Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Office 365 Security: How to safeguard your data Office 365 Security: How to safeguard your data Greg Schaffer, CISO for FirstBank & Rich Campagna, VP of Products for Bitglass Aug 31 2016 5:00 pm UTC 60 mins
    Public cloud apps like Office 365 are being widely adopted in every major industry, with security & compliance at the top of the list of concerns. In this webinar, Greg Schaffer, CISO at FirstBank and Rich Campagna, VP of Products at Bitglass, will provide practical cloud security advice that you can apply immediately in your organization. Focusing on O365 but offering a broad view, Greg and Rich will cover top concerns, mitigating controls and will give examples of how your peers have responded to the cloud security challenge.
  • Webcast: Do More with ESET Remote Administrator Webcast: Do More with ESET Remote Administrator Ben Reed, Sr. Technical Content Strategist and Sales Engineer Aug 31 2016 5:00 pm UTC 60 mins
    5 ways to do more than JUST manage your AV

    IT Asset Management
    Track Hardware, OS info, Serial Numbers, and Logged-in users across your entire organization

    Software Management
    Applications installed in last 7 days
    Applications versions installed across organization to maintain a good security policy

    Remotely install and uninstall any software
    Automate Software Install and Uninstall based off pre-defined rules

    Update Management
    Manage Windows/Mac and Linux Updates

    User Notification/Communication
    Notify users when downtime will occur
    Notify users when they do something against company policy

    Troubleshoot Users Computers
    Utilize SysInspector to troubleshoot what might be going wrong with a computer.
  • Roundtable:Threats, Vulnerabilities & Actors: (ISC)² Security Congress EMEA 2016 Roundtable:Threats, Vulnerabilities & Actors: (ISC)² Security Congress EMEA 2016 Aviram Zrahia, Juniper Networks, Dominique Brack, Swisscom, Alexander Haynes, CDL, Adrian Davis, (ISC)2 EMEA Sep 1 2016 11:00 am UTC 60 mins
    Offering a preview of what to expect from Track 2 of Security Congress EMEA, this session brings together speakers that examine varied developments in the threat landscape. Tackling trends from the role of social engineering in Industry 4.0 to the latest Tactics and Drivers behind DDoS Attacks and the Casino-style tactics deployed by hackers, delegates will gain both an overarching view of current concerns from the front- lines of defence, and an opportunity to examine a few questions that are rattling the security industry today:
    Is it time to accept breach as inevitable?
    Are we prepared for the aftermath?
    Should we welcome vulnerability disclosure?
    Can we do a good job of sharing and warning each other?
  • Drive ITSM improvements with SAM intelligence Drive ITSM improvements with SAM intelligence Guests Elinor Klavens & Robert Stroud Forrester Research and Snow Software Experts Per Skanne and Barry Friedman Sep 1 2016 3:00 pm UTC 60 mins
    You’ve got the service desk, you’ve got the team, you’re managing the calls. But is your ITSM function efficient and effective?

    Join Snow, along with guest speakers Elinor Klavens and Robert Stroud from Forrester who present in our webinar “Drive ITSM improvements with SAM intelligence” as they explain the best practices in integrating SAM and ITSM tools and why Software Asset Management (SAM) solutions are pivotal to the smooth running of today’s enterprises.

    This webinar will highlight how ITSM leaders can benefit from advanced SAM technologies, including:
    •Multi-platform audit data
    •Cleansed & normalized software inventory.
    •Self-service technologies for software requests & deployments
  • How Software Eats Hardware in the Datacenter: Reducing Cost and Complexity How Software Eats Hardware in the Datacenter: Reducing Cost and Complexity Andy Ryan, Cloud Solutions Architect at vArmour Sep 1 2016 5:00 pm UTC 45 mins
    INTRO:

    As organizations move to virtual data centers and multi-cloud environments in a dangerous threat climate, they are faced with new security challenges they must overcome. But, they must do this without exponentially increasing the manpower, products, or resources they need, so they still get the most of their valuable security budgets. These challenges include:

    -Improving visibility inside data centers and cloud
    -Reducing the attack surface
    -Maintaining regulatory compliance standards.

    WHAT'S IN THIS WEBINAR:

    vArmour will explore trends in data center security that include the rise of software to replace firewalls inside the data center, segmentation and micro-segmentation as security techniques, and shifting ideas about software defined networking that:

    -Eliminate under-utilized zones and choke points
    -Avoid costly hardware refresh cycles and on-going maintenance
    -Lower the time it takes to see and stop threats
    -Reduce the time and complexity to process security changes
    -Increase speed of secure application delivery

    ABOUT THE SPEAKERS:

    Andy Ryan, Cloud Solutions Architect at vArmour
    https://www.linkedin.com/in/andyr
  • Enterprise Knowledge & Unified Communications Drives Impact Enterprise Knowledge & Unified Communications Drives Impact Microsoft Sep 1 2016 6:00 pm UTC 60 mins
    Get your employees in the loop with easily accessible knowledge!

    Some of the biggest drains on employee productivity and engagement come from one thing: a lack of available knowledge. Whether its an IT, HR, or customer service question, having to search multiple places for the answer, or contact another employee for it, wastes valuable time and effort. Having the right knowledge in the right place at the right time empowers people to work better, and the latest advancements in cloud applications and collaboration tools can help.

    In this webcast, you will learn how to:

    - Increase employee engagement, productivity, and satisfaction by providing easy access to a consistent, authoritative, and searchable knowledge base.

    - Reduce service cost and effort by deflecting questions from high cost channels (assisted-service) to more cost effective channels (self-service) for “help desk” functions enterprise–wide, including HR, IT, Compliance, Finance, Customer Service, and more.

    - Reinforce adherence to policies and procedures by making corporate compliance guidelines easily available to all employees.
  • S'entraîner, se préparer, se juger, réagir face aux attaques ciblées S'entraîner, se préparer, se juger, réagir face aux attaques ciblées David Grout, Technical Director, Southern Europe, FireEye Sep 2 2016 9:00 am UTC 45 mins
    Aujourd’hui la question n’est plus “vais-je être victime d’une attaque ou d’une tentative d’attaque ? » mais plutôt « quand vais-je l’être ? ». Comme pour le sport de haut niveau, la gestion de la sécurité d’une infrastructure nécessite de la préparation, de l’entrainement et de la compétition. Fort de notre expérience en victimologie avec nos équipes Mandiant et de notre vision des groupes d’attaquants à travers Isight Partners, nous avons mis en place différents programmes qui vous permettent d’être prêt le jour J et de régir le cas échéant. Venez découvrir comment nous pouvons vous accompagner dans toutes les phases amont et aval à travers nos prestations de consulting.
  • Manage any device, anywhere from a single console with HEAT LANrev Manage any device, anywhere from a single console with HEAT LANrev Margreet Fortune Sep 6 2016 9:45 am UTC 60 mins
    HEAT LANrev was Highly Commended in the recent Computing Vendor Excellence Awards in London - Mobile Management category.
    With the fragmentation of technology platforms and proliferation of mobile devices organisations today need a unified management approach for smart connected devices. Join this session to learn how HEAT LANrev can provide end to end multi-platform support for Windows, Mac, Linux, iOS and Android.
  • 2016 Threat Analysis: Learning from Real-World Attacks 2016 Threat Analysis: Learning from Real-World Attacks Matt Webster, CTU Security Researcher, SecureWorks Sep 6 2016 1:00 pm UTC 45 mins
    SecureWorks® incident responders assist hundreds of organisations annually with the containment and remediation of threats during suspected security incidents.

    Visibility of these incidents provides the SecureWorks Counter Threat Unit™ (CTU) research team with a unique view of emerging threats and developing trends. This Threat Intelligence is then continuously provided to clients, arming them with the information they need to stay one step ahead of adversaries trying to compromise their networks.

    In this webcast Matt Webster, CTU Security Researcher, will discuss developments in the threat landscape observed through SecureWorks’ Incident Response engagements from April to June of 2016, including;

    - Key developments of the APT threat
    - Criminal cyber threat trends
    - Developments in Ransomware

    Matt will also discuss observations of how the affected organisations could have better prepared for the threats they encountered.
  • The FCA Says the Cloud is OK The FCA Says the Cloud is OK Greg Hanson, CTO & VP Cloud EMEA, Informatica & Andrew Joss, Head of Industry consulting – Financial Services, Informatica Sep 6 2016 1:00 pm UTC 60 mins
    The Financial Conduct Authority (FCA) has released guidance for all Financial Services Institutions considering outsourcing to the Cloud, advising a Hybrid or Cloud deployment fosters innovation which can be a driver for effective competition.

    Using a third party provider to integrate with cloud software can open a new world of opportunities including cost efficiencies, increased security and a more flexible infrastructure capacity. These benefits support effective competition.

    Join this webinar and learn:

    1.Trends and drivers of change in Financial Services
    2.The latest guidance, from the FCA, for firms outsourcing to the ‘cloud’ and what it means
    3.Cloud, Hybrid and on-Premise – why no one size fits all and why that’s ok
    4.The benefits and the opportunity available to Financial Services Organisations
  • Risk in the Boardroom Risk in the Boardroom Ian Beale, Carolyn Saint and Louis Cooper Sep 6 2016 2:00 pm UTC 75 mins
    CEB's Ian Beale presents a 60 minute webinar on 'Risk in the Boardroom' with guest speakers: Carolyn Saint, CAE, University of Virginia and Louis Cooper, IRM approved trainer and Chief Executive of the Non-Executive Directors' Association
  • Experts show how hackers perform web attacks which kills your site ranking Experts show how hackers perform web attacks which kills your site ranking Leon Brown - Product Marketing, Symantec Website Security & Avishay Zawoznik - Security Researcher, Imperva Incapsula Sep 6 2016 3:00 pm UTC 45 mins
    After a brief introduction to the world of SEO, we will dive into the different types of web application attacks and manipulations that are made to either degrade your competitor’s ranking or raise your own.
  • Stop Reading the WSJ and Focus on Your Cyber Risks Stop Reading the WSJ and Focus on Your Cyber Risks Jay Schulman, Principal Security and Privacy at RSM US LLP Sep 6 2016 6:00 pm UTC 45 mins
    Too many organizations are focused on what issues others are having and don't pay enough attention to what inherent cybersecurity risks they are facing.
    Today's speaker, Jay Schulman, Principal Security and Privacy at RSM US LLP will walk through a concept called "Organizational Threat Modeling." Learn to take a holistic approach to security and look at the overall threats to the organization and then determine a method to address, accept or hedge risks.
  • The Internet of Things Requires a Security Rethink The Internet of Things Requires a Security Rethink Zeus Kerravala, Founder and Principal Analyst at ZK Research Sep 6 2016 6:00 pm UTC 45 mins
    The IoT Is Making Status Quo Network Security Obsolete

    The number of devices in the Internet of Things (IoT) category is exploding—adding billions of devices to networks every year that lack native security capabilities. Please join us as ZK Research Founder and Principal Analyst Zeus Kerravala discusses the Internet of Things and suggests ways to deal with IoT-related security challenges, including:
    • Why traditional perimeter defenses are no longer relevant and how IoT devices can circumvent conventional firewalls
    • The lack of IT and OT alignment—a major issue given that the IoT connects everything to a common network
    • The role agentless visibility and control play in finding, classifying and securing network-attached IoT devices
  • Microsoft Government Cloud: From Mobile to Big Data & More Microsoft Government Cloud: From Mobile to Big Data & More Alex Starykh & Chris Niehaus, Microsoft Sep 6 2016 6:00 pm UTC 60 mins
    Government organizations are undergoing a digital transformation. Across the U.S., government agencies are embracing the cloud, mobile computing, big data, and other advanced technologies to radically reduce operational costs and improve delivery of government services to citizens.

    Microsoft and its ecosystem of cloud solution providers are uniquely positioned to help federal, state, and local government organizations make this transformation. The Microsoft Government Cloud is among the most complete and secure clouds designed to meet the demands of U.S. government organizations.
  • 보안이상징후 및 내부정보 유출을 방지하기 위한 프로파일링의 기반의 이상 행위 분석을 통한 보안 전략 보안이상징후 및 내부정보 유출을 방지하기 위한 프로파일링의 기반의 이상 행위 분석을 통한 보안 전략 홍세진, 부장, HPE 소프트웨어 보안사업부, 휴렛팩커드 엔터프라이즈(HPE) Sep 7 2016 5:00 am UTC 60 mins
    공격자들은 지하 시장에서 점점 전문화 , 조직화하고 있으며, 공격 기법도 무서운 속도로 고도화하고 있습니다.
    정보 보호 업체인 “Websense Security Labs”이 미국, 영국, 캐나다, 호주의 IT관리자 1,000명 을 대상으로 조사한 결과 보고서에 따르면 대부분의 데이터 유출 사고는 “인가된 사용자”에 의해 이루어지고 있다고 합니다.
    또한 그 동안 국내/외 많은 보안 사고 사례를 통해 알 수 있듯이 대부분의 정보 유출 사고는 탈취된 정상 사용자 계정 권한을 이용해서 이루졌다는 사례를 언론 등을 통해서 접할 수 있었습니다.

    정보 유출 사고 예방을 위해 대부분의 보안 담당자는 이러한 알려진/알려지지 않은 다양한 보안 위협과 고도화된 내/외부에서 발생되는 위협을 식별 및 대응을 위한 위협 관리 체계의 필요성을 느끼고 있으며, 가트너에서는 향후 내/외부 다양한 보안 위협 예측 그리고 예방을 위해User Behavior Analytics (UBA) 사용은 필수이며, 2018년까지 최소 25%이상의 보안사고가 UBA 기술에 의해 탐지될 것이라고 리포트를 통해 예측하고 있습니다.

    프로파일링 기반 이상행위 분석은 정상적인 사용자 및 시스템의 행동과 적절한 연관성의 정상 기준선을 설정하고 사용자 및 동료 그룹 간 이상 현상을 실시간으로 분석을 통해 권한 보유 사용자의 비정상 행위를 시각화 및 위협 예측 그리고 예방합니다.

    또한 전체 IT 환경에 대한 보안을 더욱 민첩하고 지능적으로 변모하도록 요구하고 있으며, SIEM 보안 플랫폼과 연계 가능하며 UBA 기술은 알려진 위협과 알려지지 않은 위협에 관한 조치 가능한 정보를 생성하여, 사용자 및 시스템에 대한 세부적인 가시성을 제공함으로써 위협을 선제적으로 대응할 수 있는 보안 인텔리전스와 내부 위협를 보다 신속하게 해결할 수 있습니다.
  • Data sovereignty: Keeping your data close in the UK Data sovereignty: Keeping your data close in the UK Shannon Simpson, CEO, CNS Group Sep 7 2016 9:00 am UTC 45 mins
    A study by CNS Group found that 92 percent of IT security professionals said it is important to store, access and back up data in the UK. However, only 27 percent were very certain that their data did actually remain in the UK at all times. With Brexit and emerging data protection laws on the horizon, such as the EU General Data Protection Regulation, UK organisations of all sizes will need to know where in the world their data is stored and managed. If comprehensive questions about data sovereignty are not already part of your data governance strategy, they should be.

    Join our webinar to understand the key questions your organisation needs to answer about data sovereignty.
  • Data Protection 101: Follow and protect your critical data, wherever it lives Data Protection 101: Follow and protect your critical data, wherever it lives Sunil Choudrie, Global Solutions Marketing Manager Sep 7 2016 10:00 am UTC 60 mins
    When it comes to your sensitive data, how can you be sure that it is protected and none of it is leaving your environment?

    Organizations today face the following challenges:
    •Identifying the type of data that needs to be protected
    •Controlling access to data & ensuring identities aren’t exposed, especially in the face of significant regulatory fines
    •Prevent sensitive data from leaving the organization, mega-breaches & data loss is increasing year on year. Over half a billion personal records were stolen or lost in 2015, spear phishing campaigns targeting company employees increased by 55% in 2015

    Answer: Firstly allow the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands. Secondly Easily apply policies to control access and usage―in the cloud, on mobile devices, or on the network.

    Join Symantec for a webinar on the lessons learned regarding data protection across the many applications in your environment.
  • Network security, seriously? 2016 Network Penetration Tests Network security, seriously? 2016 Network Penetration Tests Peter Wood Sep 7 2016 10:00 am UTC 45 mins
    The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
  • Protection des données:comment gérer & protéger les données,où qu’elles résident Protection des données:comment gérer & protéger les données,où qu’elles résident Hervé Doreau, Directeur Technique – Symantec France Sep 7 2016 1:00 pm UTC 45 mins
    Lorsqu’il s’agit de vos données sensibles, comment pouvez-vous être certain qu’elles sont protégées et qu’aucune ne quitte votre environnement ?

    Les entreprises sont aujourd’hui confrontées aux difficultés suivantes :

    - Identifier le type de données à protéger
    - Contrôler l’accès aux données et garantir la confidentialité des identités, en particulier face aux fortes amendes prévues par la réglementation
    - Empêcher les fuites de données en dehors de l’organisation, les mégafuites et pertes de données s’accroissant d’année en année. 

    En 2015, plus d’un demi-milliard d’enregistrements personnels ont été dérobés ou perdus, et les campagnes de spear-phishing à l’encontre des salariés d’entreprise ont augmenté de 55 %.

    Dans un premier temps, il convient de permettre aux bonnes personnes d’accéder aux données pertinentes, où qu’elles se trouvent, en contrôlant l’accès, en surveillant les flux et en évitant qu’elles tombent entre de mauvaises mains. Vous pouvez alors facilement passer à la seconde étape : appliquer des politiques qui contrôlent l’accès aux données et leur utilisation, que ce soit sur le cloud, les appareils mobiles ou le réseau.

    Assistez à un webinaire Symantec sur les derniers enseignements tirés en matière de protection des données pour l’ensemble des applications qui composent votre environnement.
  • Exploring Russia’s Cyber Operations Exploring Russia’s Cyber Operations Dan McWhorter, Chief Intelligence Strategist at FireEye Sep 7 2016 1:00 pm UTC 45 mins
    Russia has a long history of utilising cyber actions to accomplish their information operations and national security goals. Organisations in Europe – in the private and public sector – are a top target of Russia-based cyber activity for espionage and crime. This talk will cover how some of Russia’s recent cyber actions were conducted, and it will highlight how well Russia has embraced the opportunities cyber provides when it comes to national security and foreign policy objectives. Dan McWhorter, Chief Intelligence Strategist at FireEye, will also discuss why organisations need to take note of these activities in Russia and steps to ensure your organisation is able to defend against these threats.