.

    However, even if the attack vectors are increasingly complex, the attackers cannot conceal themselves as the infrastructures used to launch these campaigns, despite extremely volatile, exploit elements of the internet, such as IP and domains, that cannot be hidden.

    Monitoring large scale data allows to identify these infrastructures, where attacks are staged, and to enforce a new predictive security model particularly effective against Ransomware.
  • Why visibility is a crucial part of any security strategy Sep 7 2016 2:00 pm UTC 45 mins
    Peter Smith, Regional Sales Manager - Europe & Russell McDermott, Sales Engineer, Netwrix
    With a recent increase in high-profile security breaches and compliance violations, traditional security mechanisms, such as firewalls, IDS, and antivirus are no longer enough to defend against external attackers, and insider threats. By having increased visibility into internal changes, configurations, access events, and permissions across the IT infrastructure, organizations can far more effectively defend against such attacks.

    So, please join our local auditing and compliance team from Netwrix, Pete Smith (Regional Sales Manager Europe) and Russell McDermott (Pre-Sales Engineer) and see how Netwrix Auditor can unlock the door into possible breaches in your IT environment.

    From our brief session you will learn:

    • How deeply security breaches and data leaks are really effecting organizations
    • How to protect your data from the insider threats
    • How to have “peace of mind”, and achieve complete visibility of your IT infrastructure
  • Exploring Russia’s Cyber Operations Sep 7 2016 1:00 pm UTC 45 mins
    Dan McWhorter, Chief Intelligence Strategist at FireEye
    Russia has a long history of utilising cyber actions to accomplish their information operations and national security goals. Organisations in Europe – in the private and public sector – are a top target of Russia-based cyber activity for espionage and crime. This talk will cover how some of Russia’s recent cyber actions were conducted, and it will highlight how well Russia has embraced the opportunities cyber provides when it comes to national security and foreign policy objectives. Dan McWhorter, Chief Intelligence Strategist at FireEye, will also discuss why organisations need to take note of these activities in Russia and steps to ensure your organisation is able to defend against these threats.
  • Data Protection 101: Follow and protect your critical data, wherever it lives Sep 7 2016 10:00 am UTC 45 mins
    Sunil Choudrie, Global Solutions Marketing Manager
    When it comes to your sensitive data, how can you be sure that it is protected and none of it is leaving your environment?

    Organizations today face the following challenges:
    •Identifying the type of data that needs to be protected
    •Controlling access to data & ensuring identities aren’t exposed, especially in the face of significant regulatory fines
    •Prevent sensitive data from leaving the organization, mega-breaches & data loss is increasing year on year. Over half a billion personal records were stolen or lost in 2015, spear phishing campaigns targeting company employees increased by 55% in 2015

    Answer: Firstly allow the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands. Secondly Easily apply policies to control access and usage―in the cloud, on mobile devices, or on the network.

    Join Symantec for a webinar on the lessons learned regarding data protection across the many applications in your environment.
  • Network security, seriously? 2016 Network Penetration Tests Sep 7 2016 10:00 am UTC 45 mins
    Peter Wood
    The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
  • Experts show how hackers perform web attacks which kills your site ranking Sep 6 2016 3:00 pm UTC 45 mins
    Leon Brown - Product Marketing, Symantec Website Security & Avishay Zawoznik - Security Researcher, Imperva Incapsula
    After a brief introduction to the world of SEO, we will dive into the different types of web application attacks and manipulations that are made to either degrade your competitor’s ranking or raise your own.
  • 2016 Threat Analysis: Learning from Real-World Attacks Sep 6 2016 1:00 pm UTC 45 mins
    Matt Webster, CTU Security Researcher, SecureWorks
    SecureWorks® incident responders assist hundreds of organisations annually with the containment and remediation of threats during suspected security incidents.

    Visibility of these incidents provides the SecureWorks Counter Threat Unit™ (CTU) research team with a unique view of emerging threats and developing trends. This Threat Intelligence is then continuously provided to clients, arming them with the information they need to stay one step ahead of adversaries trying to compromise their networks.

    In this webcast Matt Webster, CTU Security Researcher, will discuss developments in the threat landscape observed through SecureWorks’ Incident Response engagements from April to June of 2016, including;

    - Key developments of the APT threat
    - Criminal cyber threat trends
    - Developments in Ransomware

    Matt will also discuss observations of how the affected organisations could have better prepared for the threats they encountered.
  • Social Engineering - Are you the weakest link? Aug 30 2016 1:00 pm UTC 60 mins
    Greg Iddon, Technologist, Sophos
    Social Engineering has been around for as long as the crooks have but in a modern online world, running a con game has never been easier. And that’s why we need to be savvy.

    A social engineer can research you on Facebook and LinkedIn; read up about your company on its website; and then target you via email, instant messaging, online surveys…and even by phone, for that personal touch. Worse still, many of the aspects of a so-called “targeted attack” like this can be automated, and repeated on colleague after colleague until someone crumbles.

    Greg Iddon will take you into the murky world of targeted attacks, and show you how to build defences that will prevent one well-meaning employee from giving away the keys to the castle.
  • BrightTALK Network Security & Hacking Preview Recorded: Aug 24 2016 3 mins
    Various
    This September BrightTALK will be hosting some of the industry's leading cyber speakers as they discuss Network Security & Hacking.

    Click below to register for the Summit:

    https://www.brighttalk.com/summit/3453
  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Recorded: Aug 24 2016 36 mins
    Michael Suby, Vice President of Research at Frost & Sullivan
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralising business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • The Security Risks of Orphaned Network Traffic Recorded: Aug 10 2016 47 mins
    João Gouveia, CTO, AnubisNetworks
    As part of our research work focused on identifying automated network traffic that we can relate with malicious behavior and botnet communications, we often come across with traffic not necessarily related to malicious intent, but that represents a high risk for the companies allowing it to occur on their networks.

    Often associated with abandoned ware, policy control failures, or miss configurations, these traffic patterns end up exposing company information and assets to multiple risk levels.

    On this webinar, we are going to explore this byproduct of our botnet research, how widespread this problem is, how we can use this to relay risk information to companies, and the several degrees of exposure and impact that this type of traffic can represent.
  • Intel & Threat Analysis – The Defensive Duo Recorded: Aug 10 2016 41 mins
    Jens Monrad, Global Threat Intelligence Liaison, FireEye; Al Maslowski-Yerges Manager, Americas Systems Engineering
    The ongoing battle with cybercrime is asymmetric. You’ve invested millions in protection technology but unknown attackers still find a way in. So how do you stay ahead of the curve?

    "The core problem is that most cyber security tools do not make a distinction between everyday malware and advanced targeted attacks. If security tools cannot tell the difference, security teams have no way of prioritizing the alerts that matter the most."

    Join Jens Monrad, Global Threat Intelligence Liaison from FireEye in this webinar that will discuss:

    •How to ensure you are responding to the alert that matters

    •Benefits of Alerts with threat Intelligence

    •Using threat intelligence to think like your attacker

    •How to apply threat intelligence, expert rules and advanced security data analytics in order to shut down threats before they cause damage

    •How security teams can prioritize and optimize their response efforts.
  • Intelligent Endpoint Security: Why Taking A Modern Approach Matters Recorded: Aug 10 2016 58 mins
    Laurence Pitt, Solution Marketing - Symantec & Robert Westervelt, Research Manager - IDC Security
    Endpoint security is a critical component in an organisation's security program and is needed to gain the visibility necessary to rapidly detect threats and contain them before criminals gain access to critical resources. But identifying custom malware and sophisticated attacker techniques requires an approach that combines existing security investments with modern defenses to protect critical corporate assets.

    In this webinar you'll learn about:

    •Why organisations of all sizes are increasingly targeted by criminals using advanced tactics and zero-day attacks designed to bypass traditional antivirus and remain stealthy on systems.

    •What technologies typically make up modern threat protection solutions, from sandboxes, advanced machine-learning, to behavioral analytics systems to quickly identify infected endpoints and determine the scope of an attack

    •Why endpoint visibility must be combined with network, web, and messaging security solutions
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: CISO Career Development Series - PCI Compliance & Leadership
  • Live at: May 4 2012 5:00 pm
  • Presented by: Jeff Tutton and special guest Bill Corbitt
  • From:
Your email has been sent.
or close