Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • IT Asset Management: The data perspective IT Asset Management: The data perspective Charlie Betz, Founder, Digital Management Academy Recorded: Oct 26 2016 49 mins
    IT asset data overlaps with configuration management, monitoring systems, and even Fixed Asset systems. Understanding these relationships is essential to managing digital systems. This webinar will provide an in-depth discussion of the various sources for IT asset data, what they mean, and how they interact. What does it mean to have something in the IT Asset Management system but not in the CMDB? Or in the Fixed Asset system but not the Monitoring system?

    Attendees will a hear a detailed and specific analysis of the various cases that make managing IT data so interesting and challenging.
  • Leading with Integrity & Authenticity Leading with Integrity & Authenticity Don Levonius, Principal Consultant and Master Facilitator at Victory Performance Consulting LLC Recorded: Oct 26 2016 120 mins
    Values-free leadership is an oxymoron, and leadership without authenticity is a misnomer. Integrity is the heart of leadership and authenticity is its soul. True leaders are not only ethical and transparent, they engage and influence others on a deeper, more personal level. By applying the ethical theories of notable moral philosophers and contemporary thought leaders, participants test proven ethical principles of authentic leadership.
  • HPE Security Fortify SCA and SSC, new features to power a DevOps SDLC HPE Security Fortify SCA and SSC, new features to power a DevOps SDLC Michael Right, Sr Product Manager, Fortify and Emil Kiner, Product Manager, Fortify Recorded: Oct 26 2016 27 mins
    As threats evolve, so must application security. HPE Security Fortify continues to create and pioneer new features and functionality to further automate and streamline your app security testing program. Learn about new static scanning advances that align with DevOps requirements. Hear how scan analytics can further enhance and refine advanced auditing processes to increase the relevancy of security scan results.
  • 2016 Open Source Risk Report – Key Findings for M&A Professionals 2016 Open Source Risk Report – Key Findings for M&A Professionals Phil Odence, Vice President & General Manager On-Demand Audits; Mike Pittenger, VP Security Strategy Recorded: Oct 26 2016 59 mins
    Open source has been adopted by organizations across all industries, including software, systems, and cloud services. How much open source is used, along with the license, security, and operational risks posed by unmanaged use of open source, is a question M&A professionals need to consider in every transaction.
    This webinar will provide insight from real world data abstracted from Black Duck M&A audits. The data covers hundreds of systems and commercial applications, the code assets of recent acquisition targets, and will illuminate why acquirers should understand exactly what is in the code base before closing the deal. Data will include:
    - The composition of open source v. proprietary code in the average code base
    - The gap between the number of open source components used vs. what was known by the target
    - The prevalence of components using licenses that could put IP at risk
    - Number and age of security vulnerabilities in the open source components
    - An understanding of which components have underactive support communities
  • Activated Charcoal: Making sense of endpoint data Activated Charcoal: Making sense of endpoint data Greg Foss, Head of Global Security Operations, LogRhythm and Sarah Miller Threat Intelligence Analyst, Carbon Black Recorded: Oct 26 2016 64 mins
    Security operations is all about understanding and acting upon of large amounts of data. When you can pull data from multiple sources, condense it down and correlate across systems, you are able to highlight trends, find flaws and resolve issues.

    This webcast will cover the importance of monitoring endpoints and how to leverage endpoint data to detect, respond and neutralize advanced threats.

    You’ll discover:

    - Why endpoints are the new perimeter
    - How employees can strengthen your security operations strategy
    - Techniques to test and validate security awareness program
    - How to take the data that Carbon Black collects, correlate it against thousands of endpoints, and dynamically neutralize threats using the LogRhythm security intelligence and analytics platform

    Register now to learn how LogRhythm and Carbon Black can help you strengthen your overall security operations strategy—all within a single interface.
  • Understanding the European NIS Directive Understanding the European NIS Directive Nathan Martz, Principal Strategic Consultant, Central Europe, Mandiant Recorded: Oct 26 2016 25 mins
    The European Cybersecurity policy - the Network Information Security (NIS) Directive - is about to become the new law that sets security standards for many organisations across Europe.

    Recent research carried out by FireEye shows that many organisations are not fully prepared to implement the legislation, which comes into effect in less than two years' time, and it is critical these organisations begin preparing now to be in compliance and not be caught unprepared.

    In this webinar, Mandiant’s Nathan Martz, Principal Strategic Consultant for Central Europe, will cover:
    -The basics of the European Cybersecurity policy - the Network Information Security (NIS) Directive
    -Timeline, key components and possible penalties for noncompliance
    -Practical recommendations on compliance and security standards to keep your company prepared

    We look forward to welcoming you to the webinar.
  • eSummit 3 Cyber-Forensics - an Overview of Intrusion Investigations eSummit 3 Cyber-Forensics - an Overview of Intrusion Investigations Dr. Gareth Owenson, Senior Lecturer, University of Portsmouth, Christopher Laing,(ISC)2 EMEA Advisory Board Member Recorded: Oct 26 2016 41 mins
    Dr Gareth Owenson is the course leader for the Forensic Computing programme at the University of Portsmouth. He teaches extensively in forensics, cryptography and malware analysis. His research expertise is in darknets, where he is presenting working on alternative approaches that may lead to novel applications of the blockchain. Gareth also has a strong interest in Memory Forensics, and undertakes work into application-agnostic extraction of evidence by using program analysis.

    Gareth has a PhD in Computer Science (2007) and has taught at several Universities throughout the UK.
  • eSummit 2 - Phishing attacks and Forensics – Where did it all go wrong? eSummit 2 - Phishing attacks and Forensics – Where did it all go wrong? Matthias Maier, Security Evangelist EMEA, Splunk, Christopher Laing, (ISC)2 EMEA Advisory Board Member Recorded: Oct 26 2016 46 mins
    Phishing and Spear Phishing attacks are the number one starting point for most large data breaches. However, no traditional security technology is currently able to mitigate the risks associated with these type of threats. Join this webinar to learn why phishing attacks are so successful, what capabilities organizations need to carry out a forensic investigation and what questions you need to be able to answer following an attack to respond effectively.
  • eSummit 1 - How I learned to stop worrying and love forensics eSummit 1 - How I learned to stop worrying and love forensics Simon Biles, Digital Forensic Analyst, Forensic Equity Limited, Christopher Laing, (ISC)2 EMEA Advisory Board Member Recorded: Oct 26 2016 49 mins
    There is no such thing as a "secure" system - we do our level best to design them as well as we can, to put controls and measures in place - but, at the end of the day, things can and do go awry. Today we are going to talk about Forensics, and how it is the opposite side of the coin from security. What can we do in advance to aid in forensic investigation? What do we do at the point of a compromise to allow us to preserve as much evidence as is possible? And, ultimately, how to we take a forensic analysis and learn from it to create a better system the next time?
  • Best Practices on Operational Efficiency in Network Security Best Practices on Operational Efficiency in Network Security Presenter: Michael Ferguson, Strategic Security Solutions Consultant, Forcepoint Recorded: Oct 26 2016 63 mins
    Most businesses prefer to control the day-to-day operations of their networks using their own resources. The increasing complexity of modern networks means that the overall acquisition, control and deployment for network security projects is far more challenging than before. With decreasing IT budgets and limited resources within high growth businesses; how are network teams expected to improve operational efficiency without sacrificing quality of service and service level agreements?

    In a world that is fraught with new security exploits, maintaining operational efficiency with a low impact on resource and cost can be very difficult.

    What are the best practices for maintaining an operationally efficient network security deployment? How do network teams stay on-top of daily routine tasks, such as policy configuration, upgrades and network security monitoring? How can network teams be enabled to focus on mission critical projects through automation?

    Learn from case studies about network security and firewalls which enable the deployment of firewalls within highly distributed networks without sacrificing time or security.

    Join Forcepoint and (ISC)² on Oct 26 (Wed) at 1:00p.m. (Singapore time) in learning the best practices on operational efficiency in network security.

    Presenter: Michael Ferguson, Strategic Security Solutions Consultant, Forcepoint

    Moderator: Clayton Jones, Managing Director, Asia-Pacific, (ISC)²
  • Finding the Holy Grail: Data Security AND Privacy Finding the Holy Grail: Data Security AND Privacy Robert Ball, Global Privacy Officer and Chief Legal Officer at Ionic Security, Inc. Recorded: Oct 25 2016 43 mins
    Privacy vs. security, security vs. privacy… the debate is ongoing. Why can’t we have both? Good news: by leveraging the appropriate mix of policies, procedures and enabling technologies, it is possible to secure data AND control access to it in a way that ensures proper application of privacy policies.
  • Compliance as Code with InSpec 1.0 Compliance as Code with InSpec 1.0 Christoph Hartmann, InSpec core contributor & George Miranda, Global Partner Evangelist Recorded: Oct 25 2016 60 mins
    InSpec is an open-source testing framework with a human-readable language for specifying compliance, security and other policy requirements. Just as Chef treats infrastructure as code, InSpec treats compliance as code. The shift away from having people act directly on machines to having people act on code means that compliance testing becomes automated, repeatable, and versionable.

    Traditionally, compliance policies are stored in a spreadsheet, PDF, or Word document. Those policies are then translated into manual processes and tests that often occur only after a product is developed or deployed. With InSpec, you replace abstract policy descriptions with tangible tests that have a clear intent, and can catch any issues early in the development process. You can apply those tests to every environment across your organization to make sure that they all adhere to policy and are consistent with compliance requirements.

    Inspec applies DevOps principles to security and risk management. It provides a single collaborative testing framework allowing you to create a code base that is accessible to everyone on your team. Compliance tests can become part of an automated deployment pipeline and be continuously applied. InSpec can be integrated into your software development process starting from day zero and should be applied continuously as a part of any CI/CD lifecycle.

    In this webinar, we’ll explore how InSpec can improve compliance across your applications and infrastructure.

    Join us to learn about:
    - What’s new in InSpec 1.0
    - InSpec enhancements for Microsoft Windows systems
    - Integration between InSpec and Chef Automate

    Who should attend:
    Security experts, system administrators, software developers, or anyone striving to improve and harden their systems one test at a time.
  • Automating Security and License Compliance in Agile DevOps Environments Automating Security and License Compliance in Agile DevOps Environments Utsav Sanghani Product Manager Integrations, Partnerships & On-Demand, Black Duck Recorded: Oct 25 2016 41 mins
    Yes, it’s possible to automate open source security and license compliance processes and maintain DevOps agility. In this webinar, Product Manager Utsav Sanghani will demonstrate how Black Duck Hub plugs into Jenkins to address open source license compliance and security risks as part of an overall release process. He will cover:
    - Automating and managing open source security as part of the SDLC
    - Defining and implementing custom policies that prevent potential open source risks
    - Issue management and remediation workflow, with ideas on how going left translates into greater savings
  • Tips on Anyalyzing and Modeling Complex Data Sets Tips on Anyalyzing and Modeling Complex Data Sets Scott Dallon, BrainStorm, Inc. Recorded: Oct 25 2016 20 mins
    Discover how businesses turn big data into meaningful insights to help make organizations work smarter, and make better decisions faster.

    Join Scott Dallon to learn tips on analyzing and modeling complex data sets!
  • Best Practices: Architecting Security for Microsoft Azure VMs Best Practices: Architecting Security for Microsoft Azure VMs Oliver Pinson-Roxburgh, EMEA Director of Solutions Architecture Recorded: Oct 25 2016 61 mins
    Do you know if your workloads are secure? Do you have the same security and compliance coverage across all of the cloud platforms and datacenters running your critical applications? Are you having to design your security framework each time you deploy to a new region or datacentre?

    Whether you’re working with multiple cloud environments or exclusively on Azure, there are certain things you should consider when moving assets to Azure. As with any cloud deployment, security is a top priority, and moving your workloads to the cloud doesn’t mean you’re not responsible for the security of your operating system, applications and data. Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your Azure environment is secure.

    Register for this impactful webinar as we discuss step-by-step what you need to do to secure access at the administrative, application and network layers.

    In this webinar, we will take a look at:
    • The Shared Security Model: What security you are responsible for to protect your content, application, systems and networks
    • Best practices for how to protect your environment from the latest threats
    • Learn how traditional security approaches may have limitations in the cloud
    • How to build a scalable secure cloud infrastructure on Azure
  • CA PPM in der Praxis – Teil 1: Applikation Portfolio Management CA PPM in der Praxis – Teil 1: Applikation Portfolio Management Peter Säckel/Advisor PPM/CA Technologies Recorded: Oct 25 2016 42 mins
    Wie stellen Sie sicher, dass sich all Ihre Applikationen an Ihren Geschäftszielen ausrichten?
    Passen Sie Ihr Budget für Applikationen regelmäßig an die aktuelle Geschäftsstrategie an?

    Dieses Webinar möchte aufzeigen, wie Sie eine komplette Übersicht zu Ihrer Applikationslandschaft erhalten, diese objektiv hinsichtlich Geschäftszielen bewerten und dabei Redundanzen oder unnötige Applikationen identifizieren.

    Das damit verbundene Einsparungspotential könnte in sinnvolle Innovationen oder Unternehmenstransformation eingesetzt werden.

    Diese Webinar-Reihe beginnt mit dem Thema Applikation Portfolio Management und wird sich in weiterführenden Webinaren mit ausgewählten Themen aus der PPM-Welt ergänzen.
  • Breach Defense: Prepare & Respond Breach Defense: Prepare & Respond Vipul Kumra,Consulting Engineer, FireEye India,Shantanu Mahajan, Consulting Engineer, FireEye India Recorded: Oct 25 2016 49 mins
    Are you ready to handle a security breach? In the age of relentless cyber crimes and nation state sponsored cyber attacks, companies need to be breach-ready, and be proactive in their incident preparedness. This could essentially save organisations from devastating cost.
    Incident preparedness is more than having an incident response plan, it’s more than having skilled personnel on staff. Come join us for a discussion on key elements that every company should consider. Major security breaches have become part of everyone’s daily news feed—from the front page of the newspaper to the top of every security blog—you can’t miss the steady flood of new breaches impacting the world today. In today’s ever-changing world of business and technology, breaches are inevitable: you must be prepared and know how to respond before they happen
  • Breached Elections - How Hackers Are Influencing Politics Breached Elections - How Hackers Are Influencing Politics Alex Holden, Founder and CISO of Hold Security, LLC Recorded: Oct 24 2016 60 mins
    Political elections shape our society for the years to come. While the foreign hackers are no longer watching our politics out of interest, they are electronically directly interfering with our politics. The Sony Pictures breach was more of a political statement, than a data loss event. With US elections around the corner, we are more of a cyber breach target than ever. Wikileaks is releasing documents, Russian hackers allegedly breaching DNC, and there is more to come. We will examine the current trends, look at the history of the worst manifestations of hackers influencing politics. Then we will draw conclusions on how the politics are changing under a threat of a constant privacy breach.
  • Acalvio Deception 2.0 Advanced Threat Defense Overview Acalvio Deception 2.0 Advanced Threat Defense Overview Acalvio Recorded: Oct 24 2016 5 mins
    Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter. The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management. Acalvio enriches its threat intelligence by data obtained from internal and partner eco-systems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation.
  • The SANS 2016 Survey on Security and Risk in the Financial Sector The SANS 2016 Survey on Security and Risk in the Financial Sector Sandeep Kumar is the director of Product Marketing at ForeScout Technologies Recorded: Oct 24 2016 61 mins
    The financial sector is highly regulated, and as a result, often focuses on compliance. However, compliance rarely results in excellence, and thus financial institutions continue to suffer security-related breaches and losses, particularly by insiders according to the 2015 SANS survey on security spending and preparedness in the financial services sector.

    Today's webcast will focus on the relationship between compliance and security, and the best practices organizations can use to secure their financial environments. Specifically, attendees will learn about:

    The relationship between compliance and security
    The effectiveness of tools, skills and controls
    Ways to improve security effectiveness and reduce risk
    How to align security, risk and compliance programs with business goals
  • What's Next in Emerging Tech? [Emerging Tech Virtual Summit] What's Next in Emerging Tech? [Emerging Tech Virtual Summit] Eric Horvitz, Technical Fellow & Managing Director, Microsoft Research Recorded: Oct 21 2016 30 mins
    By the end of this event, you’ll be asking, “what’s next?” In this final session of our virtual summit, Technical Fellow & Managing Director at Microsoft Research, Eric Horvitz, will discuss the next generation of emerging technology, with a particular eye to artificial intelligence.
  • Emerging Tech in the Start-Up World [Emerging Tech Virtual Summit] Emerging Tech in the Start-Up World [Emerging Tech Virtual Summit] Tereza Nemessanyi, Microsoft, Kevin O’Brien, GreatHorn and Kristen Smith, littleBits Recorded: Oct 21 2016 27 mins
    In this session, you’ll hear about innovative ways start-ups are using emerging technologies. Microsoft’s own Entrepreneur-in-Residence will tell us what’s happening in the start-up world, and two start-up moguls, Kevin O’Brien of GreatHorn and Kristen Smith of littleBits, will tell us how their companies are using emerging tech.

    In a constantly-evolving world of technology, it's near impossible to stay up to date with all the new advancements in tech. Whether you're launching a start-up, working for one, or in the planning stages, join us to hear from entrepreneur experts in cyber security, cloud communication, infrastructure, inventions and more!
  • Data Center Colocation: Is it the Right Approach for the Enterprise? Data Center Colocation: Is it the Right Approach for the Enterprise? Kelly Morgan - 451 Research, Jim Leach- RagingWire, Bill VanCuren- NCR Recorded: Oct 21 2016 36 mins
    Is Data Center Colocation the Right Approach for the Enterprise? A 451 Conversation with the CIO of NCR.

    Large enterprises have traditionally owned and operated their own data centers. But the capital and personnel requirements of owning and operating your own data centers as well as the strategic distraction, are causing many enterprises to consider replacing their data centers with a mix of colocation and cloud computing.

    In this webinar, Kelly Morgan, Vice President at 451 Research and one of the leading authorities on the economics and finances of the data center and hosting industries, will present the key considerations for enterprises as they evaluate colocation. Then, William VanCuren, Chief Information Officer at NCR, will join Kelly for a discussion on NCR’s hybrid cloud strategy, including their convergence of public cloud and colocation to support the enterprise
  • Managing Cyber Risk In Your Supply Chain Managing Cyber Risk In Your Supply Chain Jake Olcott, VP at BitSight Recorded: Oct 21 2016 61 mins
    Large data breaches have caused executives to invest significant time and resources in improving cybersecurity within their own companies. But now the attackers are targeting an organization’s weakest links - business partners and contractors who have access to the most sensitive data. How should senior leaders develop a strategy to manage third party cyber risk? Who are the most critical business partners to be concerned about? How can contractual language reduce the risk? Is there a way to gain real-time visibility into the security posture of the supply chain? And what are the regulators saying about all of this?

    Join Jake Olcott, Vice President at BitSight Technologies as he talks about:

    - Assessing your organization’s maturity with respect to managing third party cyber risk
    ​- Building a third party cyber risk management program
    - Regulatory requirements for third and fourth-party cyber risk management
    - Incorporating real-time data into your vendor risk management program
  • Top Sales Enablement Tools that Accelerate the Sales Cycle Top Sales Enablement Tools that Accelerate the Sales Cycle Scott Dallon, BrainStorm, Inc. Oct 27 2016 2:00 pm UTC 15 mins
    Sales enablement tools help increase sales and drive business growth. These tools help sales teams deliver the right message to their prospects at the right time.

    Join Microsoft as they discuss sales enablement tools that increase your sales team collaboration and productivity.
  • Black Duck Container Security MasterClass - Security Response Process Black Duck Container Security MasterClass - Security Response Process Tim Mackey, Sr. Technology Evangelist; John Beaudoin, Sr. Instructional Design Oct 27 2016 3:00 pm UTC 90 mins
    Container usage in production environments is becoming commonplace, increasing the need to design for security and develop security response processes. Doing so starts with a clear understanding of what software is running in the datacenter.

    This Container Security Master Class looks at how datacenter operations trends are combining to promote secure container deployments. Although these trends have the potential to abate risk, without a clear understanding of the applications and their dependencies, if a successful attack does occur, the scope of compromise can inadvertently increase.
  • How to Gate, Watch and Guard your Sensitive Data Everywhere How to Gate, Watch and Guard your Sensitive Data Everywhere Sunil Choudrie, Global Solutions Manager, Deena Thomchick, Sr. Director Cloud Security & Linda Park, Sr. Product Manager Oct 27 2016 4:00 pm UTC 60 mins
    The sad truth is that Invaders are trying to breach your defenses every day. With five out of every six large organizations being targeted by advanced attackers, protecting your data is a smart way to keep you from becoming tomorrow’s headline.

    So what does data protection mean? A comprehensive approach allows the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands.

    We will explain how Symantec technology addresses this approach and how you will benefit from:

    •Grant and ensure access only for authorized users with strong, multi-factor authentication, on any device, including BYOD.
    •Watching over data wherever it lives—in the cloud, on premise, in motion, and at rest.
    •Preventing data loss with unified policy controls to encrypt or block vulnerable information before it leaves the gate.
  • 5 Steps to Simplify Security in the Modern Data Center 5 Steps to Simplify Security in the Modern Data Center Brian Morris, Worldwide Solutions Architect, vArmour Oct 27 2016 4:30 pm UTC 60 mins
    Legacy security architectures and traditional security platforms are ineffective at securing modern data centers. Modern data centers need a security solution that is software-based, distributed, and simple: making security better, faster, and cheaper. vArmour is the leader in software-based segmentation and micro-segmentation that protects critical applications and workloads in the data centers and cloud.

    Join this webinar to learn more about the simple steps to securing the modern data center with vArmour.

    Step 1: Understand the behaviors of applications and workloads (with deep visibility) for more informed decisions
    Step 2: Streamline segmentation policy creation and management
    Step 3: Flatten and secure your infrastructure without a network redesign
    Step 4: Utilize proper control placement for better security and more efficient resource utilization
    Step 5: Scale out independent controls with automation
  • What You Need to Know about Ransomware and HIPAA Compliance What You Need to Know about Ransomware and HIPAA Compliance Chris Hendricks, Delta Risk & Garrett Gross, AlienVault Oct 27 2016 5:00 pm UTC 60 mins
    The healthcare industry is one of the top targets for ransomware attacks, and the US Dept. of Health and Human Services Office for Civil Rights (OCR) has now stated that ransomware incidents should be treated the same way as other data breaches under the Health Insurance Portability and Accountability Act (HIPAA) unless there is substantial evidence to the contrary.

    In this webinar, we'll discuss:
    -Why the OCR guidelines are important
    -Why attackers are going after healthcare firms
    -How to detect a ransomware attack
    -Steps you can take to protect your organization
  • Agile for Speed, productivity and … happiness  Agile for Speed, productivity and … happiness  Longda Yin, Principal Agile Consultant Oct 27 2016 5:00 pm UTC 60 mins
    Agile employees outperform so-called “hard workers” by nearly 20 percent, and research from Korn Ferry found that companies with more agile executives had 25 percent higher profit margins than their peers. Given the pervasiveness of agile in software development circles, and the pervasiveness of software as the backbone for every business today, it’s no surprise that agile tenets have pervaded employee expectations about the workplace. It’s why some of our agile coaches encourage customers to use employee happiness as a productivity metric.  
    Agile cultures are engaging cultures, and engaging cultures produce engaged employees. Are you ready to get going? We can help. Join us on Thursday, October 27, 10am PST / 1pm ET for this engaging webinar.
  • 5 reasons why your web gateway is falling behind (attackers) 5 reasons why your web gateway is falling behind (attackers) Guy Guzner Oct 27 2016 5:00 pm UTC 45 mins
    Web gateways and proxies are losing to malware and other advanced threats and are generating troubling operational overhead. Join us to learn the top 5 reasons why gateways are falling behind and experience a live demo of web isolation which prevents malware from ever reaching the corporate network.
  • Is Your Asset Data Actionable? Is Your Asset Data Actionable? Allen Biehl - Director of Professional Services, Snow Software North America Oct 27 2016 5:00 pm UTC 30 mins
    Chances are, your company has several sources of data for the assets deployed throughout the enterprise. Systems management tools. Service management tools. Asset management tools. There’s no shortage of data. What you’re missing is actionable information, geared toward managing your software licenses. The foundation of any best-practice SAM program rests on the quality and completeness of the asset data being used. This webinar will provide you with some guidelines to ensure the data you’re using is complete (mobile devices, desktop/laptops, data center servers and cloud-based subscriptions). Then, we’ll guide you through the concepts of data normalization and consolidation. Finally, we’ll help you understand the best way to put this information to work for you, to lower the cost of your software your organization consumes.
  • Vendor Risk Management Scenarios That Haunt You Vendor Risk Management Scenarios That Haunt You Matt Cherian Oct 27 2016 5:30 pm UTC 60 mins
    Whether you are in the beginning stages of implementing a vendor risk management (VRM) program, or you have a robust program, there are always scenarios that can blindside your organization. Compounding this uncertainty is the dynamic environment of cyber risk. Yet, there are tools and techniques organizations can leverage in order to reduce uncertainty about the security of their third parties and vendors.

    Join Matt Cherian, Director of Products at BitSight as he discusses how to grapple with common vendor risk scenarios. In this webinar, viewers will learn:

    - How to gain full visibility into the security of your critical third parties to avoid being caught off guard
    - How to understand and communicate potential threats occurring on the networks of your third parties
    - What to do when an infection- or breach occurs
  • Data Security & Protection with the New Windows 10 Data Security & Protection with the New Windows 10 Stephen Jeffries, Technical Architect, Microsoft Oct 27 2016 6:00 pm UTC 60 mins
    Get significant security protection with Windows 10! As the most secure Windows ever, Windows 10 offers significant security protection.

    With more than 250 million threats online in any given day, security for your business has never been more critical. These threats can cause loss of data and personal information with increased risk of identity theft. Windows 10 includes built-in protection to help keep you more secure with all new features in the Anniversary update.

    Join this webcast to learn more about the two major new security features that launched with the Anniversary update:
    •Windows Defender Advanced Threat Protection (WDATP) detects, investigates, and responds to advanced malicious attacks on networks by providing a more comprehensive threat intelligence and attack detection
    •Windows Information Protection enables businesses to separate personal and organizational data and helps protect corporate data from accidental data leaks.
  • The Future of Incident Response: What You Need to Know The Future of Incident Response: What You Need to Know Mike Rothman, Securosis Analyst/President; Faizel Lakhani, SS8 COO/President Oct 27 2016 6:00 pm UTC 75 mins
    What happens when you combine increasingly effective adversaries, data dispersing to the clouds, and a significant lack of skilled security practitioners? You get the future of incident response.

    Despite having a bigger budget and better tools than ever before, the underlying way incident response happens within enterprises must evolve with the times.

    Join Mike Rothman, an analyst at Securosis & Faizel Lakhani, COO at SS8 as they discuss trends in cyber attacks and incident response. Learn what you can do today to ensure your organization is ready for the changes already in motion, and how network visibility plays a crucial role in accelerating breach and incident response.
  • Phishing Prevention: Be Suspicious and Don’t Get Hooked Phishing Prevention: Be Suspicious and Don’t Get Hooked LookingGlass experts: James Carnall, VP, Cyber Security Center & Greg Ogorek, Sr Director, Cyber Security Operations Oct 27 2016 7:00 pm UTC 60 mins
    Although it’s been around for years, phishing is still one of the most common and effective online scams – and it just continues to grow. In Q1 2016 alone, phishing attacks grew approximately 250 percent. There were more phishing attacks during that three-month span than any other since 2004.

    Phishing scams are increasingly difficult to detect. Using information freely available on the internet about you or your organization, cyber criminals carefully craft a message that contains real information that you are inclined to trust. It can come to you in many ways including emails, SMS messages, phone calls, or impersonating websites. Often, there is a sense of urgency that’s paired with a message that makes you react with your emotions instead of thinking. So, how do you protect yourself and your organization from phishing scams?

    Join LookingGlass cyber security experts James Carnall and Greg Ogorek as they explore the world of phishing scams and phishing protection solutions. To set the context, the diverse types of phishing scams will be outlined along with very realistic examples that make these lures come to life. Next, we will investigate the growing risks by highlighting the changing cyber threat landscape specifically attributed to phishing. We will wrap up by discussing a wide range of phishing protection solutions.
  • Cyber Threat Hunting: A New Dimension of Cyber Intelligence Cyber Threat Hunting: A New Dimension of Cyber Intelligence Mike McCracken, Director of Professional Services, HOSTING, and Chris Dodunski, CTO of Phirelight Security Solutions Oct 27 2016 7:00 pm UTC 45 mins
    "Cyberhunting" actively looks for signs of compromise within an organization and seeks to control and minimize the overall damage. These rare, but essential, breed of enterprise cyber defenders give proactive security a whole new meaning.

    Join me, Mike McCracken, Director of Professional Services at HOSTING, and Chris Dodunski, CTO of Phirelight Security Solutions on October 27th at 3 PM EST for the live webinar, Cyber Threat Hunting: A New Dimension of Cyber Intelligence.

    During the live webinar, we will be going over:

    -The technology behind "cyberhunting"
    -What threats your organization is at the most risk for, both internally and externally
    -A 20 min live demo of Phirelight's security solution.

    Be sure to bring your questions, there will be a live Q&A during the event. See you there!
  • Mobile Strategy: The Benefits of Using an Integrated Solution Mobile Strategy: The Benefits of Using an Integrated Solution Chris Marsh, Research Director at 451; Emil Stoychev Progress, Product Manager at Progress Digital Factory for Mobile Oct 27 2016 7:00 pm UTC 60 mins
    Companies have struggled to find their feet when it comes to combining technology, people and workflow in their mobile application development strategies. All too often fragmented technologies have impeded progress. As technologies mature however and mobile (as distinct from pure web development) becomes better understood, there is light at the end of the tunnel. In particular integration across the lifecycle is delivering significant productivity gains for developers and business stakeholders that makes moving from handfuls of apps to a scaled mobile app strategy more of a reality.
  • Can Privacy and Government Encryption Backdoors Co-Exist or Is It an Oxymoron? Can Privacy and Government Encryption Backdoors Co-Exist or Is It an Oxymoron? Chenxi Wang, Chief Strategy Officer at Twistlock Oct 31 2016 5:00 pm UTC 45 mins
    Are government encryption backdoors and privacy in such a fundamental conflict that one necessarily obliterates the other. We will also be examining this issue in the context of the big data era - is law enforcement really going dark or is right now the golden age of surveillance?
  • Next-Generation End-to-End MDM Solution from Informatica Next-Generation End-to-End MDM Solution from Informatica Ben Rund, Prash Chandramohan Nov 1 2016 3:00 pm UTC 30 mins
    Creating the ultimate master record with a 360-degree view just got re-mastered. Join us as we talk about Informatica MDM – a true multi-domain MDM solution, available both on-premise and in the cloud.

    Take a look “under the hood” as we share the freshest updates for our data quality, data integration, and business process management workflow integrations with Informatica MDM. Learn how to improve your customer and business profiles with our Contact Validation Data-as-a-Service powered by Dun & Bradstreet, which helps you fill in the missing information you need, for accurate records you can swear by.

    Join us for a live webinar to tour what’s new in Informatica MDM:

    •See the latest features and functionalities available in our flagship MDM solution

    •Explore the flexible and powerful user interface with rich new page layouts that make it easier to view, add and update business-critical data and relationships

    •Meet Entity 360, an intuitive UI platform for building business user focused rich interfaces such as Customer 360, Product 360, and Supplier 360

    Who is this webinar for?

    •Current Informatica MDM customers who want to know what’s latest from industry leader

    •MDM consultants, practitioners, and developers who want to stay on top of MDM advancements

    •You! Just browsing or researching MDM options? Perfect! Or maybe you’re MDM-curious? Awesome! This webinar will help you understand what Informatica MDM does, how it’s used, what’s possible, and whether or not it fits your business needs

    Ranked as a clear leader in top analyst reports, including Gartner MQ, Forrester Wave, and The Information Difference MDM Landscape, Informatica MDM has been awarded top scores for customer satisfaction, innovative technology, and market strength.

    Can’t attend the live webinar? Sign up today and we’ll send you the on-demand recording afterward.
  • Best Practice highlights of ITSM Tool Selection Best Practice highlights of ITSM Tool Selection Eddie Potts, Principal Consultant Pink Elephant EMEA ltd Nov 1 2016 4:00 pm UTC 60 mins
    The decision to procure or to subscribe to a new ITSM tool invariably involves a significant investment. Such a purchasing decision should be treated like any other significant business investment, yet experience suggests that with regards to ITSM Tool selection the normal rules of procurement good practice are often not heeded.

    Research shows that organisations typically replace their ITSM tools every 3-5 years. This is arguably because organisations suffer a lack of ITSM improvement road maps, which baseline the current state and outline the people, processes and technology resources required to reach the desired state.

    The challenge is compounded as the ITSM tools market is increasing crowded, complex and dynamic. In short ITSM tool selection is a complex decision!

    Join Eddie Potts, Principal Consultant of Pink Elephant EMEA, as he highlights best practice methods of choosing an ITSM tool as an introduction to the ITSM Tooling Whitepaper being released in mid-November 2016.
  • Big Data Drives Big Efficiency Big Data Drives Big Efficiency Matt Aslett - 451 Research Director, Data Platforms and Analytics with Aali Masood, Senior Director, Oracle Nov 1 2016 4:30 pm UTC 60 mins
    Improving the efficiency of existing processes is critical for enterprises, and one of the first proof points of many big data projects. In the long-term enterprises may be looking for big data to generate revenue from new projects and applications, but proving the potential benefits by improving the efficiency of existing business processes – such as optimizing supply chains, or accelerating compliance – is a good place to start. Additionally, operating more efficiently at lower cost and with lower risk enables an organization to redirect budget towards driving growth.

    Join Oracle and 451 Research for a webinar exploring how to make this operational efficiency possible through a combination of data management, statistical analysis and visualization.
  • Securing Your Web Apps in Today's Complex Cloud Environment Securing Your Web Apps in Today's Complex Cloud Environment Alex Jones, Security Engineer, Gainsight & Dave Ferguson, Solution Architect, Qualys Nov 1 2016 6:00 pm UTC 60 mins
    Today, securing web applications has become more complex as organizations increasingly deploy and manage their web applications in the cloud. Modern web technologies such as sophisticated JavaScript frameworks and SPAs present increasing challenges to web application scanning, as crawling has become more difficult to manage.

    During this webcast Alex Jones from Gainsight and Dave Ferguson from Qualys will discuss how Qualys has helped Gainsight to:

    - Scan, discover, catalog applications on multiple cloud environments for vulnerabilities and website misconfigurations.

    - Adapt to increasingly complex and new web application technologies.

    - Build an easy-to-use, accurate and scalable scanning program across web application and network infrastructure.
  • Is Phishing and Ransomware a Critical Issue for you yet? Is Phishing and Ransomware a Critical Issue for you yet? Robert O'Brien, CEO MetaCompliance & Carey Harding, Cyber Security Consultant MetaCompliance Nov 2 2016 2:00 pm UTC 30 mins
    Ransomware and Phishing attacks have become a significant issue in organisations both large and small. The possibility of major business disruption arising from falling victim to Phishing or Ransomware is quite high, given that roughly 156 million phishing emails are sent globally every day.

    The FBI reports that ransomware attacks have cost $209 Million in just the first three months of 2016, which is more than eight times the total for 2015. At this rate, ransomware is expected to yield close to $1 Billion by the end of the year unless individuals and organisations improve both their defences and security awareness.

    Organisations must determine methods of improving their employees’ ability to withstand these threats, or at least, counter the most obvious ones. Cyber Security Awareness continues to become a major issue for management attempting to steer a safe course in order to carry out their “business as usual”.

    Some of the key topics that will be discussed are:

    •How has phishing and ransomware become so widespread?

    •What are the best methods for countering the threat of phishing and ransomware?

    •How can we improve the resistance of our user population to this threat?
  • Cisco ACI & Tufin: Maximize Agility & Compliance with Policy-Driven Automation Cisco ACI & Tufin: Maximize Agility & Compliance with Policy-Driven Automation Amnon Even Zohar, Director of Cloud Product Management, Tufin & Ranga Rao, Director of Technical Marketing, Cisco Nov 2 2016 3:00 pm UTC 60 mins
    Agility is the single most critical competitive factor in today’s business landscape and policy-driven automation is key across a complex, hybrid network.
    Cisco ACI is a policy-based network automation solution for accelerating application delivery, reducing operating costs, and gaining greater business agility. Tufin Orchestration Suite is a unified platform for orchestrating application connectivity across the heterogeneous enterprise network, including firewalls, hybrid cloud platforms and now also Cisco ACI.
    Join the webinar to:
    1. Learn more about the alliance and integration between Cisco and Tufin
    2.Review how the integration maximizes agility and compliance for enterprise customers from different industries
    3.Focus on the ability to manage application connectivity across the heterogeneous network
  • NGIPS: Market Trends and Group Test Results NGIPS: Market Trends and Group Test Results Thomas Skybakmoen, Rob Johnson Nov 2 2016 6:00 pm UTC 45 mins
    Next Generation Intrusion Prevention Systems are designed to protect against a new generation of threats that move faster and are more evasive than ever. Join NSS Labs as we explain NGIPS market trends, group test results, and the critical features to consider when purchasing a NGIPS.
  • Turbocharge your cyber investigations, Part 2 Turbocharge your cyber investigations, Part 2 Jeff Lenton, Solutions Architect, RiskIQ Nov 3 2016 2:00 pm UTC 45 mins
    While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.

    In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on SSL Certs, Host Pairs and Trackers. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.