Learn How to Successfully Prepare & Perform Audits
Ever more businesses get involved in the one or other form of auditing, whether it's finance (Sarbanes-Oxley, SAS70 etc.) or quality (ISO 9000, Six Sigma etc.) related to mention only those two areas. But how to attack the beast?
If you are moving into or are new to an audit function, either as (internal) auditors or prime business contact to auditors, then this webcast is for you.
The presentation provides an insight into audit principles and mechanics by exploring the various essential audit skills required to successfully prepare and perform audits.
The threat from insiders is real and growing, and insider fraud is a common occurrence that could happen at any time. Insider threats can never be completely removed, but identity-based controls are the building blocks upon which to base a successful insider threat prevention program.
Organizations need to find the right balance between employee enablement and control, while holding employees accountable for their actions. With the right security controls, security teams can significantly reduce their exposure to the risk of insider threats. Join this educational session for the latest insights on identity management and data protection, from an esteemed panel who are serious about combating insider threats.
The burden of the existing day-to-day IT workload has never been greater and continues to grow. The recent financial scandals and high profile data breaches have raised scrutiny to unprecedented levels. This scrutiny, together with new legislative changes, has resulted in an array of new compliance measures and related challenges, which have led to a melting pot of complexity that has seen organizations increase spend simply to 'keep the IT maintenance lights on'.
Due to consumer demand, leaders are having to look hard at their IT strategy and ways to reduce expenditure so they can invest in innovation to future-proof the business. Many banks are considering whether a complete IT infrastructure overhaul would prove more beneficial as spending on basic maintenance and compliance does little to move the business forward, yet it consumes the vast majority of IT budget. Not complying is not an option, and reducing IT spend on compliance is difficult as associated projects have become high priority 'must haves' and budget 'must spends'. If organizations fail to adapt their approach it will remain impossible for IT departments to service the needs of the compliance office and still satisfy the business innovation agenda.
Attend this webinar to learn more about:
- Driving efficiencies to reduce the cost of compliance
- Using compliance to enabling teams to focus their efforts more effectively
- Automating business process to get ahead of compliance
- Raising your organization's overall data privacy, compliance, and security profile
Keith Lowry, Nuix SVP Threat Intelligence; Chris Pogue, Nuix SVP CyberThreat Analysis; Amie Taal, Cybersecurity Expert
The protection of your organization's trade secrets, collected PII data, and confidential matters are your top priority. The same is an attractive asset for thousands of hackers around the world looking to profit or gain a competitive advantage that could damage the integrity and success of your organization’s objectives.
In this webinar, join three seasoned cybersecurity experts as they present the trends in cyber espionage and discuss:
•What makes organizations vulnerable to cyber espionage
•Why cyber espionage activity can vary across industries based on hacking drivers
•How a combined security approach that focuses not just on external threat actors but also privileged insiders can help identify spying activity in the enterprise
Seyi Verma, Product Marketing, Druva; Michael Shisko, Director, Information Technology, Hitachi Consulting
Gartner just released their 2015 Critical Capabilities for Enterprise Endpoint Backup report. In this must-read for IT professionals, Gartner notes that endpoint backup has gone beyond simple backup to address broader end-user data protection and governance use cases.
Join us for an overview of the 11 critical capabilities that help you as an IT leaders evaluate enterprise endpoint backup solutions for your organization.
Michael Shisko, Director, Information Technology, at Hitachi Consulting, will provide a practitioner's view at how these capabilities support his organization’s ability to manage and govern sensitive data.
During this webinar, the speakers will discuss:
* Key report findings and recommendations
* New features that go beyond endpoint backup, such as Security, Data Governance, Public Cloud Integration, and Mobile Device Support
* Real-world advice for evaluating solutions for your organization
Find out why Gartner has rated Druva highest overall for Enterprise Endpoint Backup, for the third consecutive time.
Registrants will receive a free copy of the Gartner report.
Vendor risk management has long been an area of concern for Financial Institutions. Regulators are now looking for banks to do more and provide a higher level of assurance about the security practices of their vendors. But how? With regulators continuously raising the bar, one thing is clear: the vendor reviews of the past will no longer be sufficient in today's environment.
In this presentation Stephen Boyer, CTO, and Cofounder of BitSight Technologies will explore:
- The evolving regulatory landscape regarding Vendor Risk Management and the practices organizations are adopting to meet these more stringent demands.
- Why continuous monitoring of vendor security performance is both critical and achievable, through the use of data-driven, evidence-based security ratings
- How a global financial services firm is transforming the way they select and interact with vendors and suppliers, detailing their own industry-leading practices in VRM and how the use of security performance ratings is allowing them to harden their extended enterprise.
Recent high profile security breaches, coupled with the damage to company brand, reputation and high financial penalties, means that cyber-security is now on the boardroom agenda. This is no longer just an IT issue, it is a corporate risk issue, impacting the role of the CISO, who is now expected to provide meaningful and actionable security intelligence to board members.
According to Forrester, CISO’s need to be able to be able to answer 4 key questions:
1. What are the new and emerging trends?
2. What is the plan and how to progress against it?
3. What is the comparison against peers?
4. What is the gap from the ideal and the consequences?
Forrester also cites that 62% of global businesses decision makers are concerned about their organizations information and security risk.*
Join Michael Sutton, CISO, Zscaler, Inc., for a compelling webcast that will address the evolving role of the CISO, including:
· The emerging trends in cyber-security CISO’s need to be aware of
· As a CISO, how best to address the 4 key questions
· The latest methods cyber-criminals use to infiltrate organizations
· Key qualities the next generation CISO needs to succeed at the board level and in today’s cyber-threat environment
*Forrester Report 2015: Security Leaders, Earn Your Seat At The Table
Moderator: Rebecca Herold (The Privacy Professor) Panel: RSA, HPE Security - Data Security, Booz Allen Hamilton
In 2014 around 40 percent of data breaches were the result of external intrusions, while the remainder were caused by a lack of internal controls/employee actions, lost or stolen devices/documents, and social engineering/fraud. The good news is that the vast majority of security breaches can be prevented by implementing and enforcing basic security best practices with proven technologies.
Join this educational panel webinar to hear experts discuss how to establish a data protection plan and educate employees to maintain PCI compliance, and enforce basic security best practices and leverage technology solutions to prevent data breaches in 2016.
Discover a day in the life of your network security and what it may face on a daily basis. Find out how to anticipate and prevent emerging security threats and see how to better secure your organization, keeping it safe from external and internal threats.
Take a walk through the current threat landscape with a practicing security engineer. Then watch live demonstrations from a SonicWALL system engineer of how to leverage Dell solutions to counter these intrusions.
You’ll learn more about:
• Understanding the threat landscape and need for security
• Easy methods of extending security awareness to internal and external customers
• Combating threats with Dell Software solutions
For many of today’s businesses, web applications are their lifeline. The growing complexity involved in keeping these applications fast, secure, and available can be seen as a byproduct of shifts in how these apps are developed, deployed, and attacked. This discussion will explore how high level trends in today’s web environments and the cyber attack landscape are shaping tomorrow’s application security solutions.
In session you’ll learn about:
- Trends in contemporary web applications that are forcing security evolution
- How today’s cyber attack landscape impacts cybersecurity
- What modern IT security solutions look like
- Distil Networks Overview
Mike Goldgof, Senior Director, Product Marketing; Kyle Summers, Product Manager
The Payment Card Industry Data Security Standard (PCI DSS) is continuously changing to protect user data from exposure. The most recent version, 3.1 will remain active until December 31, 2017.
This presentation discusses the significance of PCI compliance in your business, the top 10 changes in 3.1 that will affect your application security program, and provides recommended activities to achieve compliance.
Wendi Whitmore, VP CrowdStrike Services; Andy Schworer, Principal Consultant; and Brandon Finney, Principal Consultant
Learn important lessons gleaned from real-life engagements, detailing the tools and techniques advanced attackers use to compromise victim networks, and strategies the CrowdStrike Services team has devised to combat and even prevent these attacks from occurring.
You will learn:
- New tactics attackers are using to gain and maintain access to victim networks
- How quickly adversaries attempt to re-infect an organization
- Remediation tactics and tools you can use to remove attackers from your network
- Proactive steps you can take to improve your success in detecting, preventing and responding to targeted attacks
The market for cyber insurance is expanding rapidly, yet a dearth of actuarial data continues to present challenges for underwriters looking to assess and quantify risk. With so many cyber risk metrics being used, how can underwriters actually know how likely a policyholder is to experience a data breach, and thus how likely they are to have to pay out?
Join Ira Scharf, GM of Worldwide Insurance at BitSight, and Dave Bradford President, Research and Editorial at Advisen as they discuss new correlations between BitSight Security Ratings and data breaches.
Attendees will learn:
- Why security ratings are a clear indicator of cyber risk
- How likely companies with BitSight ratings of 400 or below are to experience a data breach
- How underwriters, policyholders, and applicants can use BitSight Security Ratings to lower their cyber risk
Stephen Jones, Director of Managed Services, GuidePoint Security & Mike Paquette, Vice President of Products, Prelert
Advanced cyberattacks are occurring at an astounding rate, with more industries and government entities becoming victims of massive data thefts, damaged brands, public trust issues, as well as billions in lost revenues. One of the primary problems is non-existent or inadequate enterprise security monitoring. Contributing issues that exacerbate this problem are inadequate staffing levels for information security practitioners, insufficient experience and/or training of existing staff, and archaic methodologies and practices. There are attainable, affordable options for commercial and government entities to significantly reduce their risks while simultaneously enhancing their security posture through proactive security monitoring and other enterprise information security practices. Join Prelert and GuidePoint Security to learn about:
•Why enterprise security monitoring is essential
--You don’t know what you don’t know
•Emerging security monitoring methodologies and practices
--Automated analysis of log data
--Machine learning-based anomaly detection
--Behavioral Analytics and linked data insights
•How partnering with a Managed Security Service Provider (MSSP) can help you achieve your enterprise security mission
--Third party assessment of your enterprise security posture
--Virtual Security Operations Center (vSOC) monitoring and alerting for network security incidents
--Additional ad-hoc security technologies and services as needed
David Riddoch, Chief Architect and Co-Founder, Solarflare
TCP stacks for FPGAs are costly today; both in monetary terms and in the amount of resources they consume on the FPGA itself. In this webinar, David Riddoch will present Solarflare's patented ANTS technology and AOE network adapters which enable extremely low latency, while scaling to large numbers of concurrent TCP connections and consuming a fraction of the resources.
Cheryl O’Neill, Dir. Product Marketing, Imperva and David O’Leary, Dir. Security Solutions, Forsythe
Data thieves are opportunistic, looking for unprotected databases in the forgotten digital corners of your company. They are content to steal any data that lies within easy reach.
Large companies are especially vulnerable. With hundreds or even thousands of databases spread throughout business units and across multiple geographies, it is only a matter of time until your unprotected data is accessed and stolen.
Fortunately, it doesn’t have to be complicated, tedious or expensive to protect all of your sensitive data with a database monitoring solution. The right database monitoring solution can also provide visibility into data usage and simplify compliance audits.
Join us for this webinar to learn:
•Benefits of database monitoring over native audit tools
•Factors to consider before investing in database audit and protection
•3 specific ways to leverage database monitoring for improved security
How can companies effectively measure their company’s risk of a data breach? What security metrics are most important when it comes to determining breach risk? How do different types of security compromises, whether botnet infections or brand name SSL vulnerabilities, contribute to an organization’s risk profile? Can you aggregate data to create high-level ratings to measure and report on cybersecurity risk?
Join BitSight’s Chief Technology Officer Stephen Boyer and Senior Data Scientist Jay Jacobs to get these questions answered - and more. This data driven webinar will highlight the extensive analysis that the BitSight Data Science team undertakes to make security signals into concrete risk mitigation actions. Perhaps most importantly, the speakers will give guidance on how security and risk professionals at every level - from the board room to the server room - can drive positive change throughout their organizations.
A recent Forrester Consulting survey revealed that while organizations initially rated all Next Generation Firewall features as high priority during evaluation, only two features were actually used in more than 50% of deployments. Respondents cited configuration challenges, too much noise and slowdown in performance as the primary reasons for using fewer features. In this webcast we will discuss how to get full value out of a next generation firewall:
· Finding an effective, accurate and extensible set of NGFW security features
· Defining, configuring and validating an appropriate set of NGFW policies
· Assessing actual performance of NGFWs
· Monitoring NGFWs on a regular basis
· Responding to the inevitable incident with your NGFW
You're invited to join us on Thursday, Nov. 19, to be among the first to see how ThreatSecure Network, which detects advanced threats and network anomalous behavior, is integrating with Splunk to make powerful big data capabilities a reality for your security team.
The webinar will demonstrate how this integration will enable teams to:
· Decrease the time of incident detection and reporting
· Analyze data and make informed decisions on threat severity via a single interface
· Demonstrate and determine the impact of malware across the network
Richard Sherrard, director of product management, Rogue Wave Software
It’s everywhere. From your phone to the enterprise, open source software (OSS) is running far and wide. Gartner predicts that by 2016, 99 percent of Global 2000 enterprises will use open source in mission-critical software. While it’s free, easy to find, and pushes software to the market faster, it’s vital to understand how to use OSS safely.
Join Richard Sherrard, director of product management at Rogue Wave, for a live webinar reviewing the top five OSS trends of 2015. From OSS discovery, to risk, and governance, we’ll take a deep dive into the trends we’ve noticed this year while providing you with some predictions for 2016.
In this webinar you’ll learn how to:
-Discover the OSS in your codebase to ensure that code is free of bugs, security vulnerabilities, and license conflicts
-Implement controls on OSS usage at your organization
-Create a multitier approach to OSS risk reduction with open source tools, static code analysis and dynamic analysis
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.