Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
For many years, women have represented roughly half of all university graduates. Yet, there is a lingering imbalance of women that progress to senior leadership positions.
Join two industry trailblazers, Jo Stewart-Rattray, the first woman to serve as CIO with responsibility for both operational and business IT in the Australian utilities space and Theresa Grafenstine, the first woman to serve as the Inspector General of the US House of Representatives, as they discuss how they cracked through the proverbial glass ceiling.
Attendees will get practical advice on becoming a trusted advisor, building your personal brand, joining the “Old Boys Club,” and the art of gaining influence.
Jo and Theresa will also reflect on their careers and share lessons learned on the bumps and bruises they encountered along the way with “What they wished they knew 20 years ago…”
At the end of what will surely be a spirited discussion, attendees will have a chance to pose questions to these two role models who blazed a trail for women in the IT profession.
The demand for digital data preservation has increased drastically in recent years. Maintaining a large amount of data for long periods of time (months, years, decades, or even forever) becomes even more important given government regulations such as HIPAA, Sarbanes-Oxley, OSHA, and many others that define specific preservation periods for critical records.
While the move from paper to digital information over the past decades has greatly improved information access, it complicates information preservation. This is due to many factors including digital format changes, media obsolescence, media failure, and loss of contextual metadata. The Self-contained Information Retention Format (SIRF) was created by SNIA to facilitate long-term data storage and preservation. SIRF can be used with disk, tape, and cloud based storage containers, and is extensible to any new storage technologies. It provides an effective and efficient way to preserve and secure digital information for many decades, even with the ever-changing technology landscape. Join this webcast to learn:
•Key challenges of long-term data retention
•How the SIRF format works and its key elements
•How SIRF supports different storage containers - disks, tapes, CDMI and the cloud
•Availability of Open SIRF
SNIA experts that developed the SIRF standard will be on hand to answer your questions.
If a volcano erupts in Iceland, why is Hong Kong your first supply chain casualty? And how do you figure out the most efficient route for bike share replacements?
In this presentation, Chief Data Scientist Dmitri Adler will walk you through some of the most successful use cases of supply-chain management, the best practices for evaluating your supply chain, and how you can implement these strategies in your business.
Enterprise development teams are frequently working with multiple types of SCM repositories, such as Git and Subversion. Git does a solid job handling source code; Subversion does a solid job handling binary artifacts and is likely where many older projects' full histories reside. Managing both Subversion and Git repositories together is quite a challenge. Join us to learn how to make it easy.
Federal contractors that process, store or transmit what’s called Controlled Unclassified Information have until December to implement new, more stringent security guidelines to protect that information. Chances are your organization already meets some of the requirements, but it’s unlikely that you meet them all. Join us to identify what’s new, what’s not, what you have to do and how to assess the impact.
Are you burdened with regulatory mandates that require the proper compliance controls and audit trails? Do last-minute security updates hold-up your application releases—or more problematic, have you missed security patches that impacted the business?
In this 30-minute webcast:
-Discover what it means to shift your security thinking left and incrementally improve security as part of your continuous delivery practice.
-Learn how you can apply the right levels of governance, gain end-to-end transparency and ensure full auditability of your releases.
-See how an Application Release Automation (ARA) solution like CA Release Automation enables you to deliver applications with the agility and speed required by your business while enabling you to stay in control.
At the end of this webcast, you’ll have insights into how to mitigate digital risks as you apply continuous delivery practices.
The use of web enabled devices has profoundly changed the world we live in. The average American now spends upwards of 10 hours per day in front of some form of electronic medium. More and more, the smart phone is becoming the device of choice to communicate, get news/information, and share social information on a real time basis. This is how people navigate through today's world and has had a significant behavioral impact as a result.
Internal Auditors can benefit greatly from understanding how to best integrate this new wealth of information in their audits and investigations. The future of both audits and investigations will need to rely more on technology but cannot neglect the impact and role of the “human element”. Points of particular interest include:
•social media searches to identify where someone has been and plans to be,
•location enabled services identifying where someone's phone (and presumably they) have been,
•devices and apps measuring and sharing individual’s mobility and activity,
•the trend towards this data going directly to the public cloud, and
•the emergence of the "internet of things".
SAP customers are becoming increasingly exposed to financial risk through audits, particularly where third party applications and add-ons indirectly access and use SAP data.
This type of access is known as Indirect Usage.
In this webinar, we explain how some of the recent amendments to SAP’s terms and conditions might lead to further exposure for your organization. You will learn how to efficiently highlight activity in the SAP system to identify where Indirect Usage may be taking place and what to do about it.
Don’t walk your organization into a hefty audit fine! Make sure that you’re fully prepared and reduce your exposure to a minimum.
Kommt es Ihnen so vor, als hätten die Angreifer den Vorteil zunehmend auf ihrer Seite? Es gibt immer öfter Berichte über erfolgreiche Cyberattacken und Datenverluste, obwohl die Ausgaben für Sicherheitsmechanismen ebenfalls steigen. Der Schutz muss verbessert werden und dabei ist der erste Schritt mehr Visibilität.
In unserem Webinar zum Thema Transformation für mehr Sicherheit durch Sichtbarkeit zeigen wir Ihnen, wie Sie in drei Schritten Ihr Netzwerk sicherer machen:
• See: Erkennen Sie jedes Endgerät, sobald es sich mit dem Netzwerk verbindet. Dabei spielt es keine Rolle, ob Firmengerät, BYOD oder Endpunkte aus dem Internet der Dinge (IoT) – alle Devices werden ohne den Einsatz von Agenten erkannt
• Control: Verwalten Sie Netzwerkzugriffsrechte für Gerätegruppen auf Basis von festgelegten Sicherheitsrichtlinien. Zudem können kritische Endpunkte automatisch bewertet und gesichert werden
• Orchestrate: Teilen Sie Informationen mit bestehenden Sicherheitslösungen und automatisieren Sie Arbeitsprozesse durch die Extended Modules von ForeScout
Privileged IT users hold significant power in an organisation. They can delete, change or read emails and create, reset or change user accounts amongst other things. In many cases the privileged user can easily bring a business to its knees.
Businesses may be aware of the scale of the privileged insider threat but efficiently managing these users often remains an aspiration. Join Amar Singh in this interactive webinar as he talks to privileged management expert Joseph Carson and discusses how you can expertly manage your privileged users.
Cyber Management Alliance's webinars are highly interactive and have a higher than normal user interaction during the webinar. So, sign-up now and take this opportunity to ask, learn and share.
Wie verhindern Sie, dass die DSGVO lediglich zu einem lästigen Kostenfaktor für Ihr Unternehmen wird? Indem Sie die Verordnung dazu nutzen, Ihre Strategien für Informationssicherheit und Datenschutz zu überarbeiten.
Die DSGVO beruht auf dem Prinzip einer guten Daten-Governance. Wenn Sie sich dieses Prinzip zu eigen machen, können Sie die Verordnung nicht nur leichter einhalten, sondern auch andere geschäftliche Risiken mindern. Ein Fokus, der sich auf eine solide, langfristige Datenschutzstrategie richtet, bringt laufende Vorteile mit sich, zumal Cyberbedrohungen und Datenschutz zu den größten Risiken für Unternehmen zählen. Wenn Sie Informationsschutz und Sicherheit in Ihren DSGVO Plan einbeziehen, können Sie vorhandene Infrastruktur nutzen und sich auf die wichtigsten Verbesserungsbereiche konzentrieren.
Hören Sie sich an, was die Teilnehmer unserer Diskussionsrunde zu den Hürden zu sagen haben, vor denen Unternehmen am häufigsten stehen, und erfahren Sie, wie die Integration von Technologie dabei helfen kann, diese zu bewältigen. Das Webinar bietet einen grundlegenden Überblick über die Bestimmungen der DSGVO, erläutert einen Ansatz für die Ausarbeitung Ihres Plans und erörtert die Vorzüge verschiedener Technologien zur Verbesserung des Datenschutzes. Außerdem werden die weiteren Auswirkungen aufgezeigt, insbesondere im Hinblick auf Sicherheitskultur und Prozessgestaltung, um die erfolgreiche Umsetzung Ihrer Strategie zu gewährleisten.
How do you stop GDPR becoming just a burden to your business? By using it to fundamentally review your information security and data privacy plans. Why?
As GDPR is based on the principal of good data governance, adopting that mindset will not only ease your ability to comply, but reduce other business risks. A focus on a robust, long term, data protection strategy will deliver ongoing benefits, particularly as cyber threats and data protection are cited as top risks to organisations. Encompassing information protection and security, within your GDPR plan will allow you to utilise existing infrastructure allowing to focus on the key improvement areas.
Join our panel to hear their views on the most common hurdles organisations face, and how integrating technology can help you overcome these. The webinar will provide a basic overview of the GDPR regulations, identify an approach you can take to develop your plan and discuss the merits of different technologies in improving data protection. The panel will also identify the wider implications, particularly regarding security culture and process design to ensure successful implementation of your strategy.
For a corporate IT organization to create business value, then it needs to focus on things beyond the IT infrastructure, including: understanding customer needs and wants; delivering high quality services, support, and customer service; and effective financial stewardship.
Attend this webinar for practical help with five opportunities to improve how corporate IT organizations are run, and the value they ultimately provide to their business, across:
2.Improving service desk performance while reducing costs
3.Redefining services through BRM and service portfolio management
4.Better IT asset management
5.Financial management that focuses on the right things
If a database is filled automatically, but it's not analyzed, can it make an impact? And how do you combine disparate data sources to give you a real-time look at your environment?
Chief Executive Officer Merav Yuravlivker discusses how companies are missing out on some of their biggest profits (and how some companies are making billions) by aggregating disparate data sources. You'll learn about data sources available to you, how you can start automating this data collection, and the many insights that are at your fingertips.
The mainframe is mission essential in the application economy and hosts the majority of the world’s corporate data, processes over 2.5 billion mobile transactions per day and touches 55% of all applications. And while the connected mainframe drives significant business value, it also brings sophisticated threats and looming regulations along with it.
Join Jeff Cherrington, Senior Director of Mainframe Security Product Management at CA Technologies for an overview of the mainframe security landscape, examine how the mainframe fits into the overall enterprise security strategy, and best-practices on how to secure the most sensitive and regulated data in the business - from access control to data protection to compliance.
Microsoft Azure is experiencing enormous growth as an increasing number of organizations turn to Azure to more easily launch and scale applications and services, and achieve the benefits of using the cloud. Azure offers several native platform capabilities and services to help ensure these workloads are secure, easy to manage, and able to scale to meet demand. Organizations are rethinking their approach to securing these dynamic environments, not because cloud platforms are insecure themselves, but because the vast majority of legacy on-premises security products and strategies do not work for cloud workloads.
Join Alert Logic team member Vince Bryant, Cloud Platform Partner Executive, for an in-depth webinar where we will discuss best practices for securing applications running on Azure and in multi-cloud deployments, including:
• Five things you must consider when securing applications running on Azure or multi-cloud deployments
• Tips for addressing your responsibilities in the Microsoft Azure Shared Security Model
• Case study: Learn how Bentley Systems addressed customer and compliance requirements in their multi-cloud deployments
For many enterprises 2017 will be the year they start automating security changes for increased agility across their hybrid network.
Tufin is ready to provide policy-based automation across legacy and next generation networks, physical FWs and cloud platforms.
Join us to learn about the enhancements in Tufin Orchestration Suite R16-4:
•Policy-based automation for Check Point R80
•End-to-end automation for rule and server decommissioning
•Built-in enforcement of cloud tag policy
and much more.
As the simplest way to mitigate risks, many organisations are opting to deploy the Full Disk Encryption (FDE) capabilities built into their operating systems as an enterprise standard. For enterprises dominated by the Windows OS, experts highly recommend that to get the most out of BitLocker, organisations should consider a third party BitLocker management solution. So take 30 minutes with WinMagic’s Corporate Account Manager, Ben Thirlby, and learn how to achieve more robust security from your BitLocker deployment.
1.Why you should support a multi-OS or BYOD environment within one solution
2.How you can reduce the current pressures on your help desk and IT Admins
3.Discover how an intelligent key management solution can simplify your encryption needs, from deployment to compliance
The Fourth Industrial Revolution is in all full swing with the Internet at its core. While the Internet is connecting everyone and everything it also connects us to a variety of nefarious threat actors, who have found ways to exploit and monetize many aspects of our digital world. In recent times, one area has been DDoS, which has become one of the top cyber threats du jour.
In this webinar, you will learn:
- Historical developments in the DDoS threat landscape
- How criminal operators are building out their botnets – discover, infect, operate and maintain
- Technical examination of new botnet trends such as the Mirai IoT botnet
- Architectural concepts and design for DDoS mitigation solutions - covering cloud and data centre environments
- Response strategies to defending and responding to DDoS attacks
- Predictions for future and next steps.
Join Akamai and (ISC)² on Feb 15 (Wed) at 13:00 (Singapore time) and learn about the DDoS threats of past, present and future.
Data scientists know, the visualization of data doesn't materialize out of thin air, unfortunately. One of the most vital preparation tactics and dangerous moments happens in the ETL process.
Join Ray to learn the best strategies that lead to successful ETL and data visualization. He'll cover the following and what it means for visualization:
1. Data at Different Levels of Detail
2. Dirty Data
4. Processing Considerations
5. Incremental Loading
Ray Rashid is a Senior Business Intelligence Consultant at Unilytics, specializing in ETL, data warehousing, data optimization, and data visualization. He has expertise in the financial, manufacturing and pharmaceutical industries.
Managing data security across a distributed enterprise – deployed on-prem or in the cloud – is a daunting task. Imperva has powerful centralized management and reporting solutions that unify and streamline security operations to simplify distributed management. This webinar will provide an overview of SecureSphere MoM, providing visibility into system wide performance and problem areas by aggregating performance and status metrics for individual MX Management Servers, Gateways and Agents in a single dashboard view.
This webinar will cover the results of the third annual SANS survey on incident response. It will explore the continuing evolution of incident response, how tactics and tools have changed in the last three years and how security professionals are dealing with increasing numbers and kinds of attacks.
•How integrated incident response tools are in the typical organization
•What impediments hamper effective incident response
•How budget allocations are projected to change over the next 12 months
•Improvements planned in the next 12 months
Complete the form to learn takeaways and recommendations for incident response from industry experts.
Over the past year, we have seen data breaches shift towards identity-based breaches, targeting personal information of either employees or consumers. The access to the information is used to craft and construct highly organized attacks on enterprises and is a growing contributor to identity theft. The problem is compounded by the convergence of personal and work place identities, ultimately creating major security challenges for companies.
Our 2016 Authentication and Access Management survey found 90% of enterprise IT professionals are concerned that employee reuse of personal credentials for work purposes could compromise security. During the webinar, we’ll be discussing this and other trends in the strong authentication and access management market, including:
- The status of the two-factor authentication market and what we can expect in the years to come
- The enterprise risk issues of using social media credentials to access to corporate resources
- The role the cloud is playing in the enterprise especially as it relates to single sign on and application management and access
- The ongoing challenges enterprises cite as barriers to mass adoption of a mobile workforce
These days it's not a matter of if you'll be breached, but when. Security teams in the modern enterprise must accept that as well as efforts to protect their perimeter, they must also focus on understanding their east-west traffic.
This panel discussion will look at the trends and technologies influencing cyber security strategy in 2017, in particular those that deal with effectively monitoring your network to ensure your organisation handles vulnerabilities and stays breach free.
- Josh Downs, Community Manager - Information Security, BrightTALK (moderator)
- Jeff Costlow, Director of Security, ExtraHop Networks
- Rami Mizrahi, VP of R&D, TopSpin Security
- Francois Raynaud, Founder, DevSecCon
Tune into this panel conversation if you're a network or security professional looking to hear the latest trends and security best-practices to defend against a constantly evolving opponent.
Discover the latest trends in cyber attacks and how they are shaping the security strategy across industries and on a national level.
Join this keynote panel session for an interactive discussion on the emerging technologies and tactics used by attackers, the role of artificial intelligence and machine learning in cyber attacks and cybersecurity, and the best practices for improving security for your organizations.
- Mark Weatherford, Chief Cybersecurity Strategist at vArmour
- Ann Barron-DiCamillo, VP Cyber Threat Intelligence & Incident Response at American Express
- Paul Kurtz, CEO of TruSTAR
- Leo Taddeo, CSO of Cryptzone
- Scott McAfee, ISO and Head of IT, ThreatTrack (VIPRE)
Imperva offers comprehensive application protection that has the flexibility to be deployed on-premises or in-the-cloud protecting business-critical applications and infrastructure. This webinar will provide a complete overview of Imperva’s unique application security product portfolio that will enable your organization to defend itself against DDoS attacks, web-based threats and other emerging zero-day attacks. Learn how easy and flexible it is to deploy the solution in any environment and watch a live demo.
By now you've probably heard about new ransomware threats like CryptoWall, which encrypts your data and demands payment to unlock it. These threats are delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server, they start to encrypt files throughout your network. Therefore, spotting infections quickly can limit the damage.
AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the hackers’ command and control server. How does it all work? Join us for a live demo that will show how AlienVault USM detects these threats quickly, saving you valuable clean up time by limiting the damage from the attack.
How AlienVault USM detects communications with the command and control server
How the behavior is correlated with other signs of trouble to alert you of the threat
Immediate steps you need to take to stop the threat and limit the damage
Organizational efficiency and convenience were the initial appeal of the cloud: add servers when you need them, get rid of them when you don't. Offering businesses the ability to automatically scale with workload and application needs, the cloud offers endless potential to grow at scale. As cloud technology continues to evolve and diversify—from public to private, hybrid to multi-cloud—the use cases and potential benefits have also expanded. And, unlike traditional IT, cloud performance and capacity drivers also tend to improve infrastructure security. During this webinar, we'll explore:
*Using cloud security as a competitive advantage for your business
*How focus on performance, agility, and efficiency in cloud mutually benefits security
*The changes in thinking and design necessary to unlock the cloud’s potential for improving security
*Practical strategies for automation, monitoring, mitigation and incident response
Join 451 Research and CloudCheckr for an exclusive webinar to discuss trends, challenges, and opportunities for organizations looking to leverage the true potential of the cloud.
CloudCheckr is a unified cost and security automation platform that gives you visibility, insight, and automation for your AWS environment. CloudCheckr delivers a suite of products for cloud operations, security and finance teams for Cost Management, Security and Compliance, Utilization and Inventory.
Seamlessly integrating AppSec testing into CI processes earlier in the SDLC has become the holy grail of DevOps and security teams. Achieving this means apps are not only more secure and can be deployed more quickly, but companies are also able to reap substantial cost and resource savings.
Join Mike Goldgof, WhiteHat Security’s VP of Marketing, to learn about best practices and what’s needed to fit security testing into highly-automated Agile DevOps processes, that are transforming the development world and speed of delivery dictated by businesses today.
Cyber-crimes are alive and well on the global stage. Don’t resist taking the necessary defense measures to stop threats from slipping through the cracks. In this SonicWall Security Annual Threat webcast, we’ll present the most common attacks in 2016 and the ways we expect new threats to affect businesses throughout 2017.
Some report highlights:
•Ransomware changes in 2016 and the effects on malicious email and exploit kits
•The growth and challenges of SSL
•How Internet of Things devices were exploited and different security steps some organizations are taking in response
•Developments in Android security
•Changes in Point of Sale Malware compared to 2015 and useful lessons to be learned
Threat Actors figured out long ago that automating and orchestrating their attacks gives them the ability to conduct their campaigns more efficiently and effectively. The byproduct of these automated attacks is a high volume of events and alerts meant to overwhelm enterprises. Enterprises conducting predominantly manual investigations and remediations will never be able to scale to the level of those attackers utilizing automated tactics.
Join us on February 21, 2017 at 1 PM PT and learn how to quickly and easily
•Understand the scope of automation necessary to combat mass campaigns from attackers
•Understand which automations can be accomplished with the fastest ROI
•Understand how,you can automate and apply internal context, 3rd party intelligence, campaign data, and investigations
•Deploy powerful and proven shortcuts to integrate with alert sources and enforcement systems
A live online panel discussion focused on the debate around AI and machine learning and how they can automate cyber security; catch more threats and malicious attacks and prove a useful weapon against cyber crime.
- Josh Downs, Community Manager - Information Security, BrightTALK (moderator)
In the world of endpoint security and antivirus there no less than 37 new endpoint security products that have emerged in the past five years, each claimed to address the changing landscape, but is it all just hype?
Learn more about Machine Learning, what it is, how it works, and what else you need to protect yourself across all points of attack.
Key Learning Objectives:
•What is the state of the industry for Endpoint Protection technology
•Why machine learning is not enough
•Discover how to reduce the number of agents on your endpoint with the high-performance lightweight agent that includes advanced machine learning, exploit mitigation, antimalware, and more
From Haitian folklore to George A. Romero’s Dawn of the Dead, the use of Zombies in fictional settings has experienced a strong resurgence in recent years. With fact mirroring fiction, the real world has also faced the terror of dealing with a rise of mindless automatons capable of creating mass devastation on an international scale.
We are of course talking about the rise of Botnets.
Come join us for an interactive presentation with chief zombie-wrangler, Ronan Lavelle, on the insidious rise of this threat looking at recent attacks, the link in growth to insecure IoT devices and just what we can do to combat them.
This webinar is perfect for cyber professionals those who want to:
- stop data loss by defending against botnets
- better respond to incidents and remediate
- reduce attack surfaces and counter threats