Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Real-Time Contextual Learning and Adaptation in an Era of Targeted Attacks Real-Time Contextual Learning and Adaptation in an Era of Targeted Attacks Simon Crosby, Co-Founder & CTO of Bromium Recorded: Feb 22 2017 60 mins
    You’ve heard a lot about using artificial intelligence and machine learning to change the odds in your favor in cyber-attacks. Unfortunately it turns out that the bad-guys have great AI too, and with each click they can stealthily adapt, morphing into a new hard-to-detect form. But what if we apply learning in real time, on every endpoint, and allow the endpoints to collaborate to identify the threat?

    In this talk Simon Crosby, co-founder and CTO of Bromium, will explore how this new approach can give defenders the edge in an era of targeted attacks.

    About the Presenter:
    Simon Crosby is a co-founder and CTO of Bromium Inc. – the pioneer of micro-virtualization, which enables PCs to defend themselves by design from all malware. Previously Simon was CTO, Data Center & Cloud at Citrix Systems, which acquired XenSource, where he was co-founder and CTO. He was formerly a Principal Engineer at Intel where he led strategic research on platform security and trust, and founder & CTO of CPlane Inc., a pioneer in Software Defined Networking. He was a faculty member in the Computer Laboratory at the University of Cambridge, UK from 1994-2000. He holds a PhD in Computer Science from the University of Cambridge, UK, and is author of more than 50 peer reviewed papers and patents.
  • How far can you trust AI How far can you trust AI Greg Pollock, VP of Product at UpGuard Recorded: Feb 22 2017 44 mins
    Machine learning is both cool and valuable, but to apply it effectively requires that we disregard the former in order to be rigorous about the latter. In this session we take a hard look at the qualities that make machine learning fit for purpose for problems in cyber security in order to lay out a global roadmap for how machine learning can solve security problems today. Even more importantly, our bottom-up analysis of machine learning will chart the areas where an excessive faith in automation can become harmful to a business' security posture.

    About the presenter:

    Greg has previously managed products and product teams for gaming and education startups with a focus on meaningful, measurable engagement loops. His games have been ranked in the top ten by traffic on Facebook, the top ten by revenue on the App Store, and as the Editor's Choice in the App Stores of over 70 countries.
  • Endpoint Breach: What Attackers Do Next to Penetrate Your Organization Endpoint Breach: What Attackers Do Next to Penetrate Your Organization Roi Abutbul, CEO & Founder, Javelin Networks Recorded: Feb 22 2017 40 mins
    Once breached at the endpoint, what does an attacker do? Where is he going? What does he want? The truth of APTs and advanced attacks is that they just don't want one machine - they want access to the heart of the organization. Since 1999, Microsoft has made the Windows Domain the heart of the network. Once accessed, it permits the attacker to control the organization - undetected and indefinitely. This is what the attacker wants. This webinar will discuss all moves an attacker can make to go from a compromised machine to achieve his goal from a statistical point of view; we will present the probability of detection and evidence-gathering for any move made along the way.


    Roi is CEO and Founder of Javelin Networks, a post breach containment technology that focuses on stopping attackers from credential misuse and lateral movement after compromising a machine. Roi served in the Israeli Air Force at the OFEK unit where he worked on the security of the Israeli satellite launch, Arrow missiles and the Air Force drones. As a network and security engineer, he was influential in designing, developing, analyzing, implementing large enterprise communication networks, both nationally and around the world. Worked for four years as a Security consultant, leading ongoing projects at the Vatican and other military organizations.
  • Why Built-In Data Protection & Network Security are Key to Threat Intelligence Why Built-In Data Protection & Network Security are Key to Threat Intelligence Stephen Jeffries, Technical Architect, Microsoft Recorded: Feb 22 2017 36 mins
    With more than 250 million threats online in any given day, security for your business has never been more critical. These threats can cause loss of data and personal information with increased risk of identity theft. Windows 10 includes built-in protection to help keep you more secure with all new features in the Anniversary update.

    Join this webcast to learn more about the two major new security features that launched with the Anniversary update:

    - Windows Defender Advanced Threat Protection (WDATP) detects, investigates, and responds to advanced malicious attacks on networks by providing a more comprehensive threat intelligence and attack detection
    - Windows Information Protection enables businesses to separate personal and organizational data and helps protect corporate data from accidental data leaks.
  • Quantifying DevOps Outcomes - Digital transformation and the competitive edge Quantifying DevOps Outcomes - Digital transformation and the competitive edge George Miranda, Technical Strategy Recorded: Feb 22 2017 31 mins
    This webinar is part one of a four part series that examines how digital transformation enables you to outperform competitors.

    Digital transformation occurs when a company adopts technologies and practices that change it from one that ships its software slowly and painfully to one that ships software quickly while, at the same time, improving its quality and mitigating risk. Businesses that embrace digital transformation outperform their competitors: they capitalize on disruption rather than allowing themselves to be disrupted. They deliver their software faster, with higher efficiency and lower risk. These advances can be quantified to prove their effectiveness.

    This short-form webinar series invites you to participate in a discussion on how to implement digital transformation and which metrics demonstrate progress on your journey. The first part of our series, focuses on the overall challenges businesses face in the marketplace and how to gauge where you stand. Subsequent webinars will focus on specific measures that move transformation forward.

    Join us to:
    - Learn how industry trends shape your internal challenges
    - Explore how companies have resolved tensions between central IT organizations and development teams
    - Learn how to use industry metrics to determine where you should be focusing your efforts
    - Participate in a virtual roundtable discussion where you can ask the questions most relevant to you

    Who should attend:
    - Director/VP of technology teams
    - Technology executives
    - Management seeking strategic alignment with business objectives
  • Reducing Open Source Risk and Remediation Costs Early in the SDLC Reducing Open Source Risk and Remediation Costs Early in the SDLC Pat Durante, Senior Director Education Services; John Beaudoin, Senior Instructional Designer Recorded: Feb 22 2017 74 mins
    Increasingly, organizations worldwide are implementing open source security and license risk assessment capabilities early in the software development lifecycle when the cost to remediate issues is lowest. This webinar will demonstrate Black Duck Hub’s effectiveness in providing comprehensive risk assessments when used in combination with our Eclipse IDE plugin, Build Tool, and CI Tool integrations. Additionally, we'll review valuable new features in Black Duck Hub 3.5.
    You’ll also learn:
    - How to improve the accuracy of your open source inventory by leverage open source dependency discovery techniques for build tools and package managers
    - Options for incorporating Hub scanning into your Continuous Integration environments
    - How to track remediation tasks using the Hub-Jira integration
    - How to streamline your component review process
    - Use cases for scanning binary repositories such as Artifactory
  • Immune System Cyber Defense: Across the Cloud and Beyond Immune System Cyber Defense: Across the Cloud and Beyond Andrew Tsonchev, Principal Consultant; Simon Wilson, Senior Cyber Technician Recorded: Feb 22 2017 45 mins
    By 2020, 92% of all business will rely on cloud infrastructure. The shift to cloud and virtualized environments is changing the nature of network borders, and creates a new frontier for cyber-attackers. How do security teams defend their organizations against emerging threats within the cloud and beyond?
  • Rise of the Zombie Army - A Study of Botnets Rise of the Zombie Army - A Study of Botnets Ronan Lavelle, General Manager EMEA, Zenedge Recorded: Feb 22 2017 36 mins
    From Haitian folklore to George A. Romero’s Dawn of the Dead, the use of Zombies in fictional settings has experienced a strong resurgence in recent years. With fact mirroring fiction, the real world has also faced the terror of dealing with a rise of mindless automatons capable of creating mass devastation on an international scale.

    We are of course talking about the rise of Botnets.

    Come join us for an interactive presentation with chief zombie-wrangler, Ronan Lavelle, on the insidious rise of this threat looking at recent attacks, the link in growth to insecure IoT devices and just what we can do to combat them.

    This webinar is perfect for cyber professionals those who want to:

    - stop data loss by defending against botnets
    - better respond to incidents and remediate
    - reduce attack surfaces and counter threats
  • State of Endpoint Protection & How Machine Learning Helps Stop The Attacks State of Endpoint Protection & How Machine Learning Helps Stop The Attacks Robert Arandjelovic & Jose Carlos Cerezo Recorded: Feb 22 2017 61 mins
    In the world of endpoint security and antivirus there no less than 37 new endpoint security products that have emerged in the past five years, each claimed to address the changing landscape, but is it all just hype?

    Learn more about Machine Learning, what it is, how it works, and what else you need to protect yourself across all points of attack.

    Key Learning Objectives:

    •What is the state of the industry for Endpoint Protection technology
    •Why machine learning is not enough
    •Discover how to reduce the number of agents on your endpoint with the high-performance lightweight agent that includes advanced machine learning, exploit mitigation, antimalware, and more
  • Panel Discussion - AI & Machine Learning in Cyber Security Panel Discussion - AI & Machine Learning in Cyber Security Josh Downs, BrightTALK; John Laliberte, FireEye; Natalino Busa, TeraData & Neill Gernon, AI.Dublin and Atrovate Recorded: Feb 22 2017 60 mins
    A live online panel discussion focused on the debate around AI and machine learning and how they can automate cyber security; catch more threats and malicious attacks and prove a useful weapon against cyber crime.

    Panelists:

    - Josh Downs, Community Manager - Information Security, BrightTALK (moderator)

    - John Laliberte, VP, Endpoint and ICE, FireEye

    - Natalino Busa, Head of Applied Data, TeraData

    - Neil Gernon, MD, Atrovate & Founder, Dublin.AI
  • Spotlight on INDIA – Beyond Compliance: Conquering Data Security in Pharma Spotlight on INDIA – Beyond Compliance: Conquering Data Security in Pharma Chaitanya Singh Rathore, Pre Sales Engineer Recorded: Feb 22 2017 39 mins
    Economies hit annually with billions through cybercrime & implications of cybercrime within the pharmaceutical and healthcare industry go beyond the obvious financial damage because of the:

    •Intellectual property
    •Lack of right Data Security strategy to protect against cyber-attacks
    •Insiders rather than external hackers who hold large amounts of valuable IP and trade secrets (DuPont breach in 2012)

    Key learnings:
    •The best way to protect sensitive information, including Patent Files, Legal filings, Prescription Records, Insurance Records, and Sales Details from breaches
    •How to secure private data from theft or loss to reduce liability
    •How to manage a multi-device complex IT environment with ease
  • Do You Really Know Your Users? How Security Analytics Can Detect User Threats Do You Really Know Your Users? How Security Analytics Can Detect User Threats David Gorton, Senior Product Manager, LogRhythm & Mark Settle Product Marketing Manager, LogRhythm Recorded: Feb 22 2017 58 mins
    As a cybersecurity pro, you already know that users are both an organization’s greatest asset and its greatest vulnerability. Users can do great damage—and they’re notoriously difficult to catch.

    If you’re focused on addressing user threats, User Behavior Analytics (UBA) can be a powerful tool in your kit. In this webcast David Gorton and Mark Settle from LogRhythm, discuss the elements of an effective user threat detection program. You’ll learn:

    - Why detecting user threats is so important—and so difficult
    - Different approaches to UBA
    - The value of data from across your enterprise
    - How to maximize the efficiency of your security analysts

    Watch the webcast to learn how UBA can help you discover hidden user threats, reduce false-positives, and properly prioritize the most concerning threats.
  • Threat Actors Are Using Automation.. Are You Automating Threat Response? Threat Actors Are Using Automation.. Are You Automating Threat Response? Joseph Yun, Sr. Product Evangelist, ProofPoint Recorded: Feb 21 2017 43 mins
    Threat Actors figured out long ago that automating and orchestrating their attacks gives them the ability to conduct their campaigns more efficiently and effectively. The byproduct of these automated attacks is a high volume of events and alerts meant to overwhelm enterprises. Enterprises conducting predominantly manual investigations and remediations will never be able to scale to the level of those attackers utilizing automated tactics.

    Join us on February 21, 2017 at 1 PM PT and learn how to quickly and easily


    •Understand the scope of automation necessary to combat mass campaigns from attackers
    •Understand which automations can be accomplished with the fastest ROI
    •Understand how,you can automate and apply internal context, 3rd party intelligence, campaign data, and investigations
    •Deploy powerful and proven shortcuts to integrate with alert sources and enforcement systems
  • Today's Government Networks: Detect and Prevent Hidden Attacks and Data Leakage Today's Government Networks: Detect and Prevent Hidden Attacks and Data Leakage Pamela Warren - Director of Government & Industry Initiatives & Mark Harman - Federal SE for Palo Alto Networks Recorded: Feb 21 2017 33 mins
    A comprehensive security strategy for Federal and other government agencies requires in-depth analysis of encrypted traffic to detect and prevent hidden attacks and data leakage. SSL has become a favorite tool that attackers use to distribute malware to evade detection by security devices, such as a firewall, IPS or web gateway. Increasing numbers of attackers, including state-sponsored actors, are using this technology to hide malware and escalate the likelihood of successful attacks.

    Join this informative webcast to review your options to ensure a more comprehensive view of this potentially malicious traffic.
  • HPE PPM Avoids the Pitfalls when Managing Project Time, Cost and Resources HPE PPM Avoids the Pitfalls when Managing Project Time, Cost and Resources Silvia Siqueria, HPE, Mohammed Wahab, HPE Recorded: Feb 21 2017 61 mins
    Struggling to manage time, cost and resources across your business applications? Are you missing real-time critical information to make the right investment decisions at the right time? Then join us as we hear how industry practitioners standardize, manage and capture execution of their projects, resources and operational activities.

    Examine best practices by your peers who are using HPE Project and Portfolio Management to provide the business both visibility and data consolidation as they govern and collaborate across application projects and portfolio. Learn how they have differentiated their application delivery through speed and agility, while at the same time reducing costs for quality IT operations.

    Explore out-of-the-box methods for tracking project time, cost and resources
    Learn easy ways to establish standardization for your HPE PPM environment
    Hear customer-proven methods for project governance and collaboration through HPE PPM
  • Scaling Security at DevOps Speed Scaling Security at DevOps Speed Mike Goldgof, VP of Marketing at WhiteHat Security Recorded: Feb 21 2017 43 mins
    Seamlessly integrating AppSec testing into CI processes earlier in the SDLC has become the holy grail of DevOps and security teams. Achieving this means apps are not only more secure and can be deployed more quickly, but companies are also able to reap substantial cost and resource savings.

    Join Mike Goldgof, WhiteHat Security’s VP of Marketing, to learn about best practices and what’s needed to fit security testing into highly-automated Agile DevOps processes, that are transforming the development world and speed of delivery dictated by businesses today.
  • Key Security Insights: Examining 2016 to predict what's coming in 2017 Key Security Insights: Examining 2016 to predict what's coming in 2017 Ken Dang Recorded: Feb 21 2017 64 mins
    Cyber-crimes are alive and well on the global stage. Don’t resist taking the necessary defense measures to stop threats from slipping through the cracks. In this SonicWall Security Annual Threat webcast, we’ll present the most common attacks in 2016 and the ways we expect new threats to affect businesses throughout 2017.

    Some report highlights:
    •Ransomware changes in 2016 and the effects on malicious email and exploit kits
    •The growth and challenges of SSL
    •How Internet of Things devices were exploited and different security steps some organizations are taking in response
    •Developments in Android security
    •Changes in Point of Sale Malware compared to 2015 and useful lessons to be learned
  • Security Myths Debunked: Running Your Business In the Cloud Security Myths Debunked: Running Your Business In the Cloud Adrian Sanabria, Senior Analyst, Information Security at 451 Research & Aaron Newman, CEO & Founder at CloudCheckr Recorded: Feb 21 2017 57 mins
    Organizational efficiency and convenience were the initial appeal of the cloud: add servers when you need them, get rid of them when you don't. Offering businesses the ability to automatically scale with workload and application needs, the cloud offers endless potential to grow at scale. As cloud technology continues to evolve and diversify—from public to private, hybrid to multi-cloud—the use cases and potential benefits have also expanded. And, unlike traditional IT, cloud performance and capacity drivers also tend to improve infrastructure security. During this webinar, we'll explore:

    *Using cloud security as a competitive advantage for your business
    *How focus on performance, agility, and efficiency in cloud mutually benefits security
    *The changes in thinking and design necessary to unlock the cloud’s potential for improving security
    *Practical strategies for automation, monitoring, mitigation and incident response

    Join 451 Research and CloudCheckr for an exclusive webinar to discuss trends, challenges, and opportunities for organizations looking to leverage the true potential of the cloud.

    About CloudCheckr:
    CloudCheckr is a unified cost and security automation platform that gives you visibility, insight, and automation for your AWS environment. CloudCheckr delivers a suite of products for cloud operations, security and finance teams for Cost Management, Security and Compliance, Utilization and Inventory.
  • Incident Response and GDPR. What You Need To Know. Incident Response and GDPR. What You Need To Know. Amar Singh Feb 23 2017 9:00 am UTC 60 mins
    Warning - this is not just another GDPR webinar. Join Amar Singh in his popular and interactive webinars and deep-dive into this special Cyber Incident Planning & Response webinar where we share and discuss the following:

    * - What are the key components to automate in incident management to enable GDPR compliance.

    * - Four important questions a CISO or Manager must ask to manage an incident successfully.

    * - Understand Process Automation for Incident Orchestration.

    * - How you can, using the technology and processes, build a lean, effective and knowledge Security team with or without a Security Operations Centre.

    * - Data Protection and Incident Response for the non-technical manager.

    * - How and why it's critical that middle and senior management, working with technical teams, get involved in delivering effective cyber incident planning & response.
  • How to Gate, Watch and Guard your Sensitive Data Everywhere How to Gate, Watch and Guard your Sensitive Data Everywhere Sunil Choudrie Feb 23 2017 11:00 am UTC 60 mins
    The sad truth is that Invaders are trying to breach your defenses every day. With five out of every six large organizations being targeted by advanced attackers, protecting your data is a smart way to keep you from becoming tomorrow’s headline.

    So what does data protection mean? A comprehensive approach allows the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands.

    We will explain how Symantec technology addresses this approach and how you will benefit from:

    •Grant and ensure access only for authorized users with strong, multi-factor authentication, on any device, including BYOD.

    •Watching over data wherever it lives—in the cloud, on premise, in motion, and at rest.

    •Preventing data loss with unified policy controls to encrypt or block vulnerable information before it leaves the gate.
  • Protecting Your Data with Effective Incident Response, Monitoring & Threat Intel Protecting Your Data with Effective Incident Response, Monitoring & Threat Intel Stuart Davis, Director, Mandiant & David Grout, Systems Engineering Director, FireEye Feb 23 2017 11:30 am UTC 45 mins
    Protecting against data loss is a key focus of any organisation’s information security program. However it is not always that easy to put long term initiatives in place with consistent monitoring and response effectiveness to mitigate against advanced attacks where intellectual property may be the target.

    In this webinar Stuart and David will explain how effective incident response, long term monitoring and threat intelligence can help deal with data protection against advanced persistent threats (APTs) in this modern age of cyber warfare.
  • The Role of Orchestration in Incident Response The Role of Orchestration in Incident Response Ted Julian, VP of Product Management, IBM Resilient Feb 23 2017 12:00 pm UTC 45 mins
    Faced with an avalanche of alerts, insufficient staffing, and a bewildering regulatory environment it's no wonder that most organizations struggle to respond effectively to cyber attacks. Successfully resolving attacks requires fast, intelligent, and decisive action - organizations need to have an orchestrated plan in place before an attack occurs. Indeed, the best organizations leverage an orchestrated response capability to achieve cyber resilience, the ability to weather the inevitable cyber attacks as just another part of doing business.

    Join IBM Resilient’s Ted Julian, VP of Product Management to explore the latest incident response methodology and technology. Can automation really save the day? Or are the naysayers correct that the automation cure is worse than the disease itself? From instant escalation, to automatic enrichment, to guided mitigation, Ted will explore the latest incident response techniques and share what works and what doesn't. Attendees will gain a framework for understanding their incident response capability and a maturity model for evaluating opportunities for orchestration / automation.
  • [Video Interview] Threat Management and the Keys to Avoiding a Major Data Breach [Video Interview] Threat Management and the Keys to Avoiding a Major Data Breach Ross Brewer, VP & MD, LogRhythm & Josh Downs, Community Manager, BrightTALK Feb 23 2017 1:00 pm UTC 45 mins
    Research shows that 76% of companies suffered a data breach in 2016, so it’s now almost inevitable that hackers will gain access to your company and your sensitive data.

    Security professionals are now looking to deal with breaches faster, to keep their company off the front page and with heavy GDPR fines on the horizon, they’re wise to do so…

    Organisations are fearful of damaging data breaches but unsure of the best course of action to protect themselves from major cyber incidents. Whilst a large per cent of businesses focus on building up perimeter defences, not enough are concentrating on monitoring their own network for the best chance to detect threats and mitigate them before significant damage is done.

    Tune into this in-depth one-on-one interview to learn:

    - More about the threatscape and the dangers to your organisation

    - The influence that GDPR will have and steps you need to take

    - Processes for responding to a breach

    - The workflow for effective threat management
  • [Video Interview] RSA 2017 - Raj Samani, Intel Security [Video Interview] RSA 2017 - Raj Samani, Intel Security Josh Downs, Community Manager, BrightTALK & Raj Samani, EMEA CTO, Intel Security Feb 23 2017 2:00 pm UTC 45 mins
    BrightTALK will be broadcasting an in-depth interview with Raj Samani, CTO EMEA, Intel Security and Josh Downs, Community Manager at BrightTALK.

    Topics up for discussion will include:

    - The new political climate and it's effect on Cyber Security and global cyber warfare

    - The supposed Russian hack on the 2016 US election

    - GDPR and what companies need to be doing to prepare for 2018

    - Equal opportunities in the information security industry

    - The rise of AI & Machine learning and how it'll influence the cyber world

    - IoT and how to keep connected devices all safe and secure

    - Incident response and steps to take if you've been breached!

    - The 2017 threatscape and what you shoud be concentrating on

    All this and much more - join us for the broadcast.
  • [VIDEO Panel] Securing the Cloud and Driving Digital Transformation [VIDEO Panel] Securing the Cloud and Driving Digital Transformation Josh Downs, BrightTALK (moderator); Dan Webb, James Brown, Oliver Pinson-Roxburgh & David Howorth, Alert Logic Feb 23 2017 3:00 pm UTC 75 mins
    Digital transformation is changing the business landscape for every organisation, with the way new technologies can unlock competitive advantage, enable efficiently, agility and enhance customer experiences. The cloud is where this innovation is happening and enabling this transformation, but when you take advantage of its possibilities, it’s crucial that you secure your cloud applications and workloads.

    If you’re building applications or migrating workloads to the cloud, you’re probably like most organisations – trying to determine what security controls are needed, and how to integrate workload security without slowing down innovation or needing to add dedicated security staff – which these days is harder to find and more expensive to keep.

    During this panel discussion you will hear from industry experts as they discuss what steps and considerations should be taken when moving to any cloud. Where are the responsibilities of security and how do you maintain visibility and control over your data, including:

    - Why when moving business critical applications to the cloud you require a different approach to security?
    - Best Practices for minimizing risk in your cloud adoption
    - Filling the Cloud Security IT Skills Gap
    - Managing the Challenges of the Cloud under EU GDPR