IT Governance, Risk and Compliance

Community information
Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
  • Next-generation firewalls and sandboxes stop attacks at various steps, but they only react to malicious communications and code after attacks have launched.

    There’s another way—observing where attacks are ‘staged’.

    We’re going to demonstrate how we can visualize Internet infrastructures for visibility into where attacks will emerge. Then, we’ll know where advanced malware will be downloaded and where compromised systems will callback—before attacks launch.

    In this live session, you’ll learn:

    7 steps of an attack and how you can use this data to get ahead of new security events.
    3 ways to uncover malicious activity by looking at domain names, IP addresses, and autonomous system numbers (ASNs).
    How to apply this intelligence to your current defenses.
  • Many organizations have struggled with BYOD programs due to MDM/MAM deployment challenges, user privacy concerns, and low adoption. This is causing some to question BYOD altogether. Fortunately, data shows that there is huge demand for BYOD, but such programs must meet employee needs in addition to IT needs.

    In this webinar, you'll learn where existing BYOD programs have fallen short, and how the next-generation of mobile security products will ensure secure, broad adoption of BYOD.

    Receive (ISC)² CPE credits for attending this webinar.
  • In this 30-minute webcast, industry experts Mike Rothman, President of Securosis Research and Wolfgang Kandek, CTO of Qualys will share their top recommendations for making the most of National Cyber Security Awareness Month. With data breaches in the headlines of nearly every online magazine, it’s never been a better time to maximize cyber security awareness and translate it into pragmatic results for the enterprise.

    During this webcast, attendees will learn
    * Which tactics have the greatest effect on fostering cyber security awareness throughout the enterprise

    * How to foster a risk-aware security culture while still encouraging trust among your employees and partners

    * How to bridge the gap between IT security and IT operations (hint: knowing more about your assets is the first step)
  • Wishful thinking or a cursory security assessment may have worked in the past but dealing with persistent and advanced threats requires an equally sophisticated and mature approach.

    While APT’s are on the rise and the use of zero-day vulnerabilities can be one of the weapons for such attacks, reality is that the large majority of incidents – advanced or not – occur using known vulnerabilities. Resolving these is, therefore, paramount to reducing the attack surface for cyber criminals.

    Join Amar as he shares his tips on adopting a mature and continuing vulnerability management process that can help organizations reduce risk and be better prepared to respond to APT’s.
  • According to Verizon’s “2015 Data Breach Investigation Report,” the cyberattacks are becoming increasingly sophisticated. Cybercriminals have been successful in creating new techniques and deceptive tactics that outpace security efforts. Under these conditions, what would be your approach to dealing with security threats?

    Join us for a live webinar session and discover how auditing can help mitigate the risk of data breaches and solidify your security strategy overall. During the session, we will talk about:
    - The latest data breaches and their ramifications;
    - How auditing complements threat-defense mechanisms;
    - What should be audited and why.
  • Today’s cyber attacks have become increasingly more sophisticated, requiring organisations to embrace an agile and ever more adaptive approach to their cyber security strategy. Join our webinar as we discuss the changing landscape of advanced threats in EMEA, look into the anatomy of APTs and explain why conventional security methods are no longer equipped to deal with these advanced attacks. In addition, we’ll share insights into real-life case studies of advanced threat actors using zero-day attacks and how an adaptive defense model allows FireEye to quickly respond, detect and remediate such attacks.
  • Businesses are spending so much money on security -- almost $47 billion in 2013 -- and yet the number of breaches continues to increase. To mitigate the risks of increasingly sophisticated, innovative and persistent threats, we need to change the way we think about our security programs. In this webcast, Art Gilliland, General Manager of HP Enterprise Security Products, talks about the challenges all enterprises face from the bad guys -- and the critical steps businesses must take to defend against today's most advanced threats.
  • Jason will introduce some of the major challenges associated with monitoring and logging cyber security events, highlighting the need to identify indicators of compromise at a much earlier stage and in a more consistent, insightful manner.

    He will present a cyber-security monitoring framework, emphasising the benefits of taking a balanced, intelligence-led approach, based on fundamental log management and situational awareness. He will then look at what a cyber-security incident actually is and outline how to prepare for and respond to a cyber-security incident effectively – ensuring that it is properly followed up - helping to reduce the frequency and impact of future cyber security incidents.

    Finally, Jason will introduce a cyber-security incident response maturity model, showing how you can measure the maturity of a cyber-security incident response capability.
  • Veritas NetBackup appliance è la soluzione efficace e innovativa che semplifica e ottimizza le procedure di backup e recovery.
    Una soluzione pratica che garantisce la scalabilità necessaria per adattare il tuo business ad ambienti, fisici, virtuali e cloud. Performance ed efficienza cresceranno insieme ai profitti: i tuoi team potranno dedicarsi ai clienti e alle attività di business, promuovendo al meglio l'innovazione!
    Che benefici puoi ottenere con le appliance NetBackup di Veritas?
    Scoprilo partecipando al nostro Webcast del 7 ottobre.
  • The growing sophistication and evasiveness of cyber threats have redesigned the paradigms of the information security landscape. Since traditional signature-based technologies alone cannot keep the pace with advanced threats, a breed of new technologies has been developed to fill the gap in what seems an endless arms race against malware creators. In the same time, the volatility of the perimeter, direct consequence of the growing adoption of cloud services, dramatically broadens the vulnerability surface of the organizations, requiring a new approach for the CISOs in terms of both technologies and policies.

    In this webcast we will analyse the current threat landscape related to advanced malware, demonstrating that, unlike what is commonly believed, it is not necessarily related to state-sponsored operations, but it is frequently used even in opportunistic attacks (and in several cases also available as a P/SaaS model).

    After showing the characteristics that make a malware “advanced” (evasion at the endpoint and network level, polymorphism, etc), the webcast will outline the foundations of a multi-layered approach needed to detect, contain and mitigate the threats posed by advanced threats.
  • Comprenez ce qui s’est passé et rétablissez l’activité rapidement

    Au cours des deux premiers webcasts, nous avons vu pourquoi les violations sont inévitables et comment détecter rapidement un menace avancée. Dans ce dernier épisode, nous allons voir comment Advanced Threat Protection peut efficacement résoudre le problème et supprimer les malwares de vos systèmes. Rétablir l’activité, cependant, ne suffit pas : il faut aussi améliorer sa préparation pour l’avenir. Nous y viendrons également

    Inscrivez-vous ici.

    Webcast 1: Advanced Threat: que faire en cas de violation de sécurité inévitable? -

    Webcast 2 - Advanced Threat Protection : j’ai subi une violation de sécurité, que s’est-il passé ? -
  • Learn how data encryption and encryption key management address compliance for healthcare providers and payers. Join Derek Tumulak, VP Product Management at Vormetric, and Tricia Pattee, HOSTING Product Manager as they discuss how HIPAA/HITECH regulations impact electronic protected health information (PHI) and best practices to safeguard sensitive patient data.

    Discover how:
    • HIPAA and HITECH regulatory mandates impact data security for healthcare institutions
    • Strong encryption and policy-based access controls provide a separation of duties between data security and system administrators
    • Secure key management and policy management ensure consistency in applying policies and encryption keys to both structured and unstructured data
    • Rapid implementation is achieved because encryption is transparent to users, applications, databases and storage systems
    • The HOSTING and Vormetric cloud solution can satisfy HIPAA and HITECH compliance requirements in the cloud
  • This webinar explores the best practices for distributing policies, determining when and how to provide education and how to build awareness campaigns. We often think that once a policy has been formally issued the job is done, but that is far from the truth. Properly communicating the policy is only the start.

    Attendees will learn the challenges, best practices, and benefits of a well thought out policy communication plan.
    Register now to join IT GRC industry expert, Michael Rasmussen as he discusses best practices in policy awareness and communication.
    Learning Objectives:
    - Define the key parts of a policy communication plan
    - Identify methods for tracking and delivering training and attestations
    - Determine ways to enable employee access to policies and related materials
    - The role of training and education
    - The policy portal – delivering an interactive employee experience for policy management
    - Getting employee questions answered
    - Attestations, read and understood, certifications
    - How technology enables employee engagement on policy
  • We caught up with F-Secure's Mikko Hyppoen to get his thoughts on the ever-relevant Privacy vs. Security debate.

    Mikko discussed the sensitive equilibrium required to protect data and ensure it's privacy; the influence that the EU's Safe Harbour ruling will have and how security should be the responsibility of all, not just the government.

    He also gave his one key piece of advice for keeping your data private and secure.
  • Last year, hackers targeted retail companies and their POS systems to steal vast amounts of credit card and financial data. This year, things have changed as cyber criminals are now going after identities, making data breaches much more personal. While credit cards can be easily replaced, personal identities cannot. This webinar looks at the major data breach trends in 2015. Who is doing the hacking, how they are doing it, and what industries are being targeted most. In addition, listeners can get a new understanding of how to approach to data security and “Secure the Breach”.
  • Don’t stay behind. Embrace convergence
    Staggering complexity. Relentless growth. Bare metal, Virtual, Private Cloud? Sound like your data center and the daily challenges you face in your backup infrastructure?

    Register for this webcast and get straight answers on simplifying enterprise data protection, scaling for growth, and increasing agility. You’ll learn how Veritas NetBackup reduces complexity through comprehensive integration, a converged platform, and efficiencies through automation and self-service operation.

    Attend the webcast and learn how to:
    •Reduce the increasing complexity of protecting a modern enterprise IT environment
    •Scale with the relentless growth of the modern enterprise data center
    •Adapt your backup infrastructure to challenge your traditional backup model?
    •Ensure you understand how your can modernize your backup with converged backup appliances

    Learn how to you can focus your team on activities that drive revenue.
  • La convergence des infrastructures de sauvegardes personnalisées avec les appliances Veritas NetBackup est la stratégie adaptée à votre entreprise. Il s'agit de la manière la plus efficace de simplifier considérablement votre sauvegarde et votre récupération.
    Grâce à une solution rationalisée, votre entreprise peut évoluer vers n'importe quelle taille et n'importe quel type d'environnement (physique, virtuel ou cloud). Grâce à l'amélioration des performances et de l'efficacité, vous économiserez du temps et de l'argent. Vos équipes auront alors le temps de se concentrer sur vos clients et sur les activités génératrices de revenus. Et grâce à cette augmentation de revenus, vous pourrez innover.
    Alors, combien pouvez-vous économiser avec Veritas NetBackup, en particulier dans un environnement virtualisé ?
    Inscrivez-vous dès maintenant à notre Webcast diffusé le 7 octobre
  • Die Konvergenz herkömmlicher Backup-Infrastrukturen mit Veritas NetBackup-Appliances ist die richtige Strategie für Ihr Unternehmen. Es ist die effizienteste Methode, um Ihr Backup und Ihre Wiederherstellung deutlich zu vereinfachen.
    Mit einer einzigen optimierten Lösung kann Ihr Unternehmen sein Backup für Umgebungen jeder Größe skalieren – ob physisch, virtuell oder cloudbasiert. Leistung und Effizienz werden erhöht und Sie sparen Zeit und Kosten ein. So haben Ihre Teams mehr Zeit, sich auf Ihre Kunden und gewinnbringende Projekte zu konzentrieren. Denn höhere Gewinne bedeuten, dass Sie mehr in Innovation investieren können.
    Wie viel Kosten können Sie also mit Veritas NetBackup einsparen, insbesondere in einer virtualisierten Umgebung?
  • Конвергенция используемых Вами традиционных инфраструктур резервного копирования с устройствами Veritas NetBackup ─ это оптимальная стратегия для Вашего бизнеса. Это самый эффективный способ существенно упростить резервное копирование и восстановление данных.
    Одно усовершенствованное решение позволит Вашей компании масштабировать среду любого размера и типа — физическую, виртуальную или облачную. А увеличение производительности и эффективности поможет сэкономить время и деньги. У Ваших сотрудников будет достаточно времени, чтобы сосредоточиться на работе с клиентами и деятельности, которая увеличивает Ваш доход. А увеличение дохода обеспечит Вам больше возможностей для внедрения инновационных решений.
    Сколько же денег можно сэкономить с помощью Veritas NetBackup, особенно в виртуализированной среде?
  • Most governments have already created, or are in the process of creating, regulations that impose conditions on the safeguard and use of Personally Identifiable Information (PII), with penalties for organizations who fail to sufficiently protect it. Organizations need to treat privacy as both a compliance and business risk issue, in order to reduce regulatory sanctions as well as reputational damage and loss of customers due to privacy breaches.

    So how will organisations manage infrastructure across multiple domains without falling foul of emerging privacy and data management legislation, particularly when cloud services and personal devices are the norm?

    During this webinar, Steve Durbin, Managing Director of ISF, will discuss how the security function and the board will need to work together to ensure that current regulatory trends and emerging technologies are aligned to maintain business effectiveness and connectivity.
  • Companies everywhere are drowning in data. They are collecting more of it, and at an accelerated pace, while at the same time depending on it more than they have before. Data centers are being constructed around the world to house all this information, but research shows that more than two-thirds of what is being kept is worthless.

    That’s where Veritas comes in.

    The demand for our information management services has never been higher, as there will be more than 44 zettabytes of data in the world by 2020. Using current approaches, IT organizations will be incapable of managing that data – they don’t have the financial or human resources. At Veritas, our business is structured on addressing this issue. We are focused on helping companies harness the power of their information – wherever it resides – by driving availability and revealing insights across heterogeneous environments.

    Join this webcast to learn more about the Veritas vision, where an information-centric approach is taken over infrastructure-centric and we explain our three core beliefs;
    • More data does not deliver more value
    • Infrastructure availability does not mean application availability
    • Not all data is created equal
  • NSX brings tremendous power. Do you have the right controls in place?

    In this presentation, see how HyTrust CloudControl NSX, 2015 winner of the Best of VMworld for Security, Compliance and Virtualization, has fortified VMware NSX with better security, enhanced policy enforcement and better compliance.
  • As organizations become more and more data-centric, the way this data is put to use and delivered via applications and services holds the key to the organization’s overall competitiveness and success.

    A consolidated data center environment provides an optimized platform for innovation, applications and services delivery, cost reduction and efficiency.

    Consolidation in the data center has multiple facets, all introducing security challenges and risks that must be recognized and dealt with.

    This session will introduce the consolidated data center environment, the technologies deployed, their related security challenges and the possible solutions available.