Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
Faced with an avalanche of alerts, insufficient staffing, and a bewildering regulatory environment it's no wonder that most organizations struggle to respond effectively to cyber attacks. Successfully resolving attacks requires fast, intelligent, and decisive action - organizations need to have an orchestrated plan in place before an attack occurs. Indeed, the best organizations leverage an orchestrated response capability to achieve cyber resilience, the ability to weather the inevitable cyber attacks as just another part of doing business.
Join IBM Resilient’s Ted Julian, VP of Product Management to explore the latest incident response methodology and technology. Can automation really save the day? Or are the naysayers correct that the automation cure is worse than the disease itself? From instant escalation, to automatic enrichment, to guided mitigation, Ted will explore the latest incident response techniques and share what works and what doesn't. Attendees will gain a framework for understanding their incident response capability and a maturity model for evaluating opportunities for orchestration / automation.
Protecting against data loss is a key focus of any organisation’s information security program. However it is not always that easy to put long term initiatives in place with consistent monitoring and response effectiveness to mitigate against advanced attacks where intellectual property may be the target.
In this webinar Stuart and David will explain how effective incident response, long term monitoring and threat intelligence can help deal with data protection against advanced persistent threats (APTs) in this modern age of cyber warfare.
The sad truth is that Invaders are trying to breach your defenses every day. With five out of every six large organizations being targeted by advanced attackers, protecting your data is a smart way to keep you from becoming tomorrow’s headline.
So what does data protection mean? A comprehensive approach allows the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands.
We will explain how Symantec technology addresses this approach and how you will benefit from:
•Grant and ensure access only for authorized users with strong, multi-factor authentication, on any device, including BYOD.
•Watching over data wherever it lives—in the cloud, on premise, in motion, and at rest.
•Preventing data loss with unified policy controls to encrypt or block vulnerable information before it leaves the gate.
Warning - this is not just another GDPR webinar. Join Amar Singh in his popular and interactive webinars and deep-dive into this special Cyber Incident Planning & Response webinar where we share and discuss the following:
* - What are the key components to automate in incident management to enable GDPR compliance.
* - Four important questions a CISO or Manager must ask to manage an incident successfully.
* - Understand Process Automation for Incident Orchestration.
* - How you can, using the technology and processes, build a lean, effective and knowledge Security team with or without a Security Operations Centre.
* - Data Protection and Incident Response for the non-technical manager.
* - How and why it's critical that middle and senior management, working with technical teams, get involved in delivering effective cyber incident planning & response.
You’ve heard a lot about using artificial intelligence and machine learning to change the odds in your favor in cyber-attacks. Unfortunately it turns out that the bad-guys have great AI too, and with each click they can stealthily adapt, morphing into a new hard-to-detect form. But what if we apply learning in real time, on every endpoint, and allow the endpoints to collaborate to identify the threat?
In this talk Simon Crosby, co-founder and CTO of Bromium, will explore how this new approach can give defenders the edge in an era of targeted attacks.
About the Presenter:
Simon Crosby is a co-founder and CTO of Bromium Inc. – the pioneer of micro-virtualization, which enables PCs to defend themselves by design from all malware. Previously Simon was CTO, Data Center & Cloud at Citrix Systems, which acquired XenSource, where he was co-founder and CTO. He was formerly a Principal Engineer at Intel where he led strategic research on platform security and trust, and founder & CTO of CPlane Inc., a pioneer in Software Defined Networking. He was a faculty member in the Computer Laboratory at the University of Cambridge, UK from 1994-2000. He holds a PhD in Computer Science from the University of Cambridge, UK, and is author of more than 50 peer reviewed papers and patents.
Machine learning is both cool and valuable, but to apply it effectively requires that we disregard the former in order to be rigorous about the latter. In this session we take a hard look at the qualities that make machine learning fit for purpose for problems in cyber security in order to lay out a global roadmap for how machine learning can solve security problems today. Even more importantly, our bottom-up analysis of machine learning will chart the areas where an excessive faith in automation can become harmful to a business' security posture.
About the presenter:
Greg has previously managed products and product teams for gaming and education startups with a focus on meaningful, measurable engagement loops. His games have been ranked in the top ten by traffic on Facebook, the top ten by revenue on the App Store, and as the Editor's Choice in the App Stores of over 70 countries.
Once breached at the endpoint, what does an attacker do? Where is he going? What does he want? The truth of APTs and advanced attacks is that they just don't want one machine - they want access to the heart of the organization. Since 1999, Microsoft has made the Windows Domain the heart of the network. Once accessed, it permits the attacker to control the organization - undetected and indefinitely. This is what the attacker wants. This webinar will discuss all moves an attacker can make to go from a compromised machine to achieve his goal from a statistical point of view; we will present the probability of detection and evidence-gathering for any move made along the way.
Roi is CEO and Founder of Javelin Networks, a post breach containment technology that focuses on stopping attackers from credential misuse and lateral movement after compromising a machine. Roi served in the Israeli Air Force at the OFEK unit where he worked on the security of the Israeli satellite launch, Arrow missiles and the Air Force drones. As a network and security engineer, he was influential in designing, developing, analyzing, implementing large enterprise communication networks, both nationally and around the world. Worked for four years as a Security consultant, leading ongoing projects at the Vatican and other military organizations.
With more than 250 million threats online in any given day, security for your business has never been more critical. These threats can cause loss of data and personal information with increased risk of identity theft. Windows 10 includes built-in protection to help keep you more secure with all new features in the Anniversary update.
Join this webcast to learn more about the two major new security features that launched with the Anniversary update:
- Windows Defender Advanced Threat Protection (WDATP) detects, investigates, and responds to advanced malicious attacks on networks by providing a more comprehensive threat intelligence and attack detection
- Windows Information Protection enables businesses to separate personal and organizational data and helps protect corporate data from accidental data leaks.
This webinar is part one of a four part series that examines how digital transformation enables you to outperform competitors.
Digital transformation occurs when a company adopts technologies and practices that change it from one that ships its software slowly and painfully to one that ships software quickly while, at the same time, improving its quality and mitigating risk. Businesses that embrace digital transformation outperform their competitors: they capitalize on disruption rather than allowing themselves to be disrupted. They deliver their software faster, with higher efficiency and lower risk. These advances can be quantified to prove their effectiveness.
This short-form webinar series invites you to participate in a discussion on how to implement digital transformation and which metrics demonstrate progress on your journey. The first part of our series, focuses on the overall challenges businesses face in the marketplace and how to gauge where you stand. Subsequent webinars will focus on specific measures that move transformation forward.
Join us to:
- Learn how industry trends shape your internal challenges
- Explore how companies have resolved tensions between central IT organizations and development teams
- Learn how to use industry metrics to determine where you should be focusing your efforts
- Participate in a virtual roundtable discussion where you can ask the questions most relevant to you
Who should attend:
- Director/VP of technology teams
- Technology executives
- Management seeking strategic alignment with business objectives
Increasingly, organizations worldwide are implementing open source security and license risk assessment capabilities early in the software development lifecycle when the cost to remediate issues is lowest. This webinar will demonstrate Black Duck Hub’s effectiveness in providing comprehensive risk assessments when used in combination with our Eclipse IDE plugin, Build Tool, and CI Tool integrations. Additionally, we'll review valuable new features in Black Duck Hub 3.5.
You’ll also learn:
- How to improve the accuracy of your open source inventory by leverage open source dependency discovery techniques for build tools and package managers
- Options for incorporating Hub scanning into your Continuous Integration environments
- How to track remediation tasks using the Hub-Jira integration
- How to streamline your component review process
- Use cases for scanning binary repositories such as Artifactory
By 2020, 92% of all business will rely on cloud infrastructure. The shift to cloud and virtualized environments is changing the nature of network borders, and creates a new frontier for cyber-attackers. How do security teams defend their organizations against emerging threats within the cloud and beyond?
Digital transformation is changing the business landscape for every organisation, with the way new technologies can unlock competitive advantage, enable efficiently, agility and enhance customer experiences. The cloud is where this innovation is happening and enabling this transformation, but when you take advantage of its possibilities, it’s crucial that you secure your cloud applications and workloads.
If you’re building applications or migrating workloads to the cloud, you’re probably like most organisations – trying to determine what security controls are needed, and how to integrate workload security without slowing down innovation or needing to add dedicated security staff – which these days is harder to find and more expensive to keep.
During this panel discussion you will hear from industry experts as they discuss what steps and considerations should be taken when moving to any cloud. Where are the responsibilities of security and how do you maintain visibility and control over your data, including:
- Why when moving business critical applications to the cloud you require a different approach to security?
- Best Practices for minimizing risk in your cloud adoption
- Filling the Cloud Security IT Skills Gap
- Managing the Challenges of the Cloud under EU GDPR
PKI used to be difficult to implement, and was seen as complex, labor intensive and expensive. The development of powerful credential management software has brought considerable improvements. It now does much of the manual work that used to be left up to the administrators saving them valuable time in the war against security threats. In our last webinar, we found almost 50% of those you voted cited the Internet of Things as the main driver for PKI. More connected devices and users will create a need for higher levels of security in all organizations as the number of possible threats and attacks increase.
For security professionals, implementing and modernizing their PKI systems will be crucial, keeping in mind not all PKI implementations are created equal. Some are inherently more complex, depending on the level and layers of security needed for within your organization. Following our previous PKI foundational webinar, this one will cover the elements you need to consider when designing a PKI environment.
Join us for the “PKI – Your Ally in the War Against Security Threats” to learn how you can maximize your organization’s security and the things you need to know to get started including:
•PKI use cases in an enterprise environment to secure access and protect data
•Budgeting for your PKI deployment of modernization
•Outlining the deployment size, scope and timeline
•Analyzing and reviewing current and/or future security policies
•Maintenance and administration of the PKI system
•Configuring and understanding certificate authorities
•Developing a scalable approach to prepare for future needs
•Addressing the protection of sensitive keys and the ecosystem integration
Today’s reality is that organizations will continue to be confronted by increasingly frequent and complex cyber threats. It’s not a matter of if your organization will be compromised, but when.
The Threat Lifecycle Management Framework (TLM) is a series of aligned security operations capabilities. It begins with the ability to see broadly and deeply across your IT environment and ends with the ability to quickly mitigate and recover from security incidents. The result? A reduction in your mean time to detect and mean time to respond without adding staff to accomplish the job.
In this webcast, Chris Martin, LogRhythm security expert, will explain what TLM is and demonstrate how the end-to-end security workflow helps reduce your mean time to detect and respond to cyber threats.
•The definition and details of the TLM framework
•How TLM enables you to sort through the noise to highlight and investigate concerning incidents
•How TLM works to streamline processes through automated workflow
•Specific use cases TLM can address to prevent major data breaches
Register now to learn how to enhance your threat detection and response capabilities with LogRhythm and Threat Lifecycle Management (TLM).
With over 1 billion monthly active users, Facebook Messenger is beginning to change the world for companies looking for ways to connect with, engage, and retain an unprecedented number of customers. And we’re guessing that’s probably you.
It’s all because of Messenger’s developer tools, which have leapt on the promise of bots for customer service and native payments without ever leaving the platform--and have thoroughly delivered on it. Users stay cozily inside the Messenger platform to play games, search, shop, pay, and more, meaning they’re fully engaged with your brand in multiple ways in a single brand context.
Facebook’s long-term plan: make Messenger the center of users’ lives. Your short-term plan: start positioning yourself to take advantage of this revolution in messenger tech innovation. Register for this free VB Live event now and learn how you can monetize Messenger.
In this webinar, you’ll:
* Understand the broader digital wallet strategy to connect with customers through chatbots
* Get valuable tips to spin chatbots into gold
* Learn the biggest mistake organizations are making with payments through Messenger
* Laura Knapp, Managing Director, SRAX Social, Social Reality
* Stewart Rogers, Director of Marketing Technology, VentureBeat
* Wendy Schuchart, Moderator, VentureBeat
Working in silos, while never a good idea, is a reality in many organizations today. Security and network operations teams have different priorities, processes and systems. Security teams use various controls and tools to mitigate different kinds of threats which provides them with thousands of alerts on a daily basis. They often find it difficult to prioritize the threats to address first. What they may not know is that there is a whole piece of the puzzle they could be missing - core network services like DNS, DHCP and IPAM. These can provide a wealth of information and context on threats, which can help prioritize response based on actual risk and ease compliance. Join Infoblox and (ISC)2 on February 23, 2017 at 1:00PM Eastern for a roundtable discussion on how to use ecosystem integrations between network and security tools for better security and compliance.
Ransomware is becoming a more prevalent problem and attackers are becoming more straightforward; not even bothering to masquerade as legitimate agencies anymore. You may be wondering what you can do. First we would encourage you not to pay and then put protection in place so you won’t be victimized again.
Join us to learn how Symantec Endpoint Protection 14 can help protect you from future ransomware attacks:
•What are your options if you’re a victim of ransomware
•Why Symantec Endpoint Protection 14 can address ransomware better than other solutions
•How Symantec technologies work together for maximum protection
And if that wasn't enough, watch Symantec's Endpoint Protection in action. We will share a demo with you that showcases the power of it's advanced technologies.
Watch On-Demand: SEP 14 Webinar Series Part 1 of 5: Addressing Unknown Threats with Advanced Machine Learning http://bit.ly/SEP14Series0126
À l’heure où 5 grandes entreprises sur 6 sont la cible d’attaques avancées, la protection des données est votre meilleure stratégie pour éviter de faire la une des journaux. En quoi consiste la protection des données ?
Lors de ce webcast, nos experts vous montreront les atouts des technologies Symantec pour mettre en œuvre une approche intégrée en :
- Limitant et contrôlant l’accès aux données aux seuls utilisateurs légitimes grâce à une authentification multifacteurs renforcée, quel que soit le périphérique utilisé, même un appareil personnel.
- Surveillant le flux des données où qu'elles se trouvent : dans le cloud, sur site, sur des appareils mobiles, ou sur un stockage à long terme.- Évitant les pertes de données par l'adoption de politiques de chiffrement ou de blocage des informations critiques avant qu’elles ne quittent le périmètre de protection.
Los puestos de trabajo y los dispositivos móviles son habitualmente los aspectos más olvidados en la estrategia de gestión de datos empresarial. Sin embargo, la información presente en ordenadores portátiles, de escritorio y dispositivos móviles es uno de los activos de mayor valor para la organización, pese a que potencialmente se encuentra en máximo riesgo. De acuerdo con IDC hay alrededor de 1.300 millones de trabajadores móviles hoy en día, pero tan solo la mitad de las empresas utiliza algún tipo de backup para puestos de trabajo.
La fuerza de trabajo móvil es cada vez mayor. Dichos usuarios manejan información fuera del dominio tradicional del departamento de TI y emplean soluciones de colaboración no corporativas. El coste potencial y el riesgo asociados al cumplimiento de la normativa y al eDiscovery, la necesidad de proteger el puesto de trabajo y de aportar soluciones de colaboración corporativas están claros y se encuentran en un punto de inflexión crucial.
Acompáñenos en este webinar, donde analizaremos:
- Cómo recuperar el control sobre lo que ocurre en los dispositivos móviles de los trabajadores
- Cómo mitigar los riesgos asociados con los ataques cada vez más frecuentes de ransomware
- Cómo aumentar la productividad con una plataforma segura para la compartición de archivos
Enterprises have generally responded to the security challenge, recognising that they cannot simply cross their fingers and hope to avoid a major cyber incident. Many have reached for the ‘big security technology catalogue’ and in the past couple of years we have seen increasing numbers of organisations setting out with the intention of deploying some form of SOC. While there is no getting away from the fact effectively deployed technologies and the integration of a well organised SOC can be part of the solution, very few organisations can actually set up and operate a form of SOC that will make a material difference. In this webinar, experts from Fujitsu will discuss the considerations that go into an effective SOC, identify common mistakes and recommend a SOC Strategy which is more likely to yield an improved security posture than blowing a massive budget on a ‘home-grown’ SOC.
Whether it is iOS, Android or Windows Phone, you can enable employees to be more productive and work flexibly on the go by supporting the smartphones, tablets and business applications they use on a daily basis. But what about the risks? Join me, Stephen McCormack from IBM MaaS360 as I take you step-by-step through the key challenges that mobile devices bring, and how you can easily act to ensure your organisation is protected.
Join fellow security executives for a roundtable discussion over the necessity and importance of staying secure in a dynamically evolving and competitive landscape.
The cyber resiliency assessments are based on the U.S. Department of Defense’s mission-critical procedures and Unisys’ commercial best business practices. They provide an unbiased 3rd party expert assessment of the client’s Incident Response Capabilities, deliver a Security Enhancement Playbook, and identify the gaps in their cyber defense network that leads to improved cyber resiliency.
These assessments provide leadership with:
- A deeper insight into the effectiveness of decision making
- Understanding of the vulnerabilities in their cyber defenses
- How to enhance adaptability to the unanticipated and the capacity to emerge from a crisis faster with less damage to profitability, brand and customer loyalty.
We will also discuss how crisis-preparedness exercises help your team experience real-world threat scenarios in order to assess the team’s ability to address, contain, respond and mitigate security threats.
Dante Disparte, CEO of Risk Cooperative
John Bone, Global Director of Cyber Resilience, Unisys
Ed Liebig, VP of Global Security, Professional Services, Unisys
Sidney Pearl, Global MSS Executive Architect, Unisys
Hackers don’t wear blaze orange. Sophisticated adversaries are targeting you, your employees and your data. Let’s face it, yesterday’s traditional security defenses leave you exposed and render your corporate network open terrain. Take the target and put it on the attacker’s back.
Join a panel of security experts: Jeremy Linden, Sr. Product Manager Cisco Umbrella, Dhia Mahjoub, Principal Engineer Cisco Umbrella, Craig Williams, Sr. Technical Leader, Cisco Talos, and Robert Simmons, Director of Research, ThreatConnect, for an inside look at how to identify attackers, stalk their internet infrastructures and disrupt cyber-criminals before they disrupt you. Hunt or be hunted.