Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Critical Actions to Prevent a Data Breach in 2019 and Beyond [Recording]
    Critical Actions to Prevent a Data Breach in 2019 and Beyond [Recording]
    Panelists: Nick Hayes, Forrester; Idan Shoham, Hitachi-ID; Jason Bonds, Ping Identity; Perry Carpenter, KnowBe4 Recorded: Feb 20 2019 76 mins
    * This is a recording so CPE credit is unavailable.

    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • How to Prepare for & Recover from Attacks in Hybrid Enterprise Environments
    How to Prepare for & Recover from Attacks in Hybrid Enterprise Environments
    Macie Thompson & Chris Murphy Recorded: Feb 20 2019 49 mins
    How can you plan for, detect, and respond to attacks in your hybrid environment, including cloud and on-premise?

    Join us for this webinar to find out. We'll explore differences and similarities between your approach for each, and what to keep in mind when looking for solution providers.

    What you’ll learn:
    •Why a solid incident response plan must account for hybrid cloud and on-premise environments
    •What’s changed with the move to cloud apps and services, and what’s the same
    •Who to include in your incident response planning
    •What tools can help you detect attacks more quickly and efficiently
    •How a solid plan can reduce recovery time from an attack

    Macie Thompson is Director of Delta Risk’s Incident Response team, providing incident response and compromise assessment support to commercial customers. She has more than eight years of experience in cyber security operations and training. Macie supports federal training and exercise programs, using her operational experience to develop realistic offensive and defensive cyberspace training curriculum and exercise vignettes for government clients.

    As Director of Critical Infrastructure Cyber Security at Delta Risk, Chris Murphy provides operational and strategic guidance for commercial and government clients. He specializes in helping organizations define and develop processes for incident response, monitoring infrastructures for security events, and detecting attacks. He has extensive experience in establishing and operating Computer Security Incident Response Teams (CSIRTs) and Computer Emergency Response Teams (CERTs), Cyber Security Operations Centers (SOCs), and investigative response teams, including those dealing with SCADA/Industrial Control Systems (ICS).
  • The Continuum of Cloud Native Topologies
    The Continuum of Cloud Native Topologies
    James Jones, Principal Solution Architect and Keith Mokris, Product Marketing Lead Recorded: Feb 20 2019 35 mins
    In this webinar, learn a helpful model of viewing the different cloud-native technologies as a continuum, to address different scenarios and efficiently choose which combination of technologies work best for running different workloads.

    The continuum starts with bare metal and VMs on the left, continues into “light” hypervisors (like Canonical’s LXD), and extends into containers and services like AWS Fargate and then, ultimately, serverless. Technologies to the left provide the most isolation and control with the tradeoff of greater management and performance overhead. Those to the right facilitate more agile development and app density with the tradeoff of less control.
  • To Whack or Not to Whack — Incident Response and Breach Mitigation
    To Whack or Not to Whack — Incident Response and Breach Mitigation
    Danny Akacki, Sr. Technical Account Manager, Gigamon Insight and TJ Biehle,Sr. Technical Account Manager, Gigamon Insight Recorded: Feb 20 2019 47 mins
    To whack, or not to whack, that is the question:
    Whether ‘tis nobler in the mind to torch all
    The compromised boxes on your poor network,
    Or to take arms against a sea of malware
    And by blocking stop them all.

    So, what do you do during an active security incident? When is the proper time to whack-a-mole with your mallet? Is it better to light everything on fire and start over, or should you make observations a key component of your response and mitigation strategy? In this webinar, we'll discuss strategies for when it's time to scorch the earth versus sit back with a cup of tea, gaining intel into what active adversaries are doing in your house.

    We’ll break down some of the most important points to remember during the commotion of an active incident response, including:

    •Context is king. We’ll explain the important questions you need to be ask when scoping an incident to get an improved view of the situation.
    •Thinking fast and slow. It’s understandable to want to nuke everything from orbit just to be thorough, but it’s usually not the smartest play. We’ll outline the potential benefits and risks of hasty containment and remediation efforts versus slow, thoughtful analysis when executing a response game plan.
    •The law of diminishing returns. There can be a tipping point where the cost of your decisions and polices no longer justify the answers you’ll find. We’ll talk you through some tactics to find the sweet spot between effort and return.
  • Microservices Security: It Will Get Worse Before it Gets Better
    Microservices Security: It Will Get Worse Before it Gets Better
    Eric Sheridan, Chief Scientist, WhiteHat Security Recorded: Feb 20 2019 32 mins
    For every 100KLOC, a monolithic application will have an average of 39 vulnerabilities whereas a microservice application will have an average of 180 vulnerabilities. You read that right. According to the data gathered from WhiteHat Security’s 2018 Stats Report, the transition of enterprise monolithic applications to distributed microservices architectures is actually increasing the overall average of total vulnerabilities. But why? Why is it that we seemingly continue to make the same mistakes again and again? And what does this say about the security of microservices architectures, or the developers that build them? The journey to a microservices architecture generally involves the decomposition of an already existing monolith application, wherein previous security assumptions and considerations are often questioned and sometimes invalidated.
     
    Join Eric Sheridan, Chief Scientist at WhiteHat Security, for a dive into the security trends of microservice architectures. Participants of this talk will learn…
    •Why we are seeing an increase in the number of vulnerabilities with the migration to microservices
    •The most common vulnerability classes facing applications of microservices architectures
    •Strategies that can be used to more readily find and fix vulnerabilities earlier in the development lifecycle
  • Cybersecurity & Industry 4.0: Protecting the Industrial Sector
    Cybersecurity & Industry 4.0: Protecting the Industrial Sector
    Grant Burst Recorded: Feb 20 2019 49 mins
    ICS, SCADA, NERC Compliance... the industrial sector of today faces major challenges in terms of cybersecurity to protect and defend its systems against cyber attack. In an age where IT and OT are converging, a threat to ICS is a threat to production, finances, and even public safety.

    In this webinar, you'll discover:
    - What threats are the Industrial sector facing?
    - What challenges are there to implementing cybersecurity
    - How can these challenges be overcome to enact robust security practices across all IT and OT systems?
  • Verizon Threat Research Advisory Center Monthly Intelligence Briefing
    Verizon Threat Research Advisory Center Monthly Intelligence Briefing
    Clarence Hill, David Kennedy Recorded: Feb 20 2019 84 mins
    Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing (MIB) to discuss the current cybersecurity threat landscape.

    Our Verizon Threat Research Advisory Center presenters will be:

    •Clarence Hill, Senior Manager, PS Advisory Services
    •David Kennedy, Managing Principal, Open Source Intelligence

    This month's theme: Device Overlays

    This webinar will also cover:

    •Current Intelligence Overview
    •Attacks and Threat Indicators
    •Latest Malware Trends
    •Significant Vulnerabilities

    If you have any questions related to social attacks and data breaches that you'd like us to cover on the call, please send them to the following email address: Intel.Briefing@verizon.com

    Then tune in for an information-packed session brought to you by our very own Verizon Threat Research Advisory Center investigators, analysts, assessors, and researchers!
  • Micro-Segmentation based Network Security Strategies
    Micro-Segmentation based Network Security Strategies
    Yoni Geva, Product Manager Recorded: Feb 20 2019 42 mins
    As cyber threats become more sophisticated, companies of all sizes are struggling to stay secure. Regardless of how many different firewalls you use, it’s merely a matter of time until a threat gets through. To prevent serious breaches, networks must be internally segmented to stop hackers moving freely inside the network and exfiltrating data – but network segmentation must be designed and managed correctly if it’s to be successful. This webinar will examine how to build a micro-segmentation strategy that truly protect your organization’s valuables.

    In this webinar, Yoni Geva, Product Manager at AlgoSec will cover:

    • Segmentation challenges
    • Micro-segmentation explained
    • Micro-segmentation strategy benefits
    • Micro-segmentation strategy development – first steps
    • Implementation Do’s and Don’ts
  • Delivering an Effective Cyber Security Exercise: Enhanced Breach Response
    Delivering an Effective Cyber Security Exercise: Enhanced Breach Response
    Daniel Norman, Research Analyst, ISF Recorded: Feb 20 2019 45 mins
    Organisations are constantly under threat with over two-thirds of them experiencing data breaches in 2018. As a result, preparedness and resiliency are paramount to protecting an organisation’s information from cyber attacks.

    Business leaders and their security teams can improve their ability to handle cyber attacks by running cyber security exercises. These exercises should help the organisation identify areas of improvement in people, process and technology, reducing the impact should a real cyber attack occur.

    In this webinar Daniel Norman, Research Analyst, ISF will share how organisations should approach running internal cyber security exercises to support breach identification, prevention and response.
  • Know your Vendor Risk
    Know your Vendor Risk
    Rema Deo, Managing Director, 24By7Security, Inc. Recorded: Feb 19 2019 56 mins
    About this webinar:
    We discuss key requirements related to a Vendor Risk Assessment. If you have vendors performing important duties for you and/ or have access to your or your clients' confidential information, you may need to perform a Vendor Risk Assessment. This session is part of our Cyber Conversations webinar series.

    Learn, among other topics, how to:
    - Identify the vendors that need a risk assessment.
    - Risk Rating your vendors
    - How do you go about performing a step-by-step vendor risk assessment, sometimes also called a Third Party Risk Assessment or Third Party Information Security Assessment?

    CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. We will issue a Certificate of Completion to those who attend the webinar, to the specific email address and attendee name on the registration form. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar.
  • How AI and machine learning are supercharging cybersecurity
    How AI and machine learning are supercharging cybersecurity
    VentureBeat Recorded: Feb 19 2019 60 mins
    Cyber threats continually evolve, growing more sophisticated and aggressive, regularly overwhelming and bypassing traditional security solutions. With AI-powered software trained on large datasets of cybersecurity, network, and even physical information, cybersecurity solutions are increasingly able to detect and block abnormal behavior, even without a known signature or pattern.

    Adding AI into the mix is a major turning point for cybersecurity. It’s growing clear that artificial intelligence and machine learning is the safest, and perhaps the only, path for cybersecurity professionals to really lock down their data and protect the enterprise. These systems offer the fastest, smartest ways to identify and analyze threats in real time -- and find the quickest way to taking them down.

    To learn more about how to improve privacy and security, and how new AI-powered security can protect companies and their customers better, don’t miss this VB Live event!

    Registration is free.

    Attend this webinar and learn:

    * How AI is defeating and preventing cyberattacks
    * When AI analytics need to be deployed and for what reason
    * How to build AI-powered tools that can assure consumers their data is secure
    * Real-world AI applications and what they mean for cybersecurity

    Speakers:

    * Fernando Maymi, Cybersecurity Researcher & Consultant, Moderator
    * Jim Ducharme, VP, Identity Products, RSA.
    * Eduardo Delgado, AVP, ORM, Cybersecurity, TD
  • Balancing the Risks of  Today with an Eye on the Risks of Tomorrow
    Balancing the Risks of Today with an Eye on the Risks of Tomorrow
    Alec Arons, National Practice Leader Advisory Services, Experis Finance Recorded: Feb 19 2019 61 mins
    Experis Finance is pleased to continue our Hot Topics webinar series in 2019. Our goal is to provide you with a series of webinars that provide practical insights on topics of interest to internal audit, information security, and compliance professionals.

    Our upcoming session covers Balancing the Risks of Today with an Eye on the Risks for Tomorrow.

    For the internal audit function to add value when assessing and evaluating risks it is important to look at the risks that matter most today with an eye on the risks that will matter tomorrow. All functions are expected to provide assurance relative to compliance, cyber and financial reporting risks. A forward-thinking department needs to have a deeper understanding of organizational strategy, technology trends, and disruptive business trends that will impact risk in the future. Corporate audit has the data and knowledge of the business to evaluate organization maturity and agility to take on new initiatives and the related risks.

    •Defining the balance between high-focus areas - cyber, compliance, and financial reporting - against disruptive trends and technology
    •Assessing organizational readiness for disruption and emerging trends
    •Managing expectations of the board and audit committee
  • Best Practices for Protecting Your Business from Cybercrime
    Best Practices for Protecting Your Business from Cybercrime
    Michelle Drolet (Towerwall), Michael Thelander (Venafi), William Peteroy (Gigamon), Kalani Enos (kenos) Recorded: Feb 19 2019 62 mins
    Cybercrime has evolved from random activities being carried out by individuals into a billion dollar illegal industry that continues to grow. How is cybersecurity keeping up with the rise of cybercrime?

    Join this panel of security experts to learn more about:
    - Trends in cybercrime and lessons learned in 2018
    - The cost of data breaches
    - Rise of cryptojacking and ransomware
    - Who are the players who make up the world of cybercrime (e.g. programmers, distributors, fraudsters, etc.)
    - The CISO vs the cybercriminal
    - Best practices for protecting your business

    Speakers:
    - Michelle Drolet, CEO, Towerwall
    - Michael Thelander, Director of Product Marketing, Venafi
    - William Peteroy, Security CTO, Gigamon
    - Kalani Enos, Founder & CEO, kenos Technologies (Moderator)
  • 5 Questions to Ask When Considering Cloud Backup for Enterprise Workloads
    5 Questions to Ask When Considering Cloud Backup for Enterprise Workloads
    Sarah Beaudoin, Product Marketing Manager, Druva Recorded: Feb 19 2019 44 mins
    As organizations continue to migrate to Office 365 for their email, productivity and collaboration tools, they’re quickly realizing that Office 365’s native capabilities do not provide the essential data protection capabilities they need.

    Join us for a technical webinar on Tuesday, August 21st at 3PM SGT/ 5PM AEST and learn best practices for safeguarding your Office 365 data, including:
    - Gaps within OneDrive, Exchange Online and SharePoint Online that lead to increased risk of data loss
    - How a third party backup solution can automate data protection and ensure data recoverability from user error, malicious behavior or malware
    - How to build a data management strategy for the future that leverages the cloud and improves alignment with organizational policies and SLAs
  • Cyber menaces : du minage de cryptomonnaies aux attaques de la chaîne logicielle
    Cyber menaces : du minage de cryptomonnaies aux attaques de la chaîne logicielle
    Laurent Heslault, Directeur des Stratégies Sécurité, Symantec France Recorded: Feb 19 2019 60 mins
    De la propagation des ransomwares WannaCry et Petya/NotPetya à l’essor fulgurant du minage de cryptomonnaies, l’année 2017 nous a rappelé que les menaces de sécurité peuvent provenir de sources aussi changeantes qu’inattendues. Outre la très forte augmentation du volume des attaques, le paysage des menaces s’est diversifié, les attaquants s’efforçant de découvrir de nouveaux vecteurs d’attaques tout en brouillant les pistes.

    Retrouvez nos experts Symantec pour en savoir plus sur les conclusions de l’Internet Security Threat Report (ISTR) 2018, notamment :
    - La ruée vers l’or numérique, avec le minage des cryptomonnaies
    - La réorientation des tendances liées au ransomware
    - Les derniers chiffres des attaques ciblées
    - Les infections visant la chaîne logistique logicielle
    - La flambée des menaces mobiles

    Inscrivez-vous dès aujourd’hui
  • Accelerate your Digital Transformation through PDF Productivity and eSigning
    Accelerate your Digital Transformation through PDF Productivity and eSigning
    David Bloxham, SoftwareONE; Kevin O'Donnell, Nitro Recorded: Feb 19 2019 33 mins
    Successful digital transformation begins by equipping all knowledge workers with strategic, easy-to-use tools. SoftwareONE and Nitro can provide you with tools to reduce printing and enable 100% digital workflows through PDF productivity, eSigning and usage insights.

    During this webinar, Nitro’s Director of Product, Kevin O’Donnell, will explain how these tools can be easily implemented and how they can benefit organisations of every size.

    • Learn the benefits of going paperless. Aside from saving trees a paperless office can help greatly with GDPR compliance and protects the confidentiality and integrity of documents.

    • eSigning tools are only available to a fraction of knowledge workers today; Kevin will discuss why this is the case and how this tool can be extended across the entire organisation in an affordable way.

    • Can every industry and organisation digitize their workflows? We will share how companies in various industries are using Nitro as part of their digital transformation initiative.


    Kevin has 16 years of experience in technology innovation, strategic leadership and delivering scalable, breakthrough global solutions. Kevin leads Nitro’s Product Management and UX teams to deliver innovative Digital Transformation breakthroughs across all platforms.
  • Rôle crucial du proxy dans la protection de votre entreprise
    Rôle crucial du proxy dans la protection de votre entreprise
    Hervé Doreau, Directeur Technique, Symantec France Recorded: Feb 19 2019 34 mins
    Pour relever les défis de sécurité les plus complexes, il vous faut une approche avancée bâtie sur une architecture proxy.
    Une telle approche vous permet de vous appuyer sur les meilleures technologies pour offrir sécurité et confiance aux utilisateurs cloud et réseau.

    Symantec Secure Web Gateway vous apporte une solution de sécurité optimale sous la forme qui vous convient le mieux : appliance sur site, appliance virtuelle, solution dans le cloud ou une architecture hybride unifiée.
    L'architecture proxy unique de cette solution lui permet de surveiller, contrôler et sécuriser le trafic pour offrir une expérience sécurisée sur le Web et dans le cloud.

    Ce webcast vous explique :
    - Pourquoi l’architecture proxy est plus importante que jamais dans la composition de votre sécurité réseau
    - Comment un proxy web peut servir de plate-forme de détection des menaces et de protection des données
    - En quoi un filtrage en amont du sandbox via l’architecture proxy permet d’optimiser votre SOC sans grever votre budget

    Inscrivez-vous dès aujourd'hui
  • New Year, New Phishing Threats: 10 Resolutions To Keep You Safe & Secure
    New Year, New Phishing Threats: 10 Resolutions To Keep You Safe & Secure
    Brandon Dunlap, Moderator, (ISC)², David Mount, Cofense, Mollie MacDougall, Cofense Recorded: Feb 19 2019 62 mins
    New year. New resolutions. Every year we make the pledge to eat healthier and exercise more. What is good for the waistline is also good for your phishing defense posture. With more than 90% of breaches attributed to successful phishing campaigns – now is the time to think about how to prepare and prevent attacks. In this session you’ll hear about 10 resolutions for your phishing defense programs that will make your organisation more secure.
    Some of the topics covered include:
    - How to empower humans to be part of the solution
    - Best practices to balance automation with human intuition
    - How the latest features and technologies can make your life easier
  • L'état de la Sécurité des Logiciels en Europe
    L'état de la Sécurité des Logiciels en Europe
    Nabil Bousselham, Solutions Architect at Veracode Recorded: Feb 19 2019 40 mins
    Les logiciels ont changé notre façon de communiquer, de fournir des soins de santé, de mener des affaires, de gérer nos gouvernements, d’élire nos dirigeants et même de suivre les changements sociaux. Dans le monde numérique, la création de logiciels veut aider à augmenter la croissance économique et à améliorer notre qualité de vie. Mais notre plus grand catalyseur de changement est aussi une grande source de vulnérabilité.

    Sur le niveau de la sécurité applicative, les entreprises européennes sont loin derrière leurs contreparties américaines. Dans ce webinaire, Nabil Bousselham, Principal Solutions Architecte chez Veracode, souhaite vous présenter quelques résultats de notre rapport annuel sur l'état de la sécurité logicielle, en faisant référence aux sociétés basées aux États-Unis. Les logiciels sont créés plutôt avec un focus sur la fonctionnalité et la performance, mais plusieurs années de données, ainsi que les Data Breach successives démontrent clairement qu’il y’a encore un grand travail á faire au niveau de la sécurité logicielle.
  • Commvault Office365 backup solution
    Commvault Office365 backup solution
    Евгений Пухов, Технический консультант, Commvault Recorded: Feb 19 2019 43 mins
    Рады пригласить вас принять участие в техническом вебинаре, посвященному комплексной платформе Commvault для Office 365, обеспечивающей лучшее решение по резервному копированию, восстановлению, архивированию, поиску и обнаружению данных в локальных и облачных хранилищах.
    Commvault Complete™ Backup & Recovery для Office 365 экономит время, деньги и ресурсы, предоставляя надежную защиту и обеспечивая более быструю миграцию данных в течение всего пути в облако Microsoft и за его пределами, обеспечивая при этом бесперебойный доступ к вашим данным.
  • (ISC)² Info Session: SSCP -The Premier Security Administrator Certification
    (ISC)² Info Session: SSCP -The Premier Security Administrator Certification
    Tony Vizza, Director of Cyber Security Advocacy - APAC, (ISC)² Recorded: Feb 19 2019 46 mins
    Earning a globally recognized advanced security administration and operations certification like the SSCP is a great way to grow your career and better secure your organization’s critical assets.

    In this info-session, you will learn:
    - How large is the cybersecurity workforce gap today
    - Why you should pursue SSCP
    - How to earn the certifications – exam and experience requirements
    - The recent updates on membership benefits and policies
    - And, ask any question that will support your certification journey

    Each presentation is followed by a Q&A period to answer your questions about your certification journey. Registration is required.

    =====================================================================
    SSCP certification demonstrates you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures established by the cybersecurity experts at (ISC)².

    Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to help you throughout your career.

    www.isc2.org/sscp

    Are you ready to prove yourself? Register and begin your SSCP journey today!

    NOTE: Join this info-session and earn 1 CPE.
  • Dal coin mining agli attacchi alle supply chain
    Dal coin mining agli attacchi alle supply chain
    Giampiero Nanni and Antonio Forzieri Recorded: Feb 18 2019 48 mins
    Analisi delle ultime tendenze delle minacce

    Dal boom inaspettato di Wanna e Petya/NotPetya al veloce dilagare dei coin miner, il 2017 ci ha dimostrato ancora una volta che le minacce per la sicurezza digitale possono provenire da fonti inattese.
    Oltre all’impennata nel volume, le minacce si sono ulteriormente diversificate, con i criminali che si industriano pur di scoprire nuove strategie di attacco e, allo stesso tempo, coprire le proprie tracce.

    Segui l’esperta in minacce di Symantec che illustra i risultati dell’Internet Security Threat Report (ISTR) 2018, analizzando anche:

    La corsa all’oro digitale

    - Le attuali tendenze dei ransomware
    - Gli attacchi mirati, in cifre
    - Le infezioni della supply chain dei software
    - Il picco delle minacce per i dispositivi port atili

    Registrati subito
  • Enterprise Security in Mainframe-Connected Environments – 15-minute webinar
    Enterprise Security in Mainframe-Connected Environments – 15-minute webinar
    Rich Fronheiser, Product Marketing Manager, Syncsort Recorded: Feb 18 2019 15 mins
    Mainframe continues to power critical operations in enterprise IT – making it susceptible to external threats and attacks.

    With Syncsort Ironstream, Splunk users can easily monitor and effectively resolve application, security and network problems on the mainframe, by opening up real-time operational data in Splunk Enterprise.

    View this 15-minute webinar on-demand where we described the security and compliance challenges organizations face and how Ironstream® can work with Splunk to eliminate those security blindspots.
  • Top Security Considerations and Priorities in 2019
    Top Security Considerations and Priorities in 2019
    Nick Savvides, Chief Technology Officer, APAC Feb 21 2019 5:00 am UTC 60 mins
    2019 is poised to be a year of disruption. Artificial Intelligence (AI) is entering the cyber battlefield, with increased regulatory activities and many other developments for enterprises to further their digital transformation efforts. These are but some of the many things that CISOs must keep up with.

    What should be the key areas of focus and considerations for CISOs in developing their organisations’ security posture? What should be top in their list of priorities for this year and beyond?

    Join Nick Savvides, Symantec Chief Technology Officer for Asia Pacific, as he shares the top considerations and priorities that CISOs need to focus on.

    Highlights:
    - 2019 Threat Landscape in Asia Pacific
    - Key security considerations for 2019
    - Steps to stay ahead in cybersecurity
  • Der Zustand der Softwaresicherheit: ein Blick auf Europa
    Der Zustand der Softwaresicherheit: ein Blick auf Europa
    Julian Totzek-Hallhuber, Solutions Architect at Veracode Feb 21 2019 10:00 am UTC 45 mins
    Software hat die Art und Weise verändert, wie wir kommunizieren, Gesundheitsfürsorge anbieten, Geschäfte abwickeln, Regierungen regieren, Führungspersönlichkeiten wählen, Revolutionen aufbauen und sogar soziale Veränderungen anstoßen. In der digitalen Welt wird die Erstellung von Software das Wirtschaftswachstum ankurbeln und unsere Lebensqualität verbessern. Unser größter Katalysator für Veränderungen ist jedoch auch die Ursache für Verwundbarkeit.

    Wenn es um die Sicherung der von ihnen entwickelten Software geht, liegen europäische Unternehmen weit hinter ihren amerikanischen Kollegen. In diesem Live-Webinar Julian Totzek-Hallhuber, Solutions Architect für Veracode werden Daten aus dem jährlichen Bericht zum Zustand der Software-Sicherheit präsentiert, in dem der Vergleich europäischer Unternehmen mit US-amerikanischen Unternehmen im Mittelpunkt steht. Software wird unter Berücksichtigung der Benutzerfreundlichkeit und der Leistung erstellt, aber langjährige Daten sowie ein Angriff nach dem anderen zeigen jedoch, dass Software mit nicht ausreichenden Sicherheitskonzpeten im Hintergrund erstellt wird.
  • ISM Webinar: Social Selling In The Real World
    ISM Webinar: Social Selling In The Real World
    ISM Fellow - Ian Moyse Feb 21 2019 11:00 am UTC 30 mins
    Key Takeaways:

    •What it is
    •What it isn’t
    •Turning Social into real engagements
    •Is it just LinkedIn
    •Receive a Personal Action Plan

    Reasons to attend

    Social Selling is the new sales skill in your toolbag to help you open doors, build your own reputation & have stronger engagement with prospects. Ian Moyse, is a respected authority on Sales Leadership and the new methodology of Social Selling, sitting as a non-exec on Digital Leadership Execs, a leading Social Selling firm. He has spoken widely on Social Selling. Ian is a judge on many Sales Awards and has interviewed hundreds of Salespeople and can share in today’s market a valuable skill that can help set you apart
  • The Best Way to Assess Incident Response Preparedness
    The Best Way to Assess Incident Response Preparedness
    Jeff Laskowski, Security Consulting Director, FireEye Mandiant Feb 21 2019 4:00 pm UTC 60 mins
    Many breached organizations—of all sizes—believed they had effective security programs and incident response plans. Reality proved otherwise.
    Now, executive leaders are far more concerned with incident preparedness. When the Board asks, ‘How ready are we, really?’ your security team must have a defensible response.

    In this webinar, Jeff Laskowski, Security Consulting Director of FireEye Mandiant, explains how to achieve effective preparation:

    • Test your team’s detection and response capabilities to protect key assets against real-world targeted attacks—without the consequences of a real incident
    • Assess your organization’s crisis management capabilities through the lens of an executive team
    • Improve your team’s detection and response capabilities in accordance with the latest attacker tactics, techniques, and motivations

    Join this webinar today to learn what it takes for your team to know how they would perform under a real threat, before they actually have to.
  • Protect While You Promote: How to Balance Social Media Engagement and Security
    Protect While You Promote: How to Balance Social Media Engagement and Security
    Evan Blair, Co-Founder, Global VP Channel, ZeroFOX & Jeremy Wood, Vice President, Product Marketing, Hootsuite Feb 21 2019 4:00 pm UTC 60 mins
    In our connected world, most people engage with brands online prior to making a purchasing decision. With social media marketing on the rise, risks to your brand and reputation are also increasing, from account hacking to impersonating profiles and more. How can you increase engagement while protecting brand integrity from digital risks?

    Key Takeaways

    • Knowledge about social media security risks related to brand
    • Tips for safe sharing on social media
    • Step-by-step guide for protecting your brand
  • IT Risk Management for 2020 and Beyond
    IT Risk Management for 2020 and Beyond
    Sam Abadir, Lockpath Feb 21 2019 5:00 pm UTC 60 mins
    IT risk is always evolving, and in 2020 you need to be prepared what it may look like. New technologies and expanding trends such as cloud, digital transformation, and IT risk-related tasks being taken on directly by the business means IT risk will increase and potentially have greater impacts on the business without proper collaboration and management. Prepare for IT risk in 2020 and beyond by attending this live webinar led by Lockpath’s Sam Abadir. Topics to be discussed include:

    · Evolution of IT landscapes and what it means to IT risk management

    · IT risk management skillsets and disciplines

    · Collaboration across departments and building consensus

    · How organizational maturity impacts managing IT risk

    · How to sustain growth in 2020 and beyond



    Find out what you need to know to manage IT risk in 2020 and beyond by attending this educational webinar. Register now!
  • Technology Asset Discovery tools aren’t working. Find out why & fix it.
    Technology Asset Discovery tools aren’t working. Find out why & fix it.
    Mark Gaydos, CMO, at Nlyte Feb 21 2019 5:00 pm UTC 60 mins
    Join this webinar where Mark Gaydos, CMO of Nlyte Software, will present the Next Generation of Asset Discovery.

    Nlyte Asset Explorer uses agentless technology to scan your network from desktop to data center to cloud to inventory your hardware, software and networking assets. It supports all major protocols, integrates with your CMDB and creates a single source of knowledge of 100’s of data points.

    You will learn:

    - Security Officers report more than 10% of assets on network are undetected
    - Only 10% of IT Operations managers believe that all assets are detectable and monitored
    - 6% of Financial Officers feel they have no risk from a vendor software audit
    - IT Managers report more than 69% of assets not current with software and patches
    - 87% of Organizations believe 10% of assets or more are not in their CMDB
  • Gain deep visibility into APIs and integrations with Anypoint Monitoring
    Gain deep visibility into APIs and integrations with Anypoint Monitoring
    Andrew Bragdon, Principal Product Manager, MuleSoft and Sanjna Verma, Product Marketing Manager, MuleSoft Feb 21 2019 5:00 pm UTC 50 mins
    On average, a business supporting digital transactions now crosses 35 backend systems — and legacy tools haven’t been able to keep up. This session will cover how MuleSoft’s new monitoring and diagnostic solutions provide end-to-end actionable visibility to APIs and integrations to help customers identify and resolve issues quickly.

    Key Takeaways:

    - Measure application performance across APIs and integrations in production
    - How to query and retrieve log data across your network
    - End-to-end walkthrough of priority issue identification and resolution
    - Exciting new capabilities of Anypoint Monitoring
  • Two-Factor Authentication - You are not as protected as you think
    Two-Factor Authentication - You are not as protected as you think
    Damon Tepe & Jeff Hickman Feb 21 2019 6:00 pm UTC 60 mins
    Breaches continue to litter headlines, increasing in volume and severity. To protect critical systems and assets from attack many organizations rely on two-factor authentication (2FA). But that may be resulting in a false sense of security.

    Join SecureAuth as we explore how evolved attackers are working around popular 2FA methods. And we will demonstrate how behind-the-scenes adaptive risk checks of device, location, IP address, account type, and behavior can elevate identity trust and stop attackers cold! Even if they have stolen credentials and can bypass 2FA.

    Better breach protection starts with better identity trust!

    During this session you’ll learn how:
    • Attackers are getting around two-factor authentication
    • Risk and context checks can raise trust in identities and identify attackers
    • Adaptive authentication delivers better access security without slowing down your business


    Speakers:
    Damon Tepe - Director, Product Marketing, SecureAuth
    Jeff Hickman - Director of Sales Engineering, SecureAuth
  • Top Container Security Lessons from Deploying Kubernetes and Red Hat OpenShift
    Top Container Security Lessons from Deploying Kubernetes and Red Hat OpenShift
    Matt Smith, Chief Architect, Red Hat & Christopher Liljenstolpe, CTO, Solutions, Tigera Feb 21 2019 6:00 pm UTC 60 mins
    Join Red Hat Chief Architect, Matt Smith, along with Tigera CTO, Solutions, Christopher Liljenstolpe, as they share their experience and knowledge helping leading enterprises achieve their key business transformation initiatives around moving to secure cloud-based, containerized microservice applications. In this 60 minute webinar, they will cover their top lessons learned on network security and Red Hat OpenShift.
  • How Leading Organizations Classify and Protect Cloud Data
    How Leading Organizations Classify and Protect Cloud Data
    Rob Server: Solution Engineer Manage at Spirion & Jacob Serpa: Product Marketing Manager at Bitglass Feb 21 2019 6:00 pm UTC 60 mins
    Data is one of an organization's most valuable assets. Unfortunately, in today's dynamic, cloud-first world, protecting sensitive information without the right tools is incredibly difficult. However, through solutions like data discovery, data classification, and cloud access security brokers, the enterprise can rest assured that its data is secure. In this webinar, you will:

    - Understand the benefits of data discovery and classification
    - Learn about cloud access security brokers (CASBs)
    - Discover how the two work together to protect the cloud-first enterprise from data leakage
  • Monitoring Modern Cloud-Native Workloads
    Monitoring Modern Cloud-Native Workloads
    Eric Carter, Director of Product Marketing, Sysdig & Shadi Albouyeh, Offering Manager, Developer Services - IBM Cloud Feb 21 2019 6:00 pm UTC 45 mins
    If you’re involved with developing applications, chances are you’re being tasked with adapting to cloud-native infrastructure and being able to support cloud-native workloads with solutions like containers and Kubernetes. Join this discussion with Sysdig and IBM Cloud, who have recently built a partnership focused on improving monitoring and troubleshooting for your modern DevOps services. Together, IBM and Sysdig have launched a new offering that provides end-to-end monitoring capabilities in the IBM Cloud. You’ll come away with a better understanding of key visibility challenges and solutions that will help you successfully deliver the apps that drive your business.
  • Improving Incident Response Outcomes
    Improving Incident Response Outcomes
    Matthew Webster, Senior Security Researcher, Secureworks Counter Threat Unit Feb 21 2019 7:00 pm UTC 61 mins
    All too often companies are learning the hard way — during an incident — how they could have been better prepared to stop the threat or reduce the damage. Join us for a one hour webcast, hosted by SC Magazine, featuring the key findings of Secureworks newly-released Incident Response Insights Report 2018: Risks, Remedies, and Best Practices for Defending Against Cyber Threats.

    Webcast takeaways will include:
    - Threat and attack trends identified by responders in 2017.
    - Lessons learned by organizations in a wide variety of incident response (IR) scenarios.
    - Key recommendations for IR planning, practices and capabilities that improve security defenses and mitigate business risk.
    - Live Q&A with experts from our Counter Threat Unit™ (CTU) and Incident Response team.

    In 2017, Secureworks’ team of incident responders helped hundreds of organizations navigate through complex and high-risk security incidents. Now the top insights from those collective engagements will be shared by speakers from the Secureworks Counter Threat Unit and Incident Response practice.

    This program offers the support you need to prepare better for emerging threats, understand how you might be vulnerable, and respond more effectively when an incident does occur. Program content is appropriate for cybersecurity leaders, incident responders, CIOs, CTOs, and executives with responsibility for enterprise risk management.
  • Overcoming The Cybersecurity Skills Shortage in Law Firms
    Overcoming The Cybersecurity Skills Shortage in Law Firms
    Todd Thiemann, Director Product Marketing - Arctic Wolf Networks Feb 21 2019 7:00 pm UTC 39 mins
    The evidence is clear: law firms of all sizes need to securely handle sensitive information associated with their clients, investigators, and witnesses. According to the American Bar Association’s 2017 Legal Technology Survey Report, 22 percent of respondents suffered a security breach at their law firms.*

    Compromised client information can destroy reputations and lead to decreased billables and lost business. While the need for improved security is evident, IT and security teams struggle to locate, retain and train talent needed to maintain and improve their security posture. So, what are optimal approaches for law firms to manage staffing needed to monitor and defend their valuable data and infrastructure?

    In this Arctic Wolf webinar, you will:

    - Discover why cybersecurity is top of mind in the legal community
    - Recognize the IT and Cybersecurity skills shortage and its impact on security
    - Understand how SOC-as-a-Service approaches enable law firms to rapidly improve their security posture and provide evidence to satisfy technology audits

    Save your seat today to learn more!

    *https://www.americanbar.org/groups/law_practice/publications/techreport/2017/security.html
  • Ask the Experts—Securing Data and Email in Office 365
    Ask the Experts—Securing Data and Email in Office 365
    Mark Bowker, Senior Analyst, ESG / Richard Diver,Cloud Security Architect. Insight/ Jereme Lee, System Engineer, Symantec Feb 21 2019 7:00 pm UTC 62 mins
    Its your job to secure email, sensitive data and apps in Office 365. Now What?

    Moving to cloud applications provides the opportunity to get your security right. This is the time to set up optimum data loss prevention, malware and phishing prevention, and access controls on your systems. No matter if you are still planning, have just started, are in the midst, or are fully migrated to Office 365, there are security policies and procedures to implement and optimize.

    Join ESG industry analyst Mark Bowker, Insight’s Cloud Security Architect, Richard Diver, and Symantec’s System Engineering Manager, Jereme Lee to learn how to:

    - Get the most out of your Office 365 instance by enhancing the security

    - Understand what Microsoft offers and how Symantec compliments their security offering

    - Enhance your email, app and data security in Microsoft Office 365 which can be used across all your cloud apps

    Register Today
  • Cloud Success Series: Control Cost and Mitigate Risk in the Cloud, Session 1
    Cloud Success Series: Control Cost and Mitigate Risk in the Cloud, Session 1
    John Masci, Principal Technologist - Cloud Solutions Feb 21 2019 7:00 pm UTC 60 mins
    Today, 77 percent of enterprises have at least one application on the cloud (IDG State of the Enterprise Cloud, 2018). If you are part of that 77 percent, then cloud is now a critical element of your competitiveness. Heading into 2019, the growing pains of cloud will be cost and security: you’ll face the difficult balance between empowering your teams with the newest cloud technologies and ensuring those teams stay within budgets and comply with organization-wide policies.

    As you take on this challenge, you need a cloud management platform that provides proactive ways to control and minimize costs, while enforcing governance and security.

    In partnership with LiftOff IT, HyperGrid invites you to attend this webinar and demo, highlighting the capabilities we offer to help you optimally manage and benefit from your cloud strategy.

    This webinar focuses on the following critical topics:

    • How your cost, security & governance challenges will change at different stages of cloud adoption
    • Key methods to manage costs including instance optimization, budget tracking, bill analysis and chargebacks
    • Mitigating security risks using risk-based policies, and automated threat detection
    • Maintaining compliance against internal and external standards corporate when operating in the public cloud
    • How the HyperCloud™ platform can simplify all the above

    Receive a complimentary copy of Gartner’s 2019 Magic Quadrant for Cloud Management Platform Report
    As a webinar participant, you’ll receive a courtesy copy of Gartner’s new landmark overview of the CMP marketplace. Learn why Gartner singled out HyperGrid as the only “visionary” in this category in its Magic Quadrant for Cloud Management Platforms.
  • (ISC)² Info Session: CSSLP-The Premier Secure Software Development Certification
    (ISC)² Info Session: CSSLP-The Premier Secure Software Development Certification
    Tony Vizza, Director of Cyber Security Advocacy - APAC, (ISC)² Feb 22 2019 6:00 am UTC 60 mins
    Earning the globally recognized CSSLP secure software development certification is a proven way to build your career and better incorporate security practices into each phase of the software development lifecycle (SDLC).

    In this info-session, you will learn:
    - How large is the cybersecurity workforce gap today
    - Why you should pursue CCSLP
    - How to earn the certifications – exam and experience requirements
    - The recent updates on membership benefits and policies
    - And, ask any question that will support your certification journey

    Each presentation is followed by a Q&A period to answer your questions about your certification journey. Registration is required.

    =====================================================================

    CSSLP certification recognizes leading application security skills. It shows employers and peers you have the advanced technical skills and knowledge necessary for authentication, authorization and auditing throughout the SDLC using best practices, policies and procedures established by the cybersecurity experts at (ISC)².

    Prove your skills, advance your career, and gain support from a community of cybersecurity leaders here to help you throughout your professional journey.

    www.isc2.org/csslp

    Are you ready to prove yourself? Register and begin your CSSLP journey today!

    NOTE: Join this info-session and earn 1 CPE.
  • Get Lean, Get Mean – Thwarting Hackers with Single Agent Endpoint Security
    Get Lean, Get Mean – Thwarting Hackers with Single Agent Endpoint Security
    Naveen Palavalli, Director Product & GTM Strategy Symantec and Chris Sherman, Senior Analyst Forrester Feb 22 2019 10:00 am UTC 62 mins
    Three major trends define the Cloud Generation chaos that organizations face today:
    1) Use of cloud applications
    2) An increasingly mobile workforce accessing these cloud applications from outside the perimeter
    3) Use of both corporate owned and BYO devices (PC, Mac and Mobile)

    On the other hand, the threat landscape is constantly evolving with adversaries taking advantage of these trends to attack organizations with ransomware, targeted attacks and mobile malware.

    Existing solutions from the industry have been largely a mixture of disjointed point products to solve these problems piece meal. All of these have led to operational complexity for Organizations who face a severe shortage of skilled IT security personnel.

    Attend this webinar and learn how endpoint security can solve these problems while increasing operational efficiency and lowering total cost of operations with a single agent architecture.

    In addition, Symantec will discuss how the latest evolution of Symantec Endpoint Security can:
    -Turn the tables on attackers by exposing intent and delaying their tactics using deception techniques and proactive security
    -Expose, investigate and resolve incidents including file-less attacks with integrated Endpoint Detection and Response
    -Harden environments against cyber-attacks with complete visibility into application attack surface and isolating suspicious applications
    -Extend advanced security to mobile devices to protect them from network based attacks and OS/App vulnerabilities.

    Register now!
  • Streamline Software Procurement Processes with PyraCloud
    Streamline Software Procurement Processes with PyraCloud
    Rhys Williams Feb 22 2019 11:00 am UTC 45 mins
    Many procurement professionals we speak with struggle to get the insights into software purchases, software and cloud usage, contract terms, outstanding invoices, expired quotes and renewal information that they require to do their roles effectively.

    This information is often spread across multiple paper documents, systems, spreadsheets or databases, which makes it tedious and time consuming to gather the necessary data and often leaves Procurement Specialists unprepared at the time of software renewals.

    Lack of visibility into software and cloud spend makes it difficult to negotiate optimal commercial terms and contracts.

    This is why we developed the new Procurement Workbench in PyraCloud.

    We wanted to provide Procurement Specialists with a quick and easy way to see all relevant information and insights needed for their role.

    Join one of our experts, Rhys Williams, and learn how the PyraCloud Procurement Workbench can help you streamline your process by:

    • Simplifying the management of quotes, orders and invoices
    • Improving product search capabilities across multiple products and services in global catalogues
    • Tracking software previously purchased, product favourites and subscriptions
    • Consolidating multiple aspects of the procurement process in one place


    PyraCloud provides a single platform to manage the software procurement process in one place – no need to login to multiple systems – saving you time and money. Join us on the webinar to find out more.
  • Navigating Access Security in Cloud & Hybrid Enterprise Environments
    Navigating Access Security in Cloud & Hybrid Enterprise Environments
    Asaf Lerner, Director IAM Solutions at Gemalto Feb 22 2019 3:00 pm UTC 45 mins
    As mid-sized and large organizations move to cloud based delivery for software, infrastructure and storage, hybrid environments are the de-facto reality. Perimeter security schemes no longer meet the security challenges of distributed software and application delivery, leading CISOs to try and mesh disparate solutions, or worse knowingly compromise on protection. Join Gemalto to hear best practices for applying consistent and effective access security and strong authentication to both on-prem and cloud apps.