Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
As a valued Tufin customer we invite you to learn how to begin the journey towards automation. We will discuss the challenges of automation and how you can take the first step towards automating firewall administration tasks.
In this webinar, you will learn how to gain immediate productivity benefits from the first phase of firewall change automation, such as;
•Discover and decommission unused and forgotten rules with a streamlined, automated process
•Understand the implications of server decommission and automate the process
•Realize the benefits of automating changes to object groups
Register now to save time and resources, reduce your workload, and quickly tighten your security posture with practical firewall automation.
This webinar will focus on the cultural shift from tightly controlled business networks of yesterday to the converged fabric adopted by businesses today. BYOD is becoming a normality for most organisations and it doesn't have to be a heavy burden for security teams with the right policies, people and technology in place. We'll dive into some of the options available for these challenges in this webinar and how having the right BYOD strategy can play an integral role in an organisation's preparation for EU GDPR compliance.
- The security options available today to enable an efficient and safe BYOD strategy
- How implementing a strong BYOD strategy can help compliance
- How you can reduce the risk of suffering a damaging cyber-breach
In this talk, we will give a short introduction into hybrid app development, present specific attacks and discuss how Android developers are using Apache Cordova. In the second half of the talk, we will focus on the secure development of hybrid apps: both with hands-on guidelines for defensive programming as well as recommendations for hybrid app specific security testing strategies.
Dr. Achim D. Brucker (https://www.brucker.ch) leads the Software Assurance & Security Research Team (https://logicalhacking.com) at the University of Sheffield, UK. Until December 2015, he was a Security Testing Strategist in the Global Security Team of SAP SE, where, among others, he defined the risk-based security testing strategy of SAP. He is a frequent speaker at security conferences.
Are we filling our homes and carrying around in our pockets, our biggest cybersecurity vulnerabilities? Join us in a lively debate where we will discuss the increase in IoT and smart devices, some of the lesser talked about threats and what steps are being taken to reduce the risk to the imminent smart device mutiny of future.
his presentation will share key insights from a survey Quali conducted of 2045 professionals to gauge the state of DevOps and Cloud adoption. It reviews the top 10 barriers to DevOps adoption as well as best practices that can help overcome these barriers. This is an informative session for DevOps and Cloud architects, application owners, technologists as well as IT infrastructure professionals that are responsible for planning and deployment of DevOps tools and processes.
Are cyberthreats keeping you up at night? You’re not the only one. According to recent research, 67% of companies are worried about security issues such as malware, phishing, and data theft.
So how do you improve your company’s security? How should you prioritize? How can you integrate all the tools? How many security staff will you need? How do you integrate a SOC and a NOC?
Managed Detection and Response (MDR) provides the answer to all these questions. With a focus on quick detection and response to threats, the service combines the right tools, people and processes to help you quickly implement the best security within your budget.
Ready for a good night’s rest? Join this webinar to discover how MDR can help!
Learn about a data exposure discovered from within the systems of Texas-based electrical engineering firm Power Quality Engineering (PQE), revealing the sensitive data of clients like Dell, the City of Austin, Oracle, and Texas Instruments, among others.
Left accessible to the wider internet via a port used for rsync server synchronization but configured to allow public access, the breach allowed any interested browser to download sensitive electrical infrastructure data compiled in reports by PQE inspectors examining customer facilities.
Dan O’Sullivan, the analyst who first broke the story, will go through the details of the discovery and the significant impact of this data exposure.
For the original article: https://www.upguard.com/breaches/data-leak-pqe
Demonstrating compliance with PCI DSS is far from a trivial exercise. The 12 requirements of PCI DSS often translate into a lot of manual and labor-intensive tasks in order to access the necessary data and reports from many different systems and tools. And, even after compliance is achieved, many teams struggle to maintain the processes and reporting between audits. Join us for this webcast covering what capabilities are needed for PCI DSS compliance, and how to simplify implementation with a unified security toolset like AlienVault Unified Security Management.
- What core security capabilities you need to demonstrate compliance
- The top challenges in meeting and maintaining compliance with PCI DSS
- Best practices to help you plan and prepare for an audit
- How AlienVault Unified Security Management simplifies threat detection, incident response, and compliance
You’ve heard the hype, now see for yourself the innovations that PAN-OS 8.0 brings to your network security. Attend this 30 minute webcast, “Start Benefiting from 8.0 Now,” to get a quick overview of the new features and enhancements PAN-OS 8.0 adds to your Palo Alto Networks Security Platform. Registrants will:
•Learn about the key capabilities introduced by 8.0
•See the value of the update to security deployments
•Receive a voucher for 8.0 training course and VM-100 - $800 value
Reserve your spot now, so you can start to take advantage of all 8.0 has to offer.
In today’s day and age, organizations understand that data breaches are a growing problem, but many fail to realize that a third party breach can impact them as much as a breach on their own network. In this webinar, BitSight’s Joel Alcon will discuss:
Suffice it to say that traditional email archiving is a mature technology category. However, more firms are looking at archiving today for the first time as their ‘keep everything forever’ strategies have failed. Others are motivated by a move to Office365, while some are looking for new approaches to address the growing challenges of social media, instant messaging, and rich media communications channels that are growing organically inside their firms.
Whatever the driver, archiving remains misunderstood by many – both within IT and across business units. Join us and our guest Bill Tolson from Archive360 as we explore and attempt to clarify the top 5 archiving myths:
• Archiving is primarily for email storage;
• Archiving is only necessary for regulated firms;
• Archiving leads to the risk of over-preservation;
• Cloud archiving is more expensive and less secure than traditional on-premises archiving;
• End-users don’t benefit from Archiving
We’ll wrap up with a brief overview of how Actiance and Archive360 are enabling organizations to address these myths and achieve their information governance objectives.
With more and more transactions happening online, and a dramatic increase in incidents involving brands and fraudsters on the Web, the concept of online trust has never been so vital for businesses. In this webinar you will learn how to help prevent these incidents by leveraging the Web PKI to display your business identity online: we will explain the principles of trust through business authentication and how to show your identity to your visitors thanks to various types of digital certificates.
We will run through the benefits of business authentication, what the current best practices and policies are for both e-commerce and Enterprise businesses when it comes to trust, what is mandatory and what is coming. We will help you clarify priorities for your business and provide some action plans.
Complex labs which are hard to control
Error prone manual cabling
Difficult to share resources
Laborious and repetitive setups
In this webinar we will review a solution which will allow you to overcome these challenges and be able to:
Automate connectivity with L1 switching matrix
Turn your lab into a service
Automate L1 connectivity
Have a web-based self-service catalog
Have a reservation system – effective sharing
Have an automatic setup and teardown
The India's Unique Identification numbers (UIDs), also named "Aadhaar numbers" contain Personally Identifiable Information (PII), the Unique Identification Authority of India (UIDAI) has mandated that the private cryptographic keys used to digitally sign and authenticate the UIDs must be stored in a Hardware Security Module (HSM).
In addition to HSMs, the UIDAI has also mandated the use of tokenization – replacing sensitive data with a token that can be securely stored, processed and transmitted as of August 2017.
Join this live webinar to know more about how to easily conform to the mandate:
•What is UIDAI's requirements?
•Why HSM and tokenization?
•How to ensure Aadhaar numbers are protected?
•What makes Gemalto's SafeNet Luna HSM and KeySecure unique?
•How to meet UIDAI's compliance mandates?
Regardless of how the material is maliciously obtained, finding stolen data efficiently - before your customers know they have been compromised - is a critical component of information security. Using the Open Source Intelligence methodology presented in this workshop, the information security professional can search and monitor for stolen data as well as users linking to and advertising the sale of your customers' data. With live examples from the dark web, this fast paced tutorial lays the groundwork for safe, effective investigations and includes searching with advanced search operators, email addresses, usernames and people searches in both the public internet as well as the dark web.
With the increasing demand for BYOD in the workplace, many organizations are adopting Mobile Device Management (MDM) solutions. However MDM is seen by many as cumbersome and invasive and has struggled to see meaningful adoption among employees. Fortunately, Cloud Access Security Brokers (CASBs), like Bitglass, offer an easy-to-use alternative for securing corporate data stored in public cloud applications on both managed and unmanaged devices.
Join this interactive webinar session to learn:
- The challenges companies face while deploying MDM
- Alternative solutions used to secure employee-owned devices without agents
Join the journey towards being data-focused and customer-centric using Big Data and Data Warehouse technologies.
In this webcast, you will understand what it means to take the journey from a data-focused approach and get faster insight without infrastructure concerns.
Learn how to:
- Use Azure public cloud for big data
- Setup a SQL DW, a Hadoop cluster and ask questions against large data sets
- Utilize Microsoft's best in class big data and analytics solutions and how it can power your journey into adopting, analyzing and utilizing big data
With the advent of Big Data comes not only new ways to optimise business and marketing processes, but also new concerns over the control and privacy of personal data.
These have given rise to local and regional data protection laws and regulations such as the General Data Protection Regulation (GDPR), a modernisation of data protection laws in the European Union, and the Australian data breach notification law, an amendment to the Privacy Act 1988 (Cth) which introduces a mandatory scheme for eligible organisations and federal agencies to report data breaches.
Data breach notifications give individuals greater control over their personal data and promote transparency over information handling practices, fostering consumer trust in businesses. The law requires businesses to prepare and assess risks to maintain brand confidence even if an incident becomes the next data breach headline.
Join this webinar to learn about:
- New challenges introduced by the Australian mandatory data breach notification law
- Key steps in the journey towards data privacy compliance
- How to monitor insider threats
- How to leverage these regulations to gain trust and ensure great customer experiences
We look forward to your participation in this free webinar.
The EU General Data Protection Regulation (GDPR) was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy, and to reshape the way organizations across the region approach data privacy. Acknowledging identity threats like phishing and man-in-the-middle attacks, the GDPR applies to all companies processing and holding the personal data of those residing in the European Union, regardless of the company’s location.
An excerpt from the GDPR describes authentication as ‘key to securing computer systems’ and as the first step ‘in using a remote service or facility, and performing access control’. The document also outlines various GDPR-compliant authentication solutions, such as smart card, OTP push apps, and FIDO Universal 2nd Factor (U2F).
Yubico’s enterprise solution - the YubiKey - combines support for OpenPGP (an open standard for signing and encryption), FIDO U2F (a protocol that works with an unlimited number of applications), and smart card / PIV (a standard that enables RSA or ECC sign/encrypt operations using a private key stored on the device) all in one multi-protocol authentication device. This makes it a strong and flexible solution for companies required to comply with GDPR. Attend this webcast and learn:
•How GDPR will impact the way organizations worldwide store and access the personal information of EU citizens
•How to leverage open standards to achieve GDPR compliance for strong authentication
•How a multi-protocol authentication device protects organizations from phishing and man-in-the-middle attacks
The European Union (EU) General Data Protection Regulation (GDPR) is designed to ensure the data privacy and protection of all EU citizens. It applies to any organisation – regardless of geographical location – that collects or processes personal data on EU residents, and institutes high penalties for non-compliance.
Join this interactive session to learn how you can improve your security to meet GDPR compliance by increasing your network traffic visibility. With the ability to monitor and send the right traffic to the right tools at the right time, the GigaSECURE® Security Delivery Platform can form the backbone of any GDPR compliance project.
In this presentation, you will learn how to bring pervasive visibility into network traffic that is needed to:
- Eliminate monitoring blind spots
- Vastly improve the accuracy and precision of data risk detection
- Help organisations meet the GDPR challenge
About the Presenter
Adrian is the Technical Director EMEA for Gigamon. He has had a keen interest in network security ever since, whilst working for Lucent Technologies, they introduced the Lucent Managed Firewall. Adrian also worked for leading web security firm CacheFlow, before joining NetScreen.
9 months until the GDPR deadline - are you completely up-to-speed?
Our panel of data protection experts will be discussing the compliance considerations that you need to be assessing for May 2018 along with suggesting next steps from a cyber and general security standpoint.
We'll also be asking YOU at what stage you're at in terms of your preparations via a series of interactive benchmarks as we go through the session to get a sense of where the security community is at in terms of preparations.
GDPR and its May 2018 deadline are now fully the minds of the vast majority of security professionals and with massive fines on the horizon for non-compliance, now is a better time than ever to get to grips with the legislation and ensure that your organisation is secure and compliant.
It’s vital that your business has carried out the relevant preparations for compliance by then to make sure you don’t get whacked with a huge fine of up to £15m or 4% of your organisation’s global annual turnover.
Not only are there potentially huge financial repercussions, but leaving your business open to attack and your customers at risk can cause serious reputational damage.
Would you leave sensitive data out in the open making yourself a target to thieves looking for a victim? That is exactly what your business is doing if it fails to identify vulnerabilities in their business applications. Cyber attackers are looking at your business applications for security vulnerabilities so they can get access and wreak havoc. It’s time to find and fix security vulnerabilities before the hackers do. Wondering where to start and what to do? This webinar will help you build a comprehensive plan to minimize threats and protect your company. Join this webinar to hear application security experts: Discuss methods for scanning & evaluating potential security vulnerabilities in out-of-the box and home grown business applications Teach methods for quickly detecting and eradicating software flaws Make recommendations for how to choose and implement vulnerability scanning tools Explain how to reduce security vulnerabilities during internal application development Examine the widespread use of open-source code and how it may expose your business to security threats
Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Franchetto will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on how to set up a sound and effective corporate Data Protection Compliance Programme, which will also include having a PLA in place with Cloud Service Providers.
- InnoSec is the winner of the EU commission Horizon 2020 grant based on its innovation in GDPR and cyber risk -
GDPR is an urgent issue that has companies scrambling to be compliant by May of 2018. Any organization that processes EU citizen data is in scope and the penalties are severe.
Alignment with the requirements can reduce the chances of triggering a Data Protection Authority (DPA) to investigate a company’s privacy practices after the GDPR takes effect in May 2018. DPAs can impose a fine on companies of up to 4% of annual global revenues for egregious violations of the GDPR. Member states can also add to these fines. The Netherlands, for instance, has more than doubled its own fining capacity to 10% of annual revenues. European privacy advocates are pressuring DPAs to fully exercise these new powers after May 2018.To manage this risk, multinationals should have a means to demonstrate alignment with the GDPR requirements and communication of this program with DPAs that have jurisdiction over their major European operations.
InnoSec’s GDPR solution provides privacy impact and risk assessments which measure the confidentiality and integrity of the system and the risk associated to it meeting articles 1,2, 5, 32, 35 and 36. Additionally, we provide a readiness gap analysis for managing, planning and budgeting for GDPR.
Most e-commerce, educational and multi-national organizations process EU citizen data and are in scope for GDPR. Moreover, most organizations are not ready according to Gartner and his means the race to the finish line requires as much automation as you can afford. InnoSec provides a means for companies to save money and time with their GDPR assessment and gap analysis offering.. Our GDPR offering automates the assessment process and provides a gap analysis readiness feature, that also ensures that organizations can plan, budget and manage their GDPR program.
The first half of 2017 was the tipping point for cyber threats in Northern Europe. Organizations had to defend themselves against two cyber attacks involving rapid spreading malware. The latest incident severely disrupted global enterprises, causing significant downtime and impacting their revenue.
Such high-profile, large-scale attacks show us that no organisation is safe from the reach of cyber-criminality. Post-GDPR, responding to these attacks will become all the more critical as breaches will have to be reported to the relevant regulatory body. By understanding your current security posture - internal processes and technology – combined with the external threat landscape – organisations can prepare themselves should a breach occur.
In this webinar, you will learn how to assess your risk profile, evaluate your operational strengths and weaknesses as well as your tactical approach to responding to co-ordinated, targeted attacks.
You’re preparing for GDPR. You’re auditing your information. You’re reviewing your security systems. But is this enough? Join us at Part Two of this BrightTALK webinar series where Symantec experts and a guest speaker from Forrester discuss how to ensure your security strategy is primed for GDPR.
You’ll learn the proven milestones to bring together the people, policies and processes that will make your GDPR preparations more successful – and how other businesses have done so.
Other topics will include:
•Identifying gaps in your strategy
•How to prioritise remediation and investments
•How to protect user identities and authentication so that they can’t be used to break into your personal and sensitive information.
Os dados do último Relatório Global de Fraude & Risco da Kroll demonstram que as empresas brasileiras ainda apresentam deficiências na detecção de fraudes, o que contribui para que boa parte delas passe despercebida.
Junte-se aos especialistas da Kroll para uma discussão sobre as maneiras mais eficientes de estruturar uma investigação interna, com exemplos reais do trabalho desenvolvido pela principal consultoria global de gestão de riscos corporativos e investigações.
Part 4 of 7: NIST Cybersecurity Framework for Healthcare Webinar Series
Put on your detective hats with the DETECT function of the NIST CSF. Too often healthcare organizations are breached without ever knowing it.
In this webinar, we’ll look at how the NIST CSF helps healthcare organizations set up technologies and policies to make sure they know, in a timely manner, when they’ve been breached, how they were breached and, most importantly, what they can do to mitigate this risk in the future.
We will take a deeper dive into the core components of the DETECT function, including the categories of anomaly/event detection, continuous monitoring and effective detection processes.
It can be difficult to learn that your organization has been breached, but that knowledge is crucial to improving overall cybersecurity operations.
To view upcoming NIST Cybersecurity Framework for Healthcare Webinar Series Part 5-7 https://resource.elq.symantec.com/LP=4235
Big things are happening in software. Agile Software Development and DevOps are delivering innovations at a rate never seen before. Prompting many to ask 'Is this the end of ITIL?'.
There is a perception that DevOps and ITIL cannot play well together. That an you must choose one over the other or risk catastrophic failure. This is simply not true.
Many do not realize that DevOps relieson core concepts and processes of ITIL to be successful. Ignoring this relationship means missing out on service improvements that may be introduced and developed by integrating key areas of the ITIL framework and the collective body of knowlege that is DevOps.
In this webinar we will take a close look at the simple things organizations can do to get most out of a balanced blend of traditional and modern IT practices.