Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Metric and Measurement Mistakes that Destroy Agile - 1 PMI PMP PDU Credit Metric and Measurement Mistakes that Destroy Agile - 1 PMI PMP PDU Credit Andy Jordan, ProjectManagement.com Recorded: Aug 25 2016 58 mins
    To be a high performing business, you require effective metrics and measurements that will help you gain valuable performance insights which will help drive informed and strategic decisions for your organization. Join Andy Jordan, ProjectManagement.com as he discusses what people are doing wrong when it comes to Agile metrics and provide guidance on how to get it right – the first time. Andy will also discuss the risks of using common metrics between Agile and waterfall approaches as well as why organizations need to focus on value-based metrics rather than arbitrary metrics of progress.

    This session is approved for 1 Project Management Institute (PMI) PMP PDU Credit.
  • How to Defend Against Email Fraud - in partnership with CSO How to Defend Against Email Fraud - in partnership with CSO Scott Brown, CERT Australia & Mark Guntrip, Email Protection, Proofpoint Recorded: Aug 25 2016 55 mins
    Online criminals used to favor scattershot campaigns that relied on emailing hundreds of people in the hopes of tricking even a few of them into clicking on malicious attachments. These days, however, businesses face a new threat as ever more-calculating attackers conduct extensive research to craft carefully worded emails designed to emulate the CEO, CFO or other key executive.

    These emails, known as email fraud or business email compromise (BEC), are fast exploiting perceptual weak spots by adopting executives' identities in emails pressuring employees into sending sensitive files or wiring large sums of money to a bank account.

    Recent FBI figures suggest the attacks are costing victims an average of $US130,000 per incident and cost more than $US2.3 billion worldwide. Furthermore, it is difficult if not impossible to get the money back.

    Please join the Australian Federal Police, CERT Australia and Proofpoint for a webinar to discuss the emerging threat and strategies for defending against it. Over the course of the session, you will learn:

    · How cybercriminals craft Email Fraud messages and where they get their information
    · How to help executives hide the information that cybercriminals may be using to shape Email Fraud
    · Why your current email filtering solution may struggle to keep up, and what technologies can help in the fight against Email Fraud campaigns
    · What kind of business controls can be put in place to protect against Email Fraud manipulations
  • Top 3 Cybersecurity Challenges Facing Healthcare with Real Life Lessons Learned Top 3 Cybersecurity Challenges Facing Healthcare with Real Life Lessons Learned Sam McLane, Head of Security of Engineering at Arctic Wolf Networks Recorded: Aug 24 2016 42 mins
    Healthcare organizations have become prime targets for cyber criminals. In this webcast, security experts identify three key areas that are critical to improving your organization’s cybersecurity and provide effective strategies to combat cyber attacks using real-life examples.
  • Managed Detection and Response Answers the Question, “Am I Safe?” Managed Detection and Response Answers the Question, “Am I Safe?” Young-Sae Song, VP of Marketing at Arctic Wolf Networks Recorded: Aug 24 2016 31 mins
    Cyber attacks are becoming more complex, and it is becoming harder to determine what the best strategy is for vigilant cybersecurity. Companies feel like they are playing catchup, and there always seems to be another security hole to fill. Join this 30-min webcast to hear about the emerging security service segment, managed detection and response (MDR).
  • Security in the Boardroom Series: Keeping Your Seat at the Table Security in the Boardroom Series: Keeping Your Seat at the Table Ashley Ferguson, Director, SecureWorks Governance, Risk & Compliance Recorded: Aug 24 2016 49 mins
    This webinar will explore another aspect of the CISO’s role as an essential business leader: guiding the organization through the crisis of a breach.

    Featuring insights from CISOs and C-suite leaders who have been there and done that, the program will address incident response planning, setting C-suite and board expectations, and tips for providing the right information in a breach crisis situation to aid decision-making and public disclosures. Learn how to establish your role as part of the solution team, and how to avoid a reactionary response that too often leads to finger-pointing at the security team. You’ll take away actionable insights to apply to your own journey as an essential business leader.
  • Using Container Technologies for Agile, Scalable Application Releases Using Container Technologies for Agile, Scalable Application Releases Ian Philpot, Sr. Technical Evangelist, Microsoft Corporation and John Willis, Director of Ecosystems Development, Docker Recorded: Aug 24 2016 39 mins
    Want faster time to deployment? Need to quickly scale your applications? Microsoft can help.

    Microsoft offers a comprehensive set of container technologies for scalable, high availability, and agile release cadence. Join us for an overview of how containers can improve your organization's application development lifecycle. The session will leverage real world examples and highlight Docker.

    Watch this webcast to understand:
    •The beneficial impact of adopting container technology
    •Installation, security, design considerations and deployment operations followed by a quick tour of the Docker platform
    •How container technology positively impacts operations

    Sign up now to save your space for the live event, or to receive notification when this webcast is available on-demand.
  • ClearCase to Git ClearCase to Git Doug Robinson Recorded: Aug 24 2016 61 mins
    On the surface, ClearCase and Git seem like polar opposites, yet setting architecture aside, they have interesting similarities. A deeper understanding of ClearCase and Git will ease the migration planning process.

    Register for this webinar to learn:
    - How Git and ClearCase differ and how they support some of the same development models
    - Options for moving data into Git with low technical risk
    - How ClearCase MultiSite, ClearCase UCM, and ClearQuest fit into the picture
    - ...and more!
  • BrightTALK Network Security & Hacking Preview BrightTALK Network Security & Hacking Preview Various Recorded: Aug 24 2016 3 mins
    This September BrightTALK will be hosting some of the industry's leading cyber speakers as they discuss Network Security & Hacking.

    Click below to register for the Summit:

    https://www.brighttalk.com/summit/3453
  • Efficiency & Scale in Middle Office Financial Services Efficiency & Scale in Middle Office Financial Services William Fearnley, IDC Financial Insights & Scott Jeschonek, Avere Systems Recorded: Aug 24 2016 59 mins
    Within the financial services industry, middle office analytics and simulations continue to grow in volume and complexity. Massive compute and storage demands cause strain on IT resources. While new technologies promise speed and scalability, evaluating this unique middle office environment requires a look at compliance, risk, and pricing analytics to determine potential gains and losses. In this webinar, IDC – Financial Insights Research Director, Bill Fearnley, looks at current middle office IT workflows supporting analytics, backtesting and financial modeling and evaluates a hybrid cloud infrastructure to support growing demands.

    In this webinar, you’ll:

    · Hear an IDC Analyst’s view on the current financial services IT environment
    · Learn of common challenges and approaches to combat growing strain on compute and storage infrastructure
    · Join in a discussion about the viability of enabling cloud services to expand compute and storage capacity
    · Gain guidance on how large hedge funds and investment banks are overcoming inherent cloud challenges like latency, data accessibility, and cost management
  • It’s a Global Market. Address it! It’s a Global Market. Address it! Thomas Brence, Dir Product Marketing, Informatica - Sheila Donovan, President, Global DM Solutions Recorded: Aug 24 2016 48 mins
    Many corporations are looking overseas for continued business growth in both consumer and business markets. Now more than ever, customer contact data is a vital corporate asset.

    If you are responsible for managing global address data, this webinar is for you. You will learn how to optimize performance from Informatica’s Address Verification product by developing best practices for global address data management.

    During this webinar, viewers will learn:
    •Developing quality acceptance standards for multiple data sources
    •Identifying and troubleshooting poor quality incoming data
    •Creating business rules for exception processing
    •Understanding language and cultural idiosyncrasies that affect address data
    •Educating your team about the Do’s and Don’ts of global address management
    •Developing core best practices for your organization
    •Selecting the best parameters in Address Verification for your specific business needs
    Join industry veteran and thought leader, Sheila Donovan, President and Founder of Global DM Solutions, as she walks through this exciting content.
  • Executive Webinar Series: Cut Audit Prep with Continuous Compliance Executive Webinar Series: Cut Audit Prep with Continuous Compliance John Parmley, Area VP, Tufin Recorded: Aug 24 2016 32 mins
    Today's expectations of security executives is to do more with less: provide tighter security with less resources for a dynamic, hybrid, complex IT environment.
    As an existing Tufin customer, you can turn the Tufin Orchestration Suite from a management tool into a strategic infrastructure.

    Join us for the second webinar in our Executive Webinar Series: "Cut Audit Prep and Tighten Security with Continuous Compliance" and learn how you can maximize your Tufin investment to:
    •Cut audit preparations by enforcing continuous compliance across the hybrid network
    •Tighten security posture with a unified zone-based security policy
    •Maximize agility AND policy compliance with proactive risk analysis
    Reserve your seat now!
    We look forward to you joining us.
  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Michael Suby, Vice President of Research at Frost & Sullivan Recorded: Aug 24 2016 36 mins
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralising business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • 利用大数据实现积极且具有高度关联性的安全防御Using Big Data For Active And Contextual Security 利用大数据实现积极且具有高度关联性的安全防御Using Big Data For Active And Contextual Security 周德振(Adam), 高级解决方案顾问, Akamai Technologies Recorded: Aug 24 2016 59 mins
    *This webinar will be conducted in Mandarin
    Organizations are turning to leverage big data and analytics to ‘look’ for indicators of intent or indicators of compromise, thus helping organizations focus their security resources on the threats at hand. The challenge though is how to process the vast amount of data, and furthermore, keep it relevant, timely, actionable – contextual. The challenge becomes harder when threat actors utilize a variety of techniques to maintain anonymity, reduce their ‘fingerprint’ and mask their intent.

    In this webinar, Adam will share how Akamai leverages the vast amount of data that it sees daily to help its customers improve their security decisions, when the threat would otherwise be unclear. John will showcase how Akamai’s big data and analytics platform, Cloud Security Intelligence, powers its Client Reputation service. A service that provides the ability to forecast intent and protect applications against Distributed Denial of Service (DDoS) and application layer attacks, and how active defence can be applied to a variety of response mechanisms, delivering an intelligent contextually aware defence.

    各家机构正越来越倾向于使用大数据资源来“查找”各种恶意行为的迹象、甚至是破坏的先兆,来帮助机构把有限的安全资源集中在关注现有的威胁之上。但是,挑战在于如何处理这样大量的数据,而且保证数据的相关性、及时性和可用性不会受到影响。而且,随着安全威胁使用了更多样的技术来保证其匿名性、减少留痕并掩盖其意图,机构所面临的安全挑战也越来越严峻。

    在本次的网络研讨会中,Akamai 高级解决方案顾问-周德振先生(Adam),将会向您展示Akamai是如何在威胁尙不明确的情况下,使用每日承载的海量数据来帮助客户做出更加明智的网络安全决策的。Adam将会展示Akamai的大数据及分析平台、云安全智能是如何强化其客户端信誉(Client Reputation)服务。这种服务能够提前预告各种行为的迹象,并保护应用程序不会受到DDoS和应用层攻击。此外,您还将看到这种积极的安全防御是如何帮助各种响应机制,是如何交付智能化、高度关联的防御。

    8月24日(周三)| 时长60分钟 | 北京时间 14:00
    演讲人: 周德振(Adam), 高级解决方案顾问, Akamai Technologies
    主持人: 毛宇, CISSP, AMBCI, CCNP, PRINCE2, (ISC)²官方授权讲师


    预留席位,就在此刻!

    *This webinar will be conducted in Mandarin
  • New Legal Requirements for Mobile Security – EMM is not Optional New Legal Requirements for Mobile Security – EMM is not Optional Ojas Rege, MobileIron VP Strategy, and Carl Spataro, MobileIron Chief Privacy Officer Recorded: Aug 23 2016 36 mins
    As of 2016, California requires all companies, no matter where they are based, to implement a minimum set of mobile security controls if they process sensitive personal information about California residents. Spend 30 minutes with us on how to comply with these new requirements. Review the California Data Breach Report for the new requirements.

    This webcast is for Mobile IT and information security professionals and their legal and compliance teams. This webcast will cover:

    The foundational security controls now required by law
    How these controls are applied to mobile
    Best practices to achieve compliance
    The central role of Enterprise Mobility Management (EMM)
  • Screen Sharing Worth 1000 Chats Screen Sharing Worth 1000 Chats Donald Hasson Recorded: Aug 23 2016 38 mins
    Chat is an excellent channel to improve service desk productivity, but when dealing with complex issues, it’s sometimes not enough. If your chat solution is implemented in a standalone silo, then customers may have to transfer to phone support when their issues go beyond the point of text, resulting in a disjointed customer experience. But if the chat transitions directly into a screen-sharing session, the support agent can instantly see and resolve the issue while maintaining a seamless conversation. This session will outline how to increase the value and power of chat through integrating it with other solutions such as remote support, knowledge bases, CRM and more. Turn your service desk into a one-stop-shop with a modern, integrated approach to support.
  • Hunting for Threats: tips and tricks for SOC experts Hunting for Threats: tips and tricks for SOC experts Matias Bevilacqua, Mandiant Principal Consultant Recorded: Aug 23 2016 49 mins
    Many Security Operation Centers operate in a reactive mode. They primarily respond to alerts that are being presented to them by implemented detection technologies. And we all know alerts are generated in overwhelming volumes, severely crippling SOC’s effectiveness and efficiency. Today’s threat landscape requires SOCs to operate ever more proactively to keep up with the threat actors. More and more SOCs therefor are actively ‘hunting’ for threats that may be residing in the environment they are to defend. ‘Hunting' however requires a different approach from the traditional, reactive mode, not least for the SOC experts themselves.

    Join Matias Bevilacqua, Mandiant Principal Incident Response Consultant, as he discusses tips and tricks for hunting for those lurking threats: what to look for, what tools to use, etc.? You will leave the session with some hands-on material to start turning over stones and uncover threats you never knew were there.
  • eSummit Session 3: Under the Shadow of the Cloud eSummit Session 3: Under the Shadow of the Cloud Rik Ferguson, Vice President Security Research, Trend Micro, Adrian Davis, Managing Director, (ISC)² EMEA Recorded: Aug 23 2016 49 mins
    This presentation will enumerate some of the risks, old and new, of migrating to a cloud infrastructure as well as the risks posed by consumer and employee “cloud creep”. I will detail how your business could impacted and illustrate some architectural and procedural changes that can help to mitigate these risks.
  • eSummit Session 2: Cloud Breach – Detection and Response eSummit Session 2: Cloud Breach – Detection and Response Matthias Maier, Product Manager EMEA, Splunk, Adrian Davis, Managing Director (ISC)² Recorded: Aug 23 2016 47 mins
    Your next breach or insider attack will most likely have you digging for evidence in the cloud. Are you prepared? The old styles of imaging disks and tapping networks won't work. They will not scale. Join this webinar to discover response scenarios for cloud enabled and cloud dependent enterprises, a model for preparing for cloud response and examples of cloud breach investigations.
  • eSummit Session 1: Protecting Cardholder Data in the Cloud – A PCI Perspective eSummit Session 1: Protecting Cardholder Data in the Cloud – A PCI Perspective Jeremy King, International Director PCI Security Standards Council, Adrian Davis, Managing Director (ISC)² Recorded: Aug 23 2016 46 mins
    With more and more organisations using the services of a cloud provider, what impact does this have on securing Cardholder Data. This presentation will give an general overview of the PCI SSC, and then focus specifically on the issues relating to storing data in the cloud. Especially it will look at the key issues of “Who is responsible?” and “What happens when there is a data breach”. In addition the presentation will look briefly at the impact of the recent GDPR on cloud storage and cloud providers.
  • The modern way of hunting  - How three CTOs tackle incident response The modern way of hunting - How three CTOs tackle incident response OpenDNS CTO, Dan Hubbard, Lancope CTO, TK Keanini, and Threat Grid CTO, Dean De Beer Recorded: Aug 22 2016 53 mins
    Your corporate network is open terrain. And it's hunting season. Malware, ransomware, and phishing scams are lurking. It's time to identify these threats to the enterprise earlier in the kill-chain and protect your employees, your data, and your network. The next evolution of Incident Response is here.

    Isn't it time you adapted your security stack to gain visibility into threats across you endpoints, network, and cloud? We can arm you with the tools you need most to see what’s happening not just on your network and your endpoints, but also out on the Internet in the wild.

    Join the product CTO’s from both OpenDNS and our Advanced Threats Groups, Dan Hubbard, Dean De Beer, and TK Keanini as they review how to modernize your response with critical solutions that provide visibility into the network, endpoint, and cloud and additionally talk about how to use these tools to investigate threats in the present, retrospectively, and into the future.

    Join not one, but three CTOs from OpenDNS, AMP Threat Grid and Lancope for a complete review of what it takes to accelerate investigations, decrease incident response times, and uncover potential attacks before they are launched.

    Hear from OpenDNS CTO, Dan Hubbard, Lancope CTO, TK Keanini, and Threat Grid CTO, Dean De Beer on August 22nd at 10am PT. You’ll learn:

    -Strategies for addressing customer incident response challenges across Network, Endpoint and Cloud
    -Three unique approaches for digging deeper into what happened before, during, and after an attack
    -How together OpenDNS, AMP Threat Grid and Lancope combine to give you the best incident response portfolio

    Register now and let the hunting begin.
  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Michael Suby, Vice President of Research at Frost & Sullivan Recorded: Aug 18 2016 35 mins
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralizing business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • Improving on "Whack-a-Mole" Vulnerability Management Improving on "Whack-a-Mole" Vulnerability Management Joseph Blankenship Senior Analyst, Forrester & Jimmy Graham Director, Product Management, Qualys Recorded: Aug 18 2016 50 mins
    The need to prioritize vulnerability management (VM) is greater than ever as IT security teams become overwhelmed with trying to protect against every threat that pops up. Organizations that understand the varying risks across vulnerabilities can focus on resolving dangerous exploitation, and avoid wasting crucial time addressing insignificant ones.

    We invite you to attend the “Improving on 'Whack-a-Mole' Vulnerability Management” webcast featuring guest speaker Joseph Blankenship, Senior Analyst at Forrester, and Jimmy Graham, Director of Product Management at Qualys.

    The following topics will be discussed during the webcast:

    * Forrester data trends and insights from real-world client scenarios

    * Why vulnerability management needs to be prioritized and elevated

    * How Qualys ThreatPROTECT shows you what to remediate first (led by Qualys)


    This webcast includes a live Q&A.
  • What does the GDPR mean to you? What does the GDPR mean to you? Arif Muhammad, Director Product Management and Wilfred Mathanaraj, Product Owner TDM, CA Technologies Recorded: Aug 18 2016 42 mins
    There's new legislation in place, that's expanded the definition of personal data and puts IT and testing departments on high alert to safeguard personal data, across testing and development environments. It's the General Data Protection Regulation (GDPR). Are you ready for it?

    In this session, we’ll demonstrate how CA Test Data Manager helps to both mask your production data and to generate synthetic test data; a powerful combination to help you meet compliance needs and deliver quality applications. There will be a short section on the future of the tester self-service model that will enable testers to efficiently get access to the right test data.
  • Briefings Part 2: The Evolving Nature of Ransomware Attacks Briefings Part 2: The Evolving Nature of Ransomware Attacks Ryan Benson, Senior Threat Researcher, Exabeam; Brandon Dunlap, Moderator Recorded: Aug 18 2016 59 mins
    Like all cyber threats, ransomware continues to evolve and its effects will cause significantly greater impact to corporate organizations and networks. Just as computer viruses caused more damage as they grew in sophistication, ransomware is increasing its way to enter networks and wreak more havoc. Newer strains now know to look for networked file shares as encryption targets. Do you know what signals to look for to detect ransomware as it begins to attack? Exabeam researchers have analyzed nearly 100 strains of malware and have categorized some of the more aggressive techniques being used. Join Exabeam and (ISC)2 on August 18, 2016 at 1:00PM Eastern and gain a better understanding of the mechanisms ransomware might use to propagate and how to detect signs of these mechanisms in use.