Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Can Privacy and Government Encryption Backdoors Co-Exist or Is It an Oxymoron? Can Privacy and Government Encryption Backdoors Co-Exist or Is It an Oxymoron? Chenxi Wang (Twistlock) & Kenesa Ahmad (Promontory Financial Group) Oct 31 2016 5:00 pm UTC 45 mins
    Are government encryption backdoors and privacy in such a fundamental conflict that one necessarily obliterates the other. We will also be examining this issue in the context of the big data era - is law enforcement really going dark or is right now the golden age of surveillance?

    - Chenxi Wang, Chief Strategy Officer at Twistlock
    - Kenesa Ahmad, Privacy Associate, Promontory Financial Group, LLC | WISP Chair and Co-Founder
  • Next-Generation End-to-End MDM Solution from Informatica Next-Generation End-to-End MDM Solution from Informatica Ben Rund, Prash Chandramohan Nov 1 2016 3:00 pm UTC 30 mins
    Creating the ultimate master record with a 360-degree view just got re-mastered. Join us as we talk about Informatica MDM – a true multi-domain MDM solution, available both on-premise and in the cloud.

    Take a look “under the hood” as we share the freshest updates for our data quality, data integration, and business process management workflow integrations with Informatica MDM. Learn how to improve your customer and business profiles with our Contact Validation Data-as-a-Service powered by Dun & Bradstreet, which helps you fill in the missing information you need, for accurate records you can swear by.

    Join us for a live webinar to tour what’s new in Informatica MDM:

    •See the latest features and functionalities available in our flagship MDM solution

    •Explore the flexible and powerful user interface with rich new page layouts that make it easier to view, add and update business-critical data and relationships

    •Meet Entity 360, an intuitive UI platform for building business user focused rich interfaces such as Customer 360, Product 360, and Supplier 360

    Who is this webinar for?

    •Current Informatica MDM customers who want to know what’s latest from industry leader

    •MDM consultants, practitioners, and developers who want to stay on top of MDM advancements

    •You! Just browsing or researching MDM options? Perfect! Or maybe you’re MDM-curious? Awesome! This webinar will help you understand what Informatica MDM does, how it’s used, what’s possible, and whether or not it fits your business needs

    Ranked as a clear leader in top analyst reports, including Gartner MQ, Forrester Wave, and The Information Difference MDM Landscape, Informatica MDM has been awarded top scores for customer satisfaction, innovative technology, and market strength.

    Can’t attend the live webinar? Sign up today and we’ll send you the on-demand recording afterward.
  • Best Practice highlights of ITSM Tool Selection Best Practice highlights of ITSM Tool Selection Eddie Potts, Principal Consultant Pink Elephant EMEA ltd Nov 1 2016 4:00 pm UTC 60 mins
    The decision to procure or to subscribe to a new ITSM tool invariably involves a significant investment. Such a purchasing decision should be treated like any other significant business investment, yet experience suggests that with regards to ITSM Tool selection the normal rules of procurement good practice are often not heeded.

    Research shows that organisations typically replace their ITSM tools every 3-5 years. This is arguably because organisations suffer a lack of ITSM improvement road maps, which baseline the current state and outline the people, processes and technology resources required to reach the desired state.

    The challenge is compounded as the ITSM tools market is increasing crowded, complex and dynamic. In short ITSM tool selection is a complex decision!

    Join Eddie Potts, Principal Consultant of Pink Elephant EMEA, as he highlights best practice methods of choosing an ITSM tool as an introduction to the ITSM Tooling Whitepaper being released in mid-November 2016.
  • Big Data Drives Big Efficiency Big Data Drives Big Efficiency Matt Aslett - 451 Research Director, Data Platforms and Analytics with Aali Masood, Senior Director, Oracle Nov 1 2016 4:30 pm UTC 60 mins
    Improving the efficiency of existing processes is critical for enterprises, and one of the first proof points of many big data projects. In the long-term enterprises may be looking for big data to generate revenue from new projects and applications, but proving the potential benefits by improving the efficiency of existing business processes – such as optimizing supply chains, or accelerating compliance – is a good place to start. Additionally, operating more efficiently at lower cost and with lower risk enables an organization to redirect budget towards driving growth.

    Join Oracle and 451 Research for a webinar exploring how to make this operational efficiency possible through a combination of data management, statistical analysis and visualization.
  • Securing Your Web Apps in Today's Complex Cloud Environment Securing Your Web Apps in Today's Complex Cloud Environment Alex Jones, Security Engineer, Gainsight & Dave Ferguson, Solution Architect, Qualys Nov 1 2016 6:00 pm UTC 60 mins
    Today, securing web applications has become more complex as organizations increasingly deploy and manage their web applications in the cloud. Modern web technologies such as sophisticated JavaScript frameworks and SPAs present increasing challenges to web application scanning, as crawling has become more difficult to manage.

    During this webcast Alex Jones from Gainsight and Dave Ferguson from Qualys will discuss how Qualys has helped Gainsight to:

    - Scan, discover, catalog applications on multiple cloud environments for vulnerabilities and website misconfigurations.

    - Adapt to increasingly complex and new web application technologies.

    - Build an easy-to-use, accurate and scalable scanning program across web application and network infrastructure.
  • Government Webinar: Accurate visibility of all software & hardware assets Government Webinar: Accurate visibility of all software & hardware assets David Foxen, SAM Evangelist Nov 2 2016 11:00 am UTC 45 mins
    With a strong track record in Government, find out how Snow Software provides a consolidated view of all licenses, enabling staff to use just one interface to manage multiple software vendors, device types and locations across all platforms.

    Snow Software is an ideal choice for all Government functions thanks to its multi-platform coverage and automatic software recognition of Software
  • Is Phishing and Ransomware a Critical Issue for you yet? Is Phishing and Ransomware a Critical Issue for you yet? Robert O'Brien, CEO MetaCompliance & Carey Harding, Cyber Security Consultant MetaCompliance Nov 2 2016 2:00 pm UTC 30 mins
    Ransomware and Phishing attacks have become a significant issue in organisations both large and small. The possibility of major business disruption arising from falling victim to Phishing or Ransomware is quite high, given that roughly 156 million phishing emails are sent globally every day.

    The FBI reports that ransomware attacks have cost $209 Million in just the first three months of 2016, which is more than eight times the total for 2015. At this rate, ransomware is expected to yield close to $1 Billion by the end of the year unless individuals and organisations improve both their defences and security awareness.

    Organisations must determine methods of improving their employees’ ability to withstand these threats, or at least, counter the most obvious ones. Cyber Security Awareness continues to become a major issue for management attempting to steer a safe course in order to carry out their “business as usual”.

    Some of the key topics that will be discussed are:

    •How has phishing and ransomware become so widespread?

    •What are the best methods for countering the threat of phishing and ransomware?

    •How can we improve the resistance of our user population to this threat?
  • Cisco ACI & Tufin: Maximize Agility & Compliance with Policy-Driven Automation Cisco ACI & Tufin: Maximize Agility & Compliance with Policy-Driven Automation Amnon Even Zohar, Director of Cloud Product Management, Tufin & Ranga Rao, Director of Technical Marketing, Cisco Nov 2 2016 3:00 pm UTC 60 mins
    Agility is the single most critical competitive factor in today’s business landscape and policy-driven automation is key across a complex, hybrid network.
    Cisco ACI is a policy-based network automation solution for accelerating application delivery, reducing operating costs, and gaining greater business agility. Tufin Orchestration Suite is a unified platform for orchestrating application connectivity across the heterogeneous enterprise network, including firewalls, hybrid cloud platforms and now also Cisco ACI.
    Join the webinar to:
    1. Learn more about the alliance and integration between Cisco and Tufin
    2.Review how the integration maximizes agility and compliance for enterprise customers from different industries
    3.Focus on the ability to manage application connectivity across the heterogeneous network
  • NGIPS: Market Trends and Group Test Results NGIPS: Market Trends and Group Test Results Thomas Skybakmoen, Rob Johnson Nov 2 2016 6:00 pm UTC 45 mins
    Next Generation Intrusion Prevention Systems are designed to protect against a new generation of threats that move faster and are more evasive than ever. Join NSS Labs as we explain NGIPS market trends, group test results, and the critical features to consider when purchasing a NGIPS.
  • Turbocharge your cyber investigations, Part 2 Turbocharge your cyber investigations, Part 2 Jeff Lenton, Solutions Architect, RiskIQ Nov 3 2016 2:00 pm UTC 45 mins
    While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.

    In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on SSL Certs, Host Pairs and Trackers. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.
  • Vawtrak v2: The next big banking Trojan Vawtrak v2: The next big banking Trojan Victor Acin, Malware Analyst, Blueliv Threat Intelligence Research Labs Nov 3 2016 3:00 pm UTC 60 mins
    Vawtrak is a serious threat to the banking eco-system and is predicted to be the next major banking Trojan.

    Blueliv’s Threat Intelligence Research Labs team has published new research based on in-depth analysis of Vawtrak, including the results from tracking the cybercriminal group infrastructure and a technical investigation which analyzes the evolution of the botnet.

    The CrimeServer infrastructure behind the Vawtrak banking Trojan thrives on basic sharing of information to maintain a highly resilient criminal network. So, sharing is a large part of the problem. But it is also part of the solution.

    We believe sharing intelligence strengthens our defences against the ever-evolving cyber threats of today.

    Join us as we explore the distribution and execution of the Vawtrak banking Trojan, how attackers are collecting stolen data and the relevance of cyber threat intelligence to the finance sector in the context of Vawtrak.

    This webinar includes detailed technical analysis of cybercriminal network infrastructures and an in depth look at how the malware is executed. The research is of special interest to malware researchers and threat intel analysts. The webinar is aimed at listeners with a degree of technical understanding about malware and banking Trojans.
  • Myths and Misperceptions of Open Source Security Myths and Misperceptions of Open Source Security Mike Pittenger, VP of Security Strategy, Black Duck Nov 3 2016 3:00 pm UTC 60 mins
    Businesses and governments worldwide increasingly rely on open source software to reduce development costs, get to market faster, and innovate. Despite its ubiquity, there are many management and security challenges that have accompanied the explosive growth in open source usage. Most organizations don’t know how much open source is in their applications or where it is in their code base. There is considerable confusion and misinformation about the what strategies and tools are needed to identify known open source vulnerabilities in the application code and assure the secure use of open source.

    Please join Black Duck's VP of Security Strategy Mike Pittenger as he unpacks the common myths and misperceptions surrounding open source use and learn best practices to secure and manage your open source, reduce risk from security vulnerabilities and increase efficiency within your SDLC.
  • Risk Manager for IRAM2 Risk Manager for IRAM2 COO, Nick Rafferty & Head of Products, Oliver Vistisen Nov 3 2016 4:00 pm UTC 45 mins
    SureCloud has worked with key ISF community members to develop an application (Risk Manager for IRAM2) that simplifies, automates and accelerates the IRAM2 risk assessment process.

    The application reduces the number of sheets required to complete the assessment from 21 to 11 – by removing repetition, and centrally storing data relating to the profile of the business.
  • CA Briefings Part 3: Step 2: Protect from Within - Requirements for PAM CA Briefings Part 3: Step 2: Protect from Within - Requirements for PAM John Hawley, VP of Security Strategy, CA Technologies and Brandon Dunlap, Moderator, (ISC)2 Nov 3 2016 5:00 pm UTC 75 mins
    Identity is the new perimeter for Security in the digital enterprise. According to Forrester, 80% of security breaches involve the use or abuse of privileged credentials. At the same time, compliance mandates (such as PCI) require organizations to focus on how they manage and control privileged users in order to protect these critical resources. Privileged Access Management (PAM) provides a host of capabilities that enable organizations to address these critical challenges. Join CA Technologies and (ISC)2 on November 3, 2016 at 1:00PM Eastern as we continue examining the steps for strengthening your enterprise and increasing customer engagement highlighting emerging requirements in privileged access management and present key capabilities that are important in a comprehensive PAM solution.
  • Unedited: Tales, Tips and Technologies from a Security Company CISO Unedited: Tales, Tips and Technologies from a Security Company CISO Shahar Ben-Hador, Chief Information Security Officer; Paul Steen, Senior Director, Global Security Strategist Nov 3 2016 5:00 pm UTC 75 mins
    It’s Cyber Security Awareness Month—a great time to prepare your company against cyber threats. We know that running security for your company can be a difficult task. In addition to dealing with employees and executives, CISOs have the added challenge of working with the board. We want to share what we’ve learned, and talk about what has and has not worked for us. Spoiler alert: “You can’t patch people.”

    Join this webinar with Shahar Ben-Hador, Chief Information Security Officer (CISO), and Paul Steen, Senior Director, Global Security Strategist for a lively interactive session that will include:
    · Humorous security tales and repercussions of employee behaviors
    · Tips to deal with employees, execs and board members
    · Security technology recommendations that work best across a security stack

    Cybersecurity is ultimately about people, and, for better or worse, human nature will always prevail. The trick is establishing a pragmatic security posture to deal with that reality. Join our CISO for an off-script, unedited security discussion.

    Do you have pressing questions you’d like to have answered? Send them to AskTheCISO@imperva.com, and we’ll get them in front of our CISO. Who knows? They might just end up part of the discussion.
  • CISO Says: Interview with Ivan Holman, Group Information Security Officer, EWI CISO Says: Interview with Ivan Holman, Group Information Security Officer, EWI Speaker: Ivan Holman, Group Information Security Officer, EWI, Moderator: Adrian Davis, Managing Director (ISC)² EMEA Nov 7 2016 12:00 pm UTC 60 mins
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
  • How to Gate, Watch and Guard your Sensitive Data Everywhere How to Gate, Watch and Guard your Sensitive Data Everywhere Sunil Choudrie, Global Solutions Manager Symantec and Jamie Manuel, Sr. Marketing Manager Nov 8 2016 5:00 am UTC 60 mins
    The sad truth is that Invaders are trying to breach your defenses every day. With five out of every six large organizations being targeted by advanced attackers, protecting your data is a smart way to keep you from becoming tomorrow’s headline.

    So what does data protection mean? A comprehensive approach allows the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands.

    We will explain how Symantec technology addresses this approach and how you will benefit from:

    •Grant and ensure access only for authorized users with strong, multi-factor authentication, on any device, including BYOD.
    •Watching over data wherever it lives—in the cloud, on premise, in motion, and at rest.
    •Preventing data loss with unified policy controls to encrypt or block vulnerable information before it leaves the gate.
  • One Firewall to Rule them All! One Firewall to Rule them All! Patrick Grillo, Senior Director, Security Solutions, Fortinet Nov 8 2016 10:00 am UTC 45 mins
    The firewall wars have caused nothing but confusion in the market. Lines have been drawn between UTM and NGFW; are they different or are they the same thing? Unfortunately that confusion has led to introducing complexity and vulnerability in enterprise networks. There is a better way. Rather than fighting through a sea of acronyms, focus on what’s really important - How can I simplify my security infrastructure and improve my ability to fight off advanced attacks, no matter where they occur in the network?

    This session will present a new way of thinking about firewalls, one without the confusion, acronyms and complexity.
  • Ne laissez pas la réglementation des données ralentir votre transformation Ne laissez pas la réglementation des données ralentir votre transformation Hervé Doreau, Directeur Technique – Symantec France Nov 8 2016 10:00 am UTC 60 mins
    L’adoption du modèle SaaS se répand plus vite que prévu. Cependant, alors que ce phénomène s’accélère, les entreprises découvrent toute une série d’obligations à la fois juridiques et réglementaires en termes de conformité des données qui peuvent s’avérer difficiles à satisfaire de façon homogène ou qui sont susceptibles de ralentir l’adoption des applications SaaS et de ce fait l’innovation.

    Découvrez :

    • Comment les entreprises peuvent tirer pleinement parti des applications SaaS tout en répondant à la complexité de leurs obligations en termes de conformité des données sans que cela n’affecte la qualité d’utilisation des applications SaaS. Découvrez comment protéger les données sensibles tout en bénéficiant de tous les avantages offerts par les applications SaasS sans que cela ne se fasse au détriment des fonctionnalités SaaS telles que la recherche, le tri et la création de rapports sur les données sensibles.

    • Les différentes méthodes de brouillage des données telles que la tokenization ou le chiffrement pour comprendre toutes les modalités de la conformité des données dans un environnement SaaS.

    • Si le chiffrement de votre fournisseur d’application SaaS vous permet de répondre à vos obligations de conformité de données lorsque des données sensibles chiffrées sont inactives. Quelles sont les implications en matière de conformité de données de la gestion des clés et qui contrôle les clés de chiffrement ?
  • The 4 Dimensions of Breach Investigations The 4 Dimensions of Breach Investigations Stuart Clarke,CTO for Security &Intelligence; James Billingsley, Principal Solutions Consultant, Cybersecurity &Investigation Nov 8 2016 10:00 am UTC 45 mins
    Initiating a breach investigation can be daunting without the right approach or the right tools. Where to begin?!

    Join Stuart Clarke, Chief Technology Officer for Security & Intelligence at Nuix, and James Billingsley, Principal Solutions Consultant, Cybersecurity & Investigations at Nuix, as they uncover the four dimensions of breach investigations and show how connecting the dots across seemingly unassociated facts can lead to determining the “who, what, where, when, and how” of security incidents.

    Attendees of this session will:

    * Gain understanding the criticality of having thorough visibility and access into all data and file types when conducting investigations in order to turn what’s outwardly disparate into a clear picture

    * Learn why humanising the data aggregated during an investigation - connecting electronic data with human facts—provides a deeper level of visibility and understanding of threat scenarios

    * Find out how this four-dimensional approach empowers incident responders to determine the best path to resolution

    * Get a sneak peek into the future of security investigations
  • The Correlation Between Cybersecurity and Financial Security The Correlation Between Cybersecurity and Financial Security Milica Đekić, Contributor, Cyber Defence Magazine Nov 8 2016 11:00 am UTC 45 mins
    The purpose of this webinar is to provide a deep insight into the concerns of cyber defence for small and midsize enterprises, taking into account all the financial aspects of those organisations.

    As the case study to this research, we would use the example of Republic of Serbia being the part of Southeastern Europe. Through such an overview the audience would get familiar with all the pluses and minuses of doing a business in that part of the world. Also, we would mention that investing into a cybersecurity amongst a small business – primarily relying on well-developed cyber procedures as the ways of the incident prevention as well as some smart steps of incident response and managing the risk may affect your businesses lose less funds being the consequence of cyber diversions – so make them stay financially secured.

    The audience who would learn the most from this presentation could be IT Security Professionals, Financial Professionals and potential Investors who would intend to take advantage over skilful workforce not being that expensive.