Hi {{ session.user.profile.firstName }}

IT Governance, Risk and Compliance

  • We're seeing a massive shift in cyber security activity from internal threats to organised gangs and targeted state sponsored activities. Recent news items suggest there is an overwhelming need for organisations to understand their "Situational Awareness".

    In this webinar, (ISC)² and IBM will explore what to expect in 2016, focusing on the following key questions:

    - How do organisations understand what threats are real?
    - How much risk appetite do boards have in this complex, mobile, interconnected near real-time world?
    - As more and more devices are connecting to an ever-increasing number of communication channels, how do you ensure you can protect, prevent and respond to cyber security issues, yet provide a transparent easy to use multi-channel experience?

    Adrian Davis, Managing Director (ISC)² EMEA
    Peter Jopling, Executive Security Advisor, Deputy WW Tiger Team Leader, IBM
    Simon Moores, Information Security Futurist
  • In this webinar I will discuss what security culture is, where it belongs in the organisation, and how good security culture can reduce the likelihood of being breached. I will point to research on culture, human behaviours, and how to motivate people to do the right thing.
  • A traditional penetration test is a snapshot of vulnerabilities for an environment that is in constant flux. The snapshot may also be an incomplete picture, addressing only a portion of a more complex system. To give a view of real business risk, can we link the vulnerabilities to real-world threats and, more importantly, vice versa? Wouldn’t it be better to start with the threats and work forward down the kill chain to the target? How feasible is it to take up-to-date threat intelligence and use that to scope our penetration tests? Peter Wood will try to answer these questions and provide a strategy better suited to today’s attacks.
  • Cyber Risk is the Risk most underestimated by businesses according to the 2015 Allianz Risk Barometer.

    Learn how organisations can lower cyber risks associated with loss of reputation, business interruption, and loss of customer data, by improving detection and response capabilities.

    Plus, watch a LIVE DEMO of an example attack on a public facing ecommerce website, and how detecting and responding to the threat earlier can lower cyber risk.

    Discover how organisations now need to go beyond traditional signature based defenses and firewalls to disrupt attacks across the entire attack chain, with the need for security intelligence and behavioural analytics to help prioritise and detect areas of risk.
  • Did you know that 80-100% of serious security breaches involve privileged account misuse or compromise?
    This, in large part, is due to the fact that enterprises are becoming more complex with an increasing number of users and devices needing network access to privileged accounts. In many cases, advanced attackers are focused on achieving domain administrator privileges because of the unrestricted access and control these credentials have in the IT landscape.

    Join (ISC)² and CyberArk in this webinar where we’ll discuss and demonstrate:

    -vulnerabilities posed by unsecured privileged accounts
    - the state of cyber security and attacker motivations
    - lateral movement techniques - using real-world data - that enable an attacker to take over a network
    - the expanding threat landscape posed by complex IT environments
  • Wireless is now the expected medium of choice for network users. Delivering it successfully can be a challenge especially with multiple different approaches and architectures available. What is right for your organisation? Cloud? Controller? How is it all secured?

    This session will discuss 3 main Wi-Fi architecture types, their different advantages, the wired edge, and how to secure it all. Importantly, we will finish with what to consider when making the right choice for your needs.
  • As advanced threats rapidly increase in complexity, technology must evolve to find smarter ways of detecting and blocking attack techniques across IT control points.

    Symantec has developed 3 innovative technologies with Advanced Threat Protection that will change the game - helping customers detect, prioritise and respond to threats within minutes – from a single console, with a single click.

    Join this webinar to understand how Symantec technology can improve your advanced threat protection.
  • IT organizations face rising challenges to protect more data and applications in the face of growing data security threats as they deploy encryption on vastly larger scales and across cloud and hybrid environments. By moving past silo-constrained encryption and deploying encryption as an IT service centrally, uniformly, and at scale across the enterprise, your organization can benefit from unmatched coverage— whether you are securing databases, applications, file servers, and storage in the traditional data center, virtualized environments, and the cloud, and as the data moves between these different environments. When complemented by centralized key management, your organization can apply data protection where it needs it, when it needs it, and how it needs it—according to the unique needs of your business. Join us on November 25th to learn how to unshare your data, while sharing the IT services that keep your data secure, efficiently and effectively in the cloud and across your entire infrastructure.
  • Jason Steer, Solutions Architect at Menlo Security breaks down the Top 5 vulnerable pieces of software that you should remove from your computer.
  • In this webinar, learn about the new capabilities in the Informatica PowerCenter 10 editions and how they will increase your development agility.

    Through the eyes and daily routine of typical developers and business analysts you will discover how this new release:
    . Enhances the collaboration between IT developers and business analysts
    . Delivers more powerful visualization for data profiling
    . Delivers a new monitoring dashboard to view service health and system usage
    . Increases your productivity with up to 50X faster data lineage rendering
    . Enhances your project reach with new connectors and real time capabilities
    . Includes new capabilities for parsing semi-structured and unstructured data

    Watch this webinar to accelerate your deliver of data integration-based value to your organization.
  • The use of third parties is unavoidable in today’s global economy. The growing use of third party suppliers and business partners, whilst bringing significant business advantages, also exposes organisations to substantial risk, such as financial loss, reputational damage, regulatory prosecution and fines from major breaches of security. In the last few years we’ve witnessed many of these risks being realised; examples have included major breaches of security and costs to recover escalating into millions of dollars, as a result of the third party supplier being comprised. Changes in regulation, the evolving threat landscape and policy changes globally further complicate matters, generating further risk and expense for business.

    Despite considerable efforts from many industries to address these issues, it remains difficult to manage. As well as the risks described, companies perceived as the ‘weakest link’ in the supply chain could end up not having third party contracts renewed. These challenges are discussed in more detail, and some suggestions put forward to help tackle the increasing burden on teams and risk mitigation strategies.
  • Although we shall witness many strides in cybersecurity in 2016, there will still be a narrow margin between these and the threats we’re foreseeing. Advancements in existing technologies—both for crimeware and for everyday use—will bring forth new attack scenarios. It’s best for the security industry as well as the public, to be forewarned to avoid future abuse or any monetary or even lethal consequences.
  • IT organizations today are under constant pressure to deliver better services more quickly and with lower cost. Traditional approaches are being rapidly replaced with enabling technologies such as virtualization, software-defined architectures, and cloud computing, introducing more complexity while the relentless growth of data pushes the limits of scalability. As IT undergoes this transformation, backup and recovery services must transform with it, and together can enable a greater transformation for your business.

    Join our upcoming webcast to:
    •Identify three ways NetBackup 7.7 reduces the complexity of enterprise data protection
    •Understand three ways NetBackup 7.7 helps you scale with growth
    •Realize three ways in which NetBackup 7.7 can make your organization more agile
    •Learn about the latest capabilities added in the 7.7.1 release.

    Find out how you can improve enterprise backup and recovery and ultimately move faster and take bigger risks trusting that your information is safe.
  • In recent days we have heard from CEO’s about the challenges they face when a breach occurs in determining what data has been lost. Was it sensitive customer data? If so, how many customers are impacted? Not knowing this information immediately causes further damage to customer confidence and significantly increases the cost of dealing with the breach itself.

    In this webinar Informatica will introduce a new generation of Data Security Intelligence capabilities which will provide insight into exactly where company and customer sensitive data resides, how it is moving through the organization and what security measures are in place to protect it. We will also look at some of the proactive measures that can be quickly put in place at the database layer to prevent even authorized staff credentials from making unusual data requests, which are often the precursor to a costly breach.

    We hope you can join us for what promises to be an informative and highly topical webinar.
  • Join us for our webinar to learn the insights into effective McAfee Email Security migration and improving protection effectiveness.

    Email-based attacks have become more targeted—and harder to detect with conventional tools. That’s why today’s email security does so much more than filter spam and bulk email. Modern businesses need a solution that helps them stop threats, protect information, and respond to security events quickly and effectively. As Intel Security retires its email products, Proofpoint Enterprise Protection can help keep your organization secure.

    Join us for a live discussion on November 19, at 1:00 pm PT, and learn why Proofpoint is Intel Security’s exclusive McAfee Email Protection transition partner and the recognized market leader in stopping advanced threats.
  • Trinity Health is an 86-hospital system that recently completed a large merger with Catholic Health East. With demand for analytics across the enterprise growing faster than ever before, Trinity Health was in urgent need for gaining easy access to high quality, trusted data. One of the most pressing challenges for Trinity Health was to manage the inconsistent data from variety of applications as it was being moved in and out of different data warehouse systems. In order to extend their analytics platform beyond financials to include clinical, operational, and third party data, they needed to deliver connected, safe, and clean data. This meant adding data quality and master data management capabilities to their architecture. In addition to technology, Trinity Health relied on an enterprise-wide, comprehensive data governance and data investigation program to ensure the overall success of the analytics initiative.

    This webinar will cover how the Trinity Health team achieved consensus for this program, collaborated with business and technical colleagues, and advanced data governance as a best practice to support advanced analytic initiatives.

    During this webinar, you'll learn how to:

    • Implement the best health information management technology
    • Boost your agility to gain insight from healthcare data for better patient outcomes
    • Facilitate patient data centricity for reduced costs with clean, safe data
  • You're invited to join us on Thursday, Nov. 19, to be among the first to see how ThreatSecure Network, which detects advanced threats and network anomalous behavior, is integrating with Splunk to make powerful big data capabilities a reality for your security team.

    The webinar will demonstrate how this integration will enable teams to:

    · Decrease the time of incident detection and reporting
    · Analyze data and make informed decisions on threat severity via a single interface
    · Demonstrate and determine the impact of malware across the network
  • It’s everywhere. From your phone to the enterprise, open source software (OSS) is running far and wide. Gartner predicts that by 2016, 99 percent of Global 2000 enterprises will use open source in mission-critical software. While it’s free, easy to find, and pushes software to the market faster, it’s vital to understand how to use OSS safely.

    Join Richard Sherrard, director of product management at Rogue Wave, for a live webinar reviewing the top five OSS trends of 2015. From OSS discovery, to risk, and governance, we’ll take a deep dive into the trends we’ve noticed this year while providing you with some predictions for 2016.

    In this webinar you’ll learn how to:

    -Discover the OSS in your codebase to ensure that code is free of bugs, security vulnerabilities, and license conflicts

    -Implement controls on OSS usage at your organization

    -Create a multitier approach to OSS risk reduction with open source tools, static code analysis and dynamic analysis
  • Modern enterprise archiving is no longer about the long-term storage of data you’re required to keep and serves limited utility to the business. New cloud architectures are transforming what once was simply a means to protect corporate data to a more valuable information resource that helps address corporate compliance and litigation support needs.

    Join analysts from Blue Hill Research for this live event and learn how progressive organizations are gaining greater value from their archive of user data, converging data availability, archiving and governance to increasingly meet their wider corporate needs. During this webinar, the panel will review real life use cases and discuss:

    • The risks of decentralized and dispersed enterprise data
    • How unifying data availability and governance is bringing increased utility to organizations
    • Key considerations for designing a modern enterprise archive strategy

    Registrants will receive a complimentary copy of the full Blue Hill Research white paper on the subject.

    David Houlihan researches enterprise risk management, compliance and policy management, and legal technology. He is an experienced advisor in legal and technology fields with a unique understanding of complex information environments and business legal needs. As an attorney, he has held roles in the United States Attorney’s Office and more.
    For more: http://bluehillresearch.com/author/david-houlihan/

    James Haight focuses on analytics and emerging enterprise technologies, including exploring the business case development and solution assessment for data warehousing, data integration, advanced analytics and business intelligence applications.
    For more: http://bluehillresearch.com/author/james-haight/
  • It’s no secret that there are botnets for hire, groups of computers that can, and are, used against our organizations on a daily basis. But what is the nature of these botnets? What abilities do each of the installed toolkits offer to the attacker? Most importantly how do their capabilities change the defenses necessary to protect yourself?

    We’ll cover two of the most recent toolkits that have been seeing wide usage. Learn a little about the people behind the attacks, where the attacks are coming from and what you might expect to see in the near future. You might be a bit surprised at where a lot of the traffic is coming from (hint: it’s closer than you think).
  • The increased complexity and frequency of attacks, combined with reduced effectiveness of detective or preventative control frameworks, elevate the need for organisations to roll out enterprise wide incident response initiatives to ensure rapid containment and eradication of threats.

    In this webcast, Don Smith, Technology Director at Dell SecureWorks, describes three organisation’s experience with “APT” actors, examining techniques deployed for intrusion, persistence, lateral expansion and exfiltration.

    Don will highlight where changes to the detective or preventative control frameworks could have prevented the attackers from achieving their objectives and outline key steps to building a robust incident response plan.

    Webcast takeaways include:

    · Real-world examples of APT attacks from the coalface

    · The latest tools and techniques that advanced threat actors are using

    · Recommendations for preventing and responding to APTs
  • Penetration testing is just one element in the overall process of obtaining confidence in the cyber security of the organisation. Consideration to security must be given in the architectural design of networks and the coding of applications and website. Where this is not the case penetration testing will provide an indication of what should be done to retrospectively apply security or to provide a ‘patch’ to make things better.

    Many investigations of cyber attacks have highlighted that the system has been compromised for some time, often years, without the system owner knowing. The penetration test provides an insight into the internal controls and the ability of the SOC or NOC to identify attacks. If the test is conducted and there is no indication that it has been detected, it is highly likely that real attacks have not been detected either and further analysis is required.

    It must be recognised that no security is impenetrable and therefore the ability to react to a cyber security incident is really important. The penetration testing is essential to test the organisation’s ability to respond. The statement that a penetration test will be quickly out of date is valid to some extent but without it the organisation is blind to the types of threats it is exposed to and the vulnerabilities in the systems. To be effective the testing programme must be placed in context and the links between assurance activities fully understood.
  • With each passing year, the frequency and number of organisations that are hacked increases at a dizzying rate. No industry vertical can ignore this trend. One of the key challenges facing all business is to come to grips rapidly with an ever-changing threat landscape.

    How can your organisation understand specifically what threats is being targeted with? In order to answer this question business need to be able to quantify and qualify the threats aligned against them. In essence being able to understand what malicious actor’s know about an organisation and how that knowledge may be deployed in attack campaigns and vectors.

    During the course of the webinar session, Blueliv’s Cyber Security Development Manager, Nahim Fazal will present the Blueliv proposal for improving the cyber threat visibility of a business.

    Key Takeaways:
    - Why the same approach gives the same results
    - Actionable intelligence – what does this look like in the real world?
    - Reducing your cost and incident response time
  • This webinar reviews some of the headline attacks and threat events of 2015, then asks what can be learned from them. After looking at some of the trends and directions that today's attacks are taking, it looks at key challenges facing the enterprise, and how they can be addressed by leveraging the latest developments in security technologies, combined with constantly updated threat intelligence.
  • Cyber Crime cost US companies an average of $15 million in 2015 – a significant increase from a year earlier. It’s a troubling trend unearthed by the Ponemon Institute’s 2015 Cost of Cyber Crime study. You know the risks, but you need the data to plan your defenses and demonstrate the cost of inaction. In this Webinar Dr. Larry Ponemon and

    HP CISO Brett Wahlin will explain how to craft an effective preemptive security strategy. You’ll learn:

    -What cyber crimes are most common and most costly
    -The hidden internal and external costs you incur
    -What security defenses are most effective in reducing losses
    -How businesses with a strong security posture drive down costs
  • In this presentation we will discuss the motivations, aspirations and end-goals of the modern-day threat actor.
    How can we differentiate them? What commonalities might they share? How do we deal with them?
    And finally - but of most importance: How should the reality of the threat actor affect the way we understand, manage and mitigate risk.
  • In light of recent news about Dridex takedown, AnubisNetworks Labs team would like to take this webinar to share with the community some of the efforts undertaken during this investigation led by the NCA, with our participation, to track this malware and exploit its communication channels.

    In March 2015, AnubisNetworks Labs team started analyzing multiple malware samples of the Dridex family which ultimately led to running a fake node inside Dridex botnets.

    Dridex has been around since November 2014 and it is an evolution of the malware families known as Bugat, Geodo, Feodo and Cridex. The malware is distributed via email, with a malicious Microsoft Word document as attachment which, once opened, downloads a second stage payload that infects the system.

    Primarily targeting homebanking users, it is a malware with various capabilities including man in the browser, keylogger, proxy and VNC. It features a peer-to-peer (P2P) network and uses cryptography on its communication channels.

    Dridex botmasters are very active, launching new campaigns against different geographies, hardening the botnet infrastructure with new countermeasures and command and control systems on a regular basis. By hiding inside Dridex, our researchers compiled and gained knowledge about this botnet modus operandi.

    In this webinar AnubisNetworks´ security team will share the research done, focusing

    Key takeways from this webinar:
    · Map Dridex infections of associated botnets;

    · Understand the complexity of Dridex communication channels;

    · How we run a fake Dridex node
  • Join Gemalto in collaboration with Ponemon on December 2nd as we reveal recent study results on how hackers are attacking the cloud.

    This presentation will use live demos to show how vulnerable cloud and virtual environments can be without the correct controls. Examples will include the following topics:
    •Do companies really know how to store data in the cloud?
    •The need for multi-factor authentication and why software keys are not good enough
    •Data governance rules and regulations
  • Data thieves are opportunistic, looking for unprotected databases in the forgotten digital corners of your company. They are content to steal any data that lies within easy reach.

    Large companies are especially vulnerable. With hundreds or even thousands of databases spread throughout business units and across multiple geographies, it is only a matter of time until your unprotected data is accessed and stolen.

    Fortunately, it doesn’t have to be complicated, tedious or expensive to protect all of your sensitive data with a database monitoring solution. The right database monitoring solution can also provide visibility into data usage and simplify compliance audits.

    Join us for this webinar to learn:
    •Benefits of database monitoring over native audit tools
    •Factors to consider before investing in database audit and protection
    •3 specific ways to leverage database monitoring for improved security
  • End users are increasingly shifting their IT services to managed service providers and the scope of both technology and services offered by MSPs is constantly evolving. Join ESET and LabTech Software, the industry-leading IT automation software, as we explore these changes and what it means for businesses.
  • Ransom, extortion or blackmail, regardless of the name, hackers are breaking into network systems encrypting the data and holding it hostage. These age-old activities are being married to modern technology and wreaking havoc. They have become one of the fastest-growing technologies in cyber crime. Whether you are in retail, manufacturing, the hospitality sector, or an office, you may be subject to a breach in your IT system or the threat of cyber extortion. There are no infallible solutions to cyber attacks, however education, training, and vigilance can certainly alleviate the probability and impact. As the FBI advises,”Back up or Pay Up”.
  • The threat landscape is evolving quickly, and you have to keep up. Many organisations are still in a reactive mode, addressing vulnerabilities and threats by relying on information freely available on the web - by which time the damage has already been done. On the other hand, IT security professionals with too much information available become uncertain of how to incorporate the threat intelligence into their security programme, and end up relying on protection from the perimeter.

    In this session, we’ll discuss how organisations can incorporate threat intelligence into their security programmes and focus on the threats most relevant to your environment to reduce the risk or impact from an incident.

    You’ll learn:
    • What threat intelligence is, and is not.
    • Best practices to consume threat intelligence.
    • How to put intelligence into context and make it actionable.
    • Incorporating intelligence into the lifecycle of your security programmes.

    (This webinar is sponsored and brought to you by Symantec)
  • This webinar reviews some of the headline attacks and threat events of 2015, then asks what can be learned from them. After looking at some of the trends and directions that today's attacks are taking, it looks at key challenges facing the enterprise, and how they can be addressed by leveraging the latest developments in security technologies, combined with constantly updated threat intelligence.
  • The amount of information generated by organizations and individual employees will only continue to grow. A workspace tool can be critical in helping users understand and manage the "right" information at the right time, and can help streamline interactions between different users across business units. But how can organizations, especially with heightened data privacy concerns, determine which collaboration solutions are user-friendly and secure?

    Register today to hear Vanessa Thompson, Research Director for IDC's Enterprise Social Networks and Collaborative Technologies program, talk about how organizations can enable team collaboration:
    •What are the most challenging tasks for users today?
    •How do I measure the business impact of team collaboration solutions?
    •What security requirements should I look for in a solution?
    Plus, all registrants will receive a complimentary copy of the IDC report “Worldwide Team Collaborative Applications Market Shares, 2014: The Year Personal Productivity Becomes Paramount.”
  • TCP stacks for FPGAs are costly today; both in monetary terms and in the amount of resources they consume on the FPGA itself. In this webinar, David Riddoch will present Solarflare's patented ANTS technology and AOE network adapters which enable extremely low latency, while scaling to large numbers of concurrent TCP connections and consuming a fraction of the resources.
  • For fast-growing companies, it is difficult to build an IT infrastructure that meets the needs of today and the future. Faced with the same challenge of rapid growth at MuleSoft, we have deployed MuleSoft to decouple core systems and enable the automation of core business processes.
  • With today’s speed of business and competitive marketplace, spending too much time having to test, deploy and fine tune your infrastructure needlessly consumes resources and puts you at a disadvantage. Just imagine an infrastructure that was flexible and simple and transparent security that while invisible, was highly secure.

    Join us for the Nutanix – Vormetric webcast which will discuss the most common infrastructure and security concerns that are draining valuable resources in organizations like yours and how you can stop the bleeding. Join us to learn about the Nutanix Hyperconverged Infrastructure & Vormetric Transparent Encryption.
  • Defense in depth is another one of those often-used, but rarely-defined, terms in Information Security circles. Sure, it means a layered defense, that’s obvious. But what makes up the layers? How do they interact for better security? And what does a best-practice implementation look like today vs. even a few years ago?
  • IT professionals have a lot to think about. They are called upon to be both technologists and strategists, guiding their organizations through the technology frontier and driving new business. That being said, choosing tools to better manage security can be a stressful decision. Among security issues, vendor access and third party management has surfaced as a major vulnerability. High-profile data breaches, such as the Target hack, have made evident that giving vendors access to your internal network through methods like VPN are not secure for managing, monitoring and controlling their access. This leaves IT professionals wondering “what are my vendors doing?” This webcast will offer a checklist as a guide to help IT professionals make informed decisions about solutions that will facilitate secure connections and ultimately, secure vendor management.