Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Reduce time to detect and respond to cyber threats - without adding resources
    Reduce time to detect and respond to cyber threats - without adding resources Chris Martin, LogRhythm Security Expert Live 45 mins
    Today’s reality is that organisations will continue to be confronted by increasingly frequent and complex cyber threats. It’s not a matter of if your organisation will be compromised, but when.

    The Threat Lifecycle Management Framework (TLM) is a series of aligned security operations capabilities. It begins with the ability to see broadly and deeply across your IT environment and ends with the ability to quickly mitigate and recover from security incidents. The result? A reduction in your mean time to detect and mean time to respond without adding staff to accomplish the job.

    In this webcast, Chris Martin, LogRhythm security expert, will explain what TLM is and demonstrate how the end-to-end security workflow helps reduce your mean time to detect and respond to cyber threats.

    You’ll learn:

    • The definition and details of the TLM framework
    • How TLM enables you to sort through the noise to highlight and investigate concerning incidents
    • How TLM works to streamline processes through automated workflow
    • Specific use cases TLM can address to prevent major data breaches

    Register now to learn how to enhance your threat detection and response capabilities with LogRhythm and Threat Lifecycle Management (TLM).
  • SecureMail with Salesforce
    SecureMail with Salesforce Matt Signorello Recorded: Apr 25 2017 4 mins
    This short video provides an overview of how to integrate the DataMotion secure email platform with Salesforce. The platform allows users and developers to easily send sensitive data in and out of Salesforce in a secure manner.
  • How to Evaluate the Security of an E-Discovery Vendor
    How to Evaluate the Security of an E-Discovery Vendor Gavin Manes, Ph.D., CEO, Avansic; Amy Sellars, Assistant General Counsel, Walmart Recorded: Apr 25 2017 60 mins
    EDRM recently released the EDRM Security Audit Questionnaire, designed to help corporations and law firms evaluate the security capabilities of cloud providers and third parties offering electronic discovery or managed services. In this webinar, two of the questionnaire’s designers will provide legal, IT, and corporate professionals with practical guidelines for conducting a security audit.

    Presenters will introduce the questionnaire and walk through key benchmarks, weighting, scoring, and best practices for using the questionnaire to evaluate providers. The questionnaire is an Excel-based tool for scoring/assessing the security strengths and weaknesses in any organization. Webinar attendees are encouraged to download and review the Security Audit Questionnaire, available on the EDRM website, prior to the event.

    Speakers will reserve time to answer audience questions about the security audit process. Jim Waldron, director of EDRM, and George Socha, cofounder of EDRM and managing director at BDO, will moderate the session.
  • Beyond Deployment Velocity: How Technology & Process Increase DevOps Success
    Beyond Deployment Velocity: How Technology & Process Increase DevOps Success Adrian Lane, CTO, Securosis, Jeff Craty, Dir. of Engineering, Veracode, & Tim Jarrett, Sr Dir. of Product Mktg at Veracode Recorded: Apr 25 2017 61 mins
    DevOps increases teamwork, visibility and overall software quality. Yet, integrating security can be challenging for cultural and technological reasons.

    This webinar, featuring Adrian Lane of Securosis and Tim Jarrett and Jeff Cratty of Veracode, dives into what DevOps is, explain how delivering secure code lends itself to the larger goals of DevOps, and discusses the challenging process and technical requirements for integrating security into DevOps.

    Learn how you can have both development velocity and security without compromising either one.
  • Cyber Security & Internal Audit:  A Board’s Eye View
    Cyber Security & Internal Audit: A Board’s Eye View Jay R. Taylor, CEO and President of EagleNext Advisors LLC Recorded: Apr 25 2017 61 mins
    One of the most critical and complex issues companies face today is providing the right leadership and level of attention to growing risks related to cyber security. While Internal Audit plays a critical role in this area, challenges in planning, execution and communication can detract from providing what the board needs. In this webinar Taylor will take you into the board room to better understand the critical role played on both sides – the Board committees such as Audit and Risk, and Internal Audit. You will walk away with new insights to help your team be more successful.
  • Next Generation Defense in Depth Model
    Next Generation Defense in Depth Model Tari Schreider, CCISO, Chief Cybersecurity Strategist & Author, Prescriptive Risk Recorded: Apr 25 2017 64 mins
    This session will focus on presenting a next generation defense in depth model and answer the question on many CISO’s minds - is it still relevant? A model of defense in depth will serve as a backdrop to introduce you to a wide range of solutions from across the cybersecurity industrial complex that just may change how you view your defense in depth approach.
  • Walk this way - First steps towards firewall automation
    Walk this way - First steps towards firewall automation Erez Tadmor, Senior Product Manager, Tufin & Joe Schreiber, Technical Director, Business Development, Tufin Recorded: Apr 25 2017 61 mins
    Automation systems bring a great deal of value. Having the ability to produce better, faster, and more reliable results can go a long way in improving business agility and simplifying day-to-day tasks. Firewall automation also helps tighten security posture and ensure continuous compliance with internal policies and industry regulations.

    Tufin presents the recommended steps to start your journey towards firewall automation. Join us for the first webinar of the series, focusing on rule decommissioning, to learn how you can initiate an immediate and substantial impact on your organization.
  • Les usages indirects SAP® et les redressements financiers
    Les usages indirects SAP® et les redressements financiers Patrick Thon, SAP PreSales Manager France Snow Software Recorded: Apr 25 2017 43 mins
    La question des usages indirects SAP® est d'actualité car les sociétés commencent à subir des redressements financiers de plusieurs millions d'euros.

    L'impact de la récente décision de la Haute Cour de justice britannique sur les clients SAP® pourrait bientôt suivre en France. En effet, les contrats existants ont une définition de l’usage des logiciels SAP® qui ne correspond plus à la réalité de la gestion des licences comme le conçoit SAP® actuellement.

    Venez assister à notre webinar du mardi 25 avril pour voir comment vous préparer à ce type d'audit et vous assurer une exposition financière minimum à ce risque, de plus en plus élevé.
  • Is Your Organisation GDPR Ready?
    Is Your Organisation GDPR Ready? Steve Durbin, Managing Director, ISF LTD Recorded: Apr 25 2017 49 mins
    Many organisations are still unclear as to how they will meet the requirements of the EU GDPR legislation which will come into effect in May 2018. Fundamentally organisations need to start preparing for this now.

    In this webinar Steve addresses some of the key questions organisations are asking such as: does the EU GDPR regulation apply to me? how should I prepare for this legislation? and what additional resources do I need?
  • Part II – How to get started with GDPR & Applying Appropriate Security Controls
    Part II – How to get started with GDPR & Applying Appropriate Security Controls Jason Hart, Gemalto, Lisa Bentall, DQM GRC, Adrian Davis, (ISC)² EMEA, Nathaniel Ford, (ISC)² EMEA Recorded: Apr 25 2017 62 mins
    As a follow-up to our previous webinar, this panel discussion will dive into further detail about the GDPR. Presented by compliance experts Lisa Bentall (DQM GRC) and Jason Hart (Gemalto) we will answer some of the big questions raised in the previous webinar and open up to the live audience for an interactive Q&A.
  • What Embedded and IoT Developers Think About IoT Security: A Look at Survey Data
    What Embedded and IoT Developers Think About IoT Security: A Look at Survey Data Stacy Cannady, Cisco Systems and Richard Nass, Embedded Computing Design/OpenSystemsMedia Recorded: Apr 24 2017 60 mins
    Join Stacy Cannady, Cisco Systems and Richard Nass, Embedded Computing Design/OpenSystemsMedia in a webcast Monday, April 24, 10 a.m. Pacific/ 1:00 p.m. East to talk about the hottest issue today in the IoT and embedded design: security.

    With Embedded Computing Design (ECD), the Trusted Computing Group (TCG) conducted an Internet of Things (IoT) Security Survey January to February 2017 to find if and how designers were addressing these concerns.

    The webcast will look at how designers perceive security, whether they’re including security in their designs, challenges to embedded and IoT security, and their awareness and use of trusted computing.

    Attendees will see survey results and hear from our experts on trending security issues and potential solutions to protecting devices, networks and data.
  • Kubernetes Master
    Kubernetes Master Pravin Goyal Recorded: Apr 24 2017 1 min
    Assessing Kubernetes Master Node against CIS Security Benchmark for Kubernetes (Draft)
  • Surveillance, Then and Now: The Growing Need for Privacy & Security by Design
    Surveillance, Then and Now: The Growing Need for Privacy & Security by Design Ann Cavoukian, Executive Director, Privacy & Big Data Institute at Ryerson University Recorded: Apr 24 2017 64 mins
    The growth of state surveillance appears to be escalating dramatically. With the most recent Wikileaks Vault 7 revelations, it is clear that independent oversight is totally lacking and yet, much-needed if we ever hope to curb such unwarranted surveillance. Transparency relating to such activities is essential in order to hold governments accountable for their actions. The need for both global privacy and security - by design, is growing on a daily basis, and will be outlined in this presentation, in an effort to move things forward.

    About the Presenter:
    Dr. Ann Cavoukian is recognized as one of the world’s leading privacy experts. She is presently the Executive Director of Ryerson University’s Privacy and Big Data Institute. Dr. Cavoukian served an unprecedented three terms as the Information & Privacy Commissioner of Ontario, Canada. There she created Privacy by Design, a framework that seeks to proactively embed privacy into design, thereby achieving the strongest protection possible. In 2010, International Privacy Regulators unanimously passed a Resolution recognizing Privacy by Design as an international standard. Since then, PbD has been translated into 39 languages. Dr. Cavoukian has received numerous awards recognizing her leadership in privacy, most recently as of the Top 100 Leaders in Identity (January, 2017).
  • Kubernetes Worker
    Kubernetes Worker Pravin Goyal Recorded: Apr 24 2017 1 min
    Assessing Kubernetes Worker Node against CIS Security Benchmark for Kubernetes (Draft)
  • Interview: CTO of Symantec on advanced cybersecurity
    Interview: CTO of Symantec on advanced cybersecurity Darren Thomson, CTO & VP of Technology, Symantec, EMEA & Andrew Bird, EA Visionary, Interview Moderator Recorded: Apr 24 2017 22 mins
    Interview in partnership with BrightTALK, The Stack and Cloud Industry Forum
    ----------
    BrightTALK caught up with Darren Thomson, CTO & VP of Technology, Symantec, for an in-depth conversation on the future of cybersecurity in the context of IoT, AI and Machine Learning.

    Among topics discussed:

    - Trending business vulnerabilities in 2017
    - Particularities of pentesting
    - How to prepare for GDPR in 2018
    - Implications of IoT, AI & machine learning on cyber security
    - Yahoo breach
    - Brexit and cybersecurity
    - Recommendations to CISO's developing security strategies

    About the speaker:
    Darren is an industry recognised IT innovator and strategist, with +20 years of industry experience. He is a published author. His latest work has recently been published by Wiley Co. and is entitled, “Delivering Utility Computing: Business Driven IT Optimisation”. Details can be found at www.amazon.com.
  • Benefits of Machine Learning in IT Infrastructure
    Benefits of Machine Learning in IT Infrastructure Dan Ortega - Vice President of Marketing Recorded: Apr 21 2017 4 mins
    During the next 5 years, machine learning is poised to play a pivotal and transformational role in how IT Infrastructure is managed. Two key scenarios are possible: transforming infrastructure from a set of under-utilized capital assets to a highly efficient set of operational resources through dynamic provisioning based on consumption; and the identification of configurations, dependencies and the cause/effect of usage patterns through correlation analysis.
    In the world of IT infrastructure, it’s all about efficient use of resources. With on-premise infrastructure (compute, storage and network) utilization rates for most organizations in the low single digits, the cloud has sold the promise of a breakthrough. For those organizations moving to Infrastructure as a Service (IaaS), utilization in the middle to high teens is possible, and for those moving to Platform as a Service (PaaS), utilization in the mid-twenties is within reach.
    Dynamic provisioning driven by demand is essentially the same operational concept as power grids and municipal water systems – capacity allocation driven by where resources are consumed, rather than where they are produced.
    The second part of the breakthrough relates to right-sizing infrastructure. Whether this is network capacity or compute Virtual Machine size – machine learning will enable analysis of the patterns of behavior by users and correlate them to the consumption of infrastructure resources.
    During the near term, these benefits will be much more tactical. Automated discovery combined with behavioral correlation analysis will virtually eliminate the need for manual inventory and mapping of components and configuration items in the IT ecosystem to reveal how the ecosystem is operating.
    Today, IT has the opportunity to automate the mapping of components in their infrastructure to provide a more accurate and actionable picture.
  • Are You Prepared to Identify & Defend Against Ransomware?
    Are You Prepared to Identify & Defend Against Ransomware? Mo Abdullahi Recorded: Apr 21 2017 37 mins
    Ransomware’s showing no signs of slowing down – and neither are we!

    We'll teach you about ransomware, how you can protect your data AND demonstrate why Varonis customers have some of the fastest response times in the industry.

    Attend our Webinar to discover:

    Warning signs of an impending ransomware attack
    The most recent ransomware threats (Cryptolocker & its variants, Zcrypt, Locky, and more)
    How Varonis customers:
    Use DatAlert to detect suspicious behavior and insider threats
    Stay up-to-date defending against the latest ransomware variants
    Discover which files were affected and how to recover quickly
  • Combined Assurance
    Combined Assurance Ian Beale Apr 26 2017 10:00 am UTC 75 mins
    Every organisation has invested recently in their assurance functions – budgets in compliance have grown by 10%, InfoSec by 17%, and ERM by 22% - but significant failures and incidents continue to occur. In addition, operational management regularly complain of assurance fatigue and ExCo’s increasingly demand a holistic approach to risk management or a “single view of the truth”.

    Ian Beale, executive advisor at CEB, has more than 20 years' experience in the field of audit and risk. He relishes variety and new intellectual challenges, which proves useful in his role advising companies on critical and emerging risk and audit issues. On a daily basis, Ian works with global companies to identify risk priorities and areas of focus in a world that is rapidly changing.
  • Best key practices for GDPR and utilizing IncMan™ Incident Response platform
    Best key practices for GDPR and utilizing IncMan™ Incident Response platform Mike Fowler, Vice President, Professional Services and Steve Ditmore, Senior Sales Engineer for DFLabs Apr 26 2017 3:00 pm UTC 60 mins
    The GDPR will apply in all EU member states in May 2018, organizations and businesses that are data owners and/or dealing with data belonging to EU citizens have the responsibility to ensure their processing abides by new data protection law and processors must themselves abide by rules to maintain records of their processing activities. If organizations and businesses are involved in a data breach, they are far more liable under GDPR than they were under the Data Protection Act.

    Complying with the new regulations requires operating to high standards of data security and protection. If suffering a data breach that puts the rights and freedoms of individuals at risk, organizations must notify the people affected and the data protection authority (Information Commissioner's Office (ICO) in the UK) within 72 hours of becoming aware of it. Data breaches occur every day - and the EU have just increased the financial liability and consequences of inadequate security.

    Hear from Mike Fowler, author of the popular white paper: Automation as a Force Multiplier in Cyber Incident Response. Mike will provide insight into how best to leverage automation to provide incident response and reporting consistency for GDPR.

    Steve Ditmore will present IncMan™ – Security Automation and Orchestration features covering:

    •Installation and set-up is measured in hours rather than days or weeks without the need for expensive professional services support.
    •Review steps involved in a mitigating and controlling a data breach.
    •Automation of menial enrichment activities, so incident responders can determine/contain and mitigate breaches more efficiently and effectively.
    •Enhanced visibility creating a layered approach to information gathering.
    •Incident management including response prioritization.
    •How incident and notification workflows are automatically assigned to an incident.
  • Web Application Firewalls in the Global 2000
    Web Application Firewalls in the Global 2000 Matthew Chips, William Fisher, Michael Lynge Apr 26 2017 6:00 pm UTC 30 mins
    Web application firewalls (WAFs) are designed to filter, monitor, and block HTTP conversation from web applications and protect against HTTP, or web-based, attacks.
  • How to Build An Advanced Email Security Strategy
    How to Build An Advanced Email Security Strategy Richard Davis, Dir, Cyber Security Strategy and Adenike Cosgrove, Cyber Security Strategy - EMEA, Proofpoint Apr 27 2017 9:00 am UTC 45 mins
    You may know that email is a top vector for advanced threats targeting your organisation. But did you know that attackers have evolved their techniques to bypass even your most sophisticated email security tools? Your people, data, and brand reputation are at serious risk.

    Join the Proofpoint for "How to Build an Advanced Email Security Strategy." to learn about:

    • The latest email fraud techniques, including business email compromise (BEC), ransomware, and sandbox-evasion threats.

    •Key steps to building an email security strategy that can adapt to and stop attacks before they reach the inbox.

    • How to respond to and mitigate security risks faster and more reliably at a reduced cost.
  • CISO Says: Interview with Darron Gibbard, CTSO, Qualys
    CISO Says: Interview with Darron Gibbard, CTSO, Qualys Darron Gibbard, CTSO, Qualys, Adrian Davis, Managing Director (ISC)² EMEA Apr 27 2017 11:00 am UTC 60 mins
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
  • From Incident Response to a Continuous Monitoring & Active Threat Hunting
    From Incident Response to a Continuous Monitoring & Active Threat Hunting Stuart Davis, Director, Mandiant & David Grout, Systems Engineering Director, FireEye Apr 27 2017 11:30 am UTC 45 mins
    With over 13 years of front-line experience dealing with advanced threat actors from around the globe, our Mandiant team know how the bad guys think and can help you win the battle against cyber attackers.


    In this webinar, Stuart Davis and David Grout will cover:
    - Best practices in regards to Security as a Service
    - How organisations can move from an alert-led security to an intelligence-led security
    - How FireEye can provide the adequate tools, processes and expertise required to build a next generation security program
  • Privileged accounts: the most powerful backdoor used by hackers
    Privileged accounts: the most powerful backdoor used by hackers Grant Burst and Chad Carter Apr 27 2017 2:00 pm UTC 60 mins
    Privileged accounts can be some of the most serious threats your company can face. As more and more processes are digitalized and activities externalized, the number of accounts accessing critical and strategic information escalates, extending the cyber threat across continents. Meanwhile, companies and individuals are becoming increasingly aware that any data or server can be accessed with the right privileges; it is therefore imperative to know who accesses critical resources, as well as when and why they do so to avoid any leak. By monitoring the users holding the keys to the kingdom - the privileged users, we are able to know what exactly happened on a system at any given time and how. Whether malicious or negligent, incidents caused by internal or external threats can be avoided quickly if visibility over the IS is restored. Session monitoring and recording dissuades malicious or negligent users while offering real-time alerts, traceability, and post-mortem analysis. Discover how some of the most dramatic cyberattacks to date could have been prevented had there been a Privileged Access Management solution in place to protect and secure target systems.
  • How secure is your Hybrid Cloud roadmap? (US/EU focus)
    How secure is your Hybrid Cloud roadmap? (US/EU focus) Aaron Sherrill (451 Research) and Avinash Prasad (Tata Communications) Apr 27 2017 2:00 pm UTC 60 mins
    Hybrid Clouds are expected to gain prominence for hosting diverse enterprise workloads due to a variety of needs. For this model of cloud deployment, there exist broader security and specific privacy concerns driven primarily by data loss, data privacy and compliance to regulatory needs. Although Hybrid Clouds offer a degree of control and security of IT infrastructure, there is a need for unified cloud security management which offers a more holistic view of risk categorisation and standard security policies. How can working with a service provider, who can offer an optimized mix of technology and controls to seamlessly manage Security and Compliance, change the game for the enterprise?
  • Microsoft Audit Success: The five key failures to avoid
    Microsoft Audit Success: The five key failures to avoid Michael Krutikov, Rich Gibbons (ITAM) Apr 27 2017 3:00 pm UTC 45 mins
    Three-quarters of IT and finance leaders fear a software audit by Microsoft. More than Oracle, IBM or SAP. In fact, 68% say they have been audited by the world’s largest software publisher in the last 12 months alone* and this looks set to increase.

    But software audits don’t need to be scary if you’re armed with the right information and insight.

    The key is identifying and addressing the key points of failure in a Microsoft software audit:

    •SQL connections
    •SQL virtualization
    •Managing Office editions
    •Self-Provisioning of Office 365
    •Azure sprawl

    Join Microsoft licensing guru, Rich Gibbons from ITAM Review and compliance pros from the world’s leading SAM technology provider, Snow Software, for a 45-minute masterclass in Microsoft audit readiness.


    * Snow Software research, December 2016
  • Pitfalls and Potholes to Avoid in Your eDiscovery Projects
    Pitfalls and Potholes to Avoid in Your eDiscovery Projects Doug Austin and Karen DeSouza, Esq. Apr 27 2017 5:00 pm UTC 75 mins
    If you’ve conducted discovery for litigation, investigations or audits, you know that “Murphy’s Law” dictates that a number of “pitfalls” and “potholes” could occur that can derail your project. These issues can add considerable cost to your discovery effort through unexpected rework and also cause you to miss important deadlines or even incur the wrath of a judge for not following accepted rules and principles for discovery. This webcast* will discuss some of the most common “pitfalls” and “potholes” that you can encounter during the discovery life cycle and how to address them to keep your discovery project on track.

    Webcast Highlights

    + Avoiding the Mistake in Assuming that Discovery Begins When the Case is Filed
    + How to Proactively Address Inadvertent Privilege Productions
    + Up Front Planning to Reduce Review Costs
    + How to Avoid Getting Stuck with a Bad Production from Opposing Counsel
    + Understanding Your Data to Drive Discovery Decisions
    + Minimizing Potential ESI Spoliation Opportunities
    + Ways to Avoid Potential Data Breaches
    + How to Avoid Processing Mistakes that Can Slow You Down
    + Common Searching Mistakes and How to Avoid Them
    + Techniques to Increase Review Efficiency and Effectiveness
    + Checklist of Items to Ensure a Smooth and Accurate Production

    Presenters Include:

    
Doug Austin: Doug is the VP of Ops and Professional Services for CloudNine. At CloudNine, Doug manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing consulting, technical project management and software development services to numerous commercial and government clients.

    
Karen DeSouza: Karen is the Director of Review Services and a Professional Services Consultant for CloudNine. Karen is a licensed attorney in Texas and has over 15 years of legal experience. She also has a Bachelor of Science in Legal Studies - American Jurisprudence.

    * Submitted for MCLE in Texas and Florida
  • RANSOMWARE: Your Money or Your Data Protecting the Public Sector from Ransomware
    RANSOMWARE: Your Money or Your Data Protecting the Public Sector from Ransomware Bil Harmer, Strategist, Office of the CISO, Zscaler Apr 27 2017 5:00 pm UTC 60 mins
    Cyber extortion is on the rise, and the public sector is particularly vulnerable. A study conducted by a leading cybersecurity threat management firm reported that state and local government networks are twice as likely as their commercial counterparts to be infected with either ransomware or malware.
    Why are ransomware perpetrators increasingly setting their sights on the public sector? First, many agencies and public institutions rely on legacy systems that are challenged to meet all of today’s cybersecurity threats. Second, the proliferation of devices and technology platforms, including smartphones, tablets and mobile apps, are giving hackers more points of entry into public sector networks. Are you prepared for such an attack?

    Join Bil Harmer, Strategist, Office of the CISO, Zscaler Inc., for a compelling webcast highlighting how ransomware can impact your organization and steps you can take to secure your network and systems.

    Bil will also cover:

    - How ransomware has evolved
    - Lessons learned from recent attacks
    - Why cloud sandboxing is so important
    - Tips for mitigating ransomware

    For more information about Zscaler, go to www.zscaler.com

    Bil Harmer leads Zscaler’s Office of the CISO for the Americas, where he advises organizations on best practices for implementing cloud-based cybersecurity solutions. A veteran of the IT industry, he has helped startups, governments, and financial institutions design and implement security programs. Bil pioneered the use of the SAS70 coupled with ISO, to create a trusted security audit methodology used by the SaaS industry. A highly sought-after speaker, Bil frequently presents on security and privacy-related topics at conferences such as RSA, ISSA, GrrCon and the Cloud Security Alliance.
  • Hacker Secrets Revealed: 5 Security Mistakes to Avoid
    Hacker Secrets Revealed: 5 Security Mistakes to Avoid Paul Brandau & Mike Warren, Delta Risk Apr 27 2017 5:00 pm UTC 60 mins
    External penetration testing, also known as ethical hacking, is an independent engagement that can help pinpoint common attack vectors and patterns hackers look for in your network. Delta Risk research has identified the attack vectors bad actors most commonly use to get initial access to a network and spread across the rest of the organization. In this 45-minute webinar, our pen testers offer recommendations on how to combat various scenarios and outline the key mistakes defenders must avoid when protecting their security operations.

    WHAT YOU’LL LEARN:
    • Lessons learned from our 2016 external assessments
    • Common weaknesses our testers exploited such as kerberoasting and password reuse
    • Methods our testers use to quickly locate high value assets
    • Vendor-neutral solutions for protecting sensitive information
    • Why third-party penetration testing is in demand

    About the Presenters:
    Paul Brandau is the Managing Consultant with Delta Risk LLC. He has more than 10 years of experience in the cyber security domain providing a unique perspective on cyber exercises, operational (red team) assessments, and training in offensive network operations. He has helped design and lead a Red Team for the United States Department of Homeland Security. Prior to Delta Risk, his duties included reverse engineering malware and threat profile creation.

    Mike Warren is VP of Cyber Resiliency Services for Delta Risk LLC. He has more than 14 years of experience in the cyber security domain providing a threat perspective, operational (red team) assessments, enterprise vulnerability assessments (blue team), and training in defensive and offensive network operations. Prior to Delta Risk, he was an active duty Air Force Communications and Information Engineer Officer.
  • The NIST Cybersecurity Framework (CSF): A Federal Use Case
    The NIST Cybersecurity Framework (CSF): A Federal Use Case Ken Durbin, CISSP Strategist: CRM & Threat Intel, Symantec Apr 27 2017 5:00 pm UTC 60 mins
    Considered the gold standard for cybersecurity, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is being utilized by the Federal Government agencies to reduce risk.

    Key Learning Objectives:

    •Overview of the NIST CSF

    •How the NIST CSF is currently being used by the Federal Government to compliment The Federal Information Security Management Act (FISMA )

    •Possible future use cases

    Join this webcast for a review on best practices for the NIST CSF being utilized by Federal, State and Local Government
  • 6 Lessons for Cyber Threat Hunters
    6 Lessons for Cyber Threat Hunters Mary Karnes Writz and Alona Nadler, HPE Apr 27 2017 6:00 pm UTC 60 mins
    Hunt teams are relative newcomers within the security operations domain. Many companies say they are doing “hunt” but when we dig deeper, we find the capabilities are ad hoc, with no measurable indicators of success nor formal organizational support. That means hunt teams are growing in popularity and use, but there is no “gold standard” yet for how they work. With increasing scarcity of skilled resources in cyber security and lack of efficient tools, it is challenging to build successful hunt practices inside an organization.

    Join this webcast to:
    •Gain a clear understanding of the current challenges of hunt and investigation procedures
    •Learn how to build “hunt” capabilities that search for security breaches
    •Increase speed, simplicity and effectiveness across the entire workflow of hunt and investigation with ArcSight’s new solution

    Mary Writz is a seasoned professional with more than 15 years of experience in cyber security and, under her services leadership role, her team filed 9 patents and built a successful hunt practice with a focus on Big Data, machine learning and visualization. Alona Nadler is a senior product manager for ArcSight with a background in Big Data analytics platform.
  • Stop attacks such as ransomware and get HIPAA compliant for Healthcare
    Stop attacks such as ransomware and get HIPAA compliant for Healthcare Sridhar Karnam, Director of Product Marketing at Arctic Wolf Networks Apr 27 2017 6:00 pm UTC 45 mins
    Stop attacks such as ransomware and get HIPAA compliant for Healthcare. Understand the top 3 attacks in Healthcare, how to stop them using simple cloud-based tools and ensure HIPAA compliance for business continuity.
  • New York’s New Cybersecurity Regulations: Explained!
    New York’s New Cybersecurity Regulations: Explained! Mihir Mistry, Senior Security Manager Apr 27 2017 6:00 pm UTC 60 mins
    The nation's first state-mandated cybersecurity regulations regarding banking and financial services companies went into effect in New York state on March 1st. However, many businesses subject to the regulations are asking, what are these rules and how will they affect my business operations.

    SecureWorks invites you to join us on April 27th for a webcast designed to help you understand these new mandates and develop an approach to ensure that your organization has a mature and effective security program in place that will not only help you achieve compliance but will improve your overall information security posture.

    What you will learn:
    • Which entities are covered by the mandate and what type of data needs protecting.
    • The five core elements needed to establish a comprehensive cybersecurity program.
    • Critical questions you should be asking your security program partner.
  • Keep your SAP skills up-to-date and build new knowledge- anytime, anywhere
    Keep your SAP skills up-to-date and build new knowledge- anytime, anywhere Julian Hayes, Education Account Executive at SAP Apr 28 2017 10:00 am UTC 30 mins
    How do you ensure continuous acceleration of the pace of innovation and change, while ensuring that your workforce is enabled to achieve your ROI?
    With SAP Learning hub you can:
    •Reduce overall training costs & improve speed to ROI
    •Get unlimited access to all learning content from SAP, including certification preparation titles. Thousands of learning maps, handbooks and e-learning titles available.
    •Make learning content available globally, 24x7
    •Provide social learning platforms led by subject-matter experts who enhance learning by answering questions and providing commentary
    •Track learning progress

    Join us live on Friday, April 28th, 11:00am, for a 30-minute FREE webinar & demo to discover how SAP Learning Hub helps you achieve your ROI and significantly decreases your training costs. SAP Education offers webinar participants a one-off 5% discount on an SAP Learning Hub professional edition subscription. Closing date for license orders is May 28 2017.
  • Maximize Scale & Agility: Leveraging Public Cloud Best Practices & Optimization
    Maximize Scale & Agility: Leveraging Public Cloud Best Practices & Optimization Aaron Newman, CloudCheckr CEO/Co-founder Apr 28 2017 5:00 pm UTC 60 mins
    Building your workloads on AWS unleashes speed and agility. To keep your foot on the pedal and stay aggressive, you need to infuse governance and best practices into your patterns.

    Join CloudCheckr Co-Founder/CEO Aaron Newman in this webcast as he walks you through best practices and strategies for successfully scaling out your AWS environment. In this webinar, learn how to

    - Stay lean and maximize spend

    - Ensure proper controls are in place

    - Apply cost optimization strategies

    - Manage right sizing services and administrative privileges