Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Kevin Mitnick Hacks LinkedIn Two-Factor Authentication
    Kevin Mitnick Hacks LinkedIn Two-Factor Authentication Kevin Mitnick Recorded: Oct 19 2018 7 mins
    KnowBe4's Chief Hacking Officer, Kevin Mitnick, shows a two-factor authentication exploit based on a credentials phishing attack using a typo-squatting domain. Once the user falls for this social engineering tactic and enters their credentials, the 2FA token gets intercepted and it's trivial to hack into the LinkedIn account.
  • Sécurité des mobiles: quelles sont les stratégies mises en place par vos pairs ?
    Sécurité des mobiles: quelles sont les stratégies mises en place par vos pairs ? Hervé Doreau, Directeur Technique, et Benjamin Ménard, Consultant Avant-Vente Recorded: Oct 19 2018 27 mins
    Les entreprises de toutes tailles doivent faire face aux nouveaux risques liés à l'utilisation grandissante des mobiles et il leur est difficile de définir la meilleure stratégie pour protéger leurs informations sensibles.
    Au travers de cas d'usages concrets, nos experts vous proposent lors de ce webcast d'en savoir plus sur :
    - Pourquoi est-ce si important de sécuriser les appareils mobiles ?
    - Quelles bonnes pratiques de vos pairs pouvez-vous appliquer dans l'adoption d'une stratégie de protection des terminaux ?
    - Quelles sont les fonctionnalités primordiales d'une solution de sécurité des mobiles ?
  • Career Conversations w/ Kristen Judge, Cybercrime Support Network
    Career Conversations w/ Kristen Judge, Cybercrime Support Network Jessica Gulick, MBA | PMP | CISSP Recorded: Oct 18 2018 46 mins
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Guest: Kristin Judge, Author at LinkedIn Learning

    Kristin was elected to serve as a Washtenaw County Commissioner in 2008 and supported the U.S. Department of Homeland Security in growing cybersecurity outreach to state and local government officials. After elected office, she worked at the Center for Internet Security, focusing on connecting state and local governments to federal services and technology needed to improve cyber security.

    As Director of Government Affairs at the National Cyber Security Alliance (NCSA), Kristin worked with Google, FTC, FBI, SBA, DHS, NIST, congressional leaders and other key stakeholders across the country to educate consumers and businesses how to protect sensitive data.

    As a thought leader, Kristin has been seen on the C-SPAN Network, local news outlets and called on by technology publications like SC Magazine and Government Technology to share best practices for online safety; being named an SC Media “Women in IT Security Influencer” in 2017.

    In 2017, Kristin was chosen for the 3rd cohort in the Presidential Leadership Scholars program which is a partnership between the presidential centers of George W. Bush, William J. Clinton, George H.W. Bush, and Lyndon B. Johnson to bring together a select group of leaders who share a desire to create positive change across our Nation.

    To address the needs of cybercrime victims, Kristin recently founded the nonprofit Cybercrime Support Network to connect victims with federal, state and local resources in a coordinated manner.
  • FireEye Cyber Resilience Virtual Summit
    FireEye Cyber Resilience Virtual Summit Vasu Jakkal, Executive Vice President and Chief Marketing Officer, FireEye Recorded: Oct 18 2018 5 mins
    Executive Vice President and Chief Marketing Officer, Vasu Jakkal, shares what you can expect over the next three days of the Cyber Resilience Virtual Summit. Learn why the intelligence-led approach matters and what you need to know to prepare, defend and protect your organization from a breach.
  • A Truly Hybrid Cloud: Where Business Drives Technology
    A Truly Hybrid Cloud: Where Business Drives Technology Mark Vaughn, Director, Strategic Technology Group, Presidio Recorded: Oct 18 2018 45 mins
    Many hybrid cloud technologies are designed to allow different private cloud and public cloud technologies communicate with each other, while leaving the actual workloads in proprietary formats that are not portable.

    With Hybrid Cloud offerings like VMware Cloud on AWS, existing VMware environments can be extended to the cloud and create a truly hybrid model that allows workloads to easily move to where the business needs them.

    Mark Vaughn, Director of the Strategic Technology group at Presidio, will share his insights and expertise during this engaging talk.
  • Secure Active Directory in 4 Steps
    Secure Active Directory in 4 Steps David Philpotts Recorded: Oct 18 2018 36 mins
    Attend this session and you’ll learn 4 tried-and-true steps you can take to secure your Active Directory and learn how to spot & fix AD misconfigurations, identify, prevent, and investigate advanced AD attacks.
  • Profiting from Reserved Instances: An RI Guide for Service Providers & Resellers
    Profiting from Reserved Instances: An RI Guide for Service Providers & Resellers Todd Bernhard, CloudCheckr Product Marketing Manager, Marit Hughes, CloudCheckr Billing Solutions Architect/SME Recorded: Oct 18 2018 33 mins
    Welcome to CloudCheckr Webinars—where we learn how to use comprehensive cloud management in the modern enterprise, as a service provider, and in the public sector.

    In this webinar, service providers and resellers looking to maximize profits, automatically generate invoices, and control where charges and discounts are applied will find that CloudCheckr cost management fits the bill.

    We’ll focus on the benefits of Reserved Instances, commonly known as RIs. The major cloud providers—Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)—all offer a form of discount for customers who reserve computing power in advance. These Reserved Instances can result in savings of up to 75% compared to on-demand rates. For committed cloud users, RIs can be a great deal.

    Attend this webinar to learn how to use arbitrage and CloudCheckr Reserved Instance Purchase Recommendations, as a managed service provider (MSP), to increase profitability.
  • Solving The Cybersecurity Skills Shortage in Financial Institution
    Solving The Cybersecurity Skills Shortage in Financial Institution Todd Thiemann, Director Product Marketing - Arctic Wolf Networks Recorded: Oct 18 2018 40 mins
    Financial institutions face a daunting combination of cybersecurity threats and compliance requirements. IT teams at regional banks and credit unions have a relatively small staff but facing similar security and compliance burden to what larger, well-resourced financial institutions carry. How can small and mid-sized financial institutions counter sophisticated cyberthreats, provide monitoring and incident response needed for compliance, and do so with tight budgets that do not allow for staffing an elaborate security operations center? Managed detection and response provides a “force multiplier” to address all three issues.

    Attend this webinar and learn about:

    • Top cyberthreats facing financial institutions
    • Financial services compliance evolution, security monitoring and incident response
    • Differences between SIEM, SOC, and SOC-as-a-service
    • Monitoring on premises and cloud resources without adding headcount

    To gain insights on these challenges and how to solve them, save your seat now!
  • Let's talk about Cyber-security Standards of Practice with Fred Cohen
    Let's talk about Cyber-security Standards of Practice with Fred Cohen Fred Cohen, PhD. CEO of Management Analytics, Recorded: Oct 18 2018 79 mins
    This webinar, hosted by ITPG Secure Compliance and Certification Training, will be a practitioner oriented conversation about the latest Cyber-Security Standards of Practice and adoption models for CEOs and Information Security professionals . We will be joined by our guest contributor, Fred Cohen.

    Fred Cohen, in the mid 80s, created a Protection Posture Assessments methodology. It is available as open source in all.net and presents the Options and Basic components of standards of practice for enterprise information protection. The model provides overarching and specifics surrounding what we currently view as a reasonable and prudent approaches to addressing information protection for enterprises.

    ITPG Secure Compliance, a Cyber Security Boutique in Northern Virginia will be joined by Fred Cohen, to answer key questions for CTOs, CISOs, CIOs, Security Engineers, Analysts, and all other stakeholders interested in the topic of Cyber-security best practices.

    Fred Cohen has a long history of being ahead of the curve. He first defined the term "computer virus" and the invented most of the widely used computer virus defense techniques, led the team that defined the information assurance problem as it relates to critical infrastructure protection, did seminal researcher in the use of deception for information protection, is a leader in advancing the science of digital forensic evidence examination, and has been a top flight information protection consultant and industry analyst for many years. Along the way, he has started, grown, exited, and assisted in scores of companies, including Advanced Systems Protection, Mangement Analytics, Fred Cohen & Associates, Security Posture, The Radon Project, Fearless Security, TechVision Research, the Monterey Incubator, Can Do Funds, Angel to Exit, and many others.
  • It’s Everyone’s Job to Ensure Online Safety at Work
    It’s Everyone’s Job to Ensure Online Safety at Work AJ Nash, Global Head, Cyber Intelligence Global Security Office, Symantec Recorded: Oct 18 2018 44 mins
    Part 3 of 4: National Cybersecurity Awareness Month (NCSAM)

    As the lines between our work and daily lives become increasingly blurred, it’s more important than ever to be certain that smart cybersecurity is integrated into our lives.

    The focus will be on cybersecurity workforce education, training and awareness with specific focus on understanding adversary objectives and the best practices for thwarting some of the most common adversary actions.

    Please Join Us, Register Today
  • Cloud DevSecOps With Synopsys and AWS
    Cloud DevSecOps With Synopsys and AWS Binoy Das, Partner Solution Architect, Amazon Web Services; Dave Meurer, Partner Solution Architect, Black Duck by Synopsys Recorded: Oct 18 2018 55 mins
    Automation in the cloud can help you build faster and deliver continuously, but it can also make managing security a challenge. By integrating Black Duck by Synopsys with the development tools you use in Amazon Web Services, you can scan images in your container registry, automate build scans in your CI pipeline, and stay notified of any security vulnerabilities or policy violations found in your open source code.

    Join experts from Synopsys and AWS as we explore how to build applications and containers safely in the cloud without sacrificing agility, visibility, or control. In this hands-on webinar, we’ll demonstrate how to:

    - Get started with Black Duck and AWS
    - Build better solutions through open source intelligence
    - Use open source management automation and integration with AWS
  • Running a Secure Application Environment with Docker Enterprise Edition
    Running a Secure Application Environment with Docker Enterprise Edition Sergio Pineda, Director, Alliance Marketing at Docker Recorded: Oct 18 2018 62 mins
    This webinar focuses on how Docker can help you secure your application lifecycle on Microsoft Azure.

    Join us to review how you can leverage Microsoft Visual Studio Team Services (VSTS) to push images into the Docker Trusted Registry and using containerized VSTS build agents with the Docker Universal Control Plane.
  • Has Your Network Packet Broker Evolved with Your Infrastructure?
    Has Your Network Packet Broker Evolved with Your Infrastructure? Sam Kumarsamy, Senior Product Marketing Manager, Gigamon; Brandon Dunlap (Moderator) Recorded: Oct 18 2018 60 mins
    As your infrastructure has grown to include a mix of physical, virtual and cloud environments with increased network speeds and volume of data, so have the threats increased to your attack surface with more vectors to breach your organization. This challenges your network and security operation teams and tour traditional network packet broker needs to evolve from providing network visibility to also helping strengthen your security posture. Join Gigamon and (ISC)2 on October 18, 2018 at 1:00PM Eastern where we will examine the acquisition and aggregation of data from your physical, virtual and cloud infrastructure, filtering of traffic to provide the right data to the right tools, transforming your data with masking, header stripping and SSL decryption (TLS1.3) to ensure compliance, threat prioritization by providing context and bridging the gap between NetOps and SecOps.
  • How to Detect Cryptomining in your Environment with AlienVault
    How to Detect Cryptomining in your Environment with AlienVault Danielle Russell, Group Product Marketing Manager & Amy Pace, Principal Product Marketing Manager | AlienVault Recorded: Oct 18 2018 60 mins
    Cryptominers are built to turn computing power into revenue. To make cryptomining a profitable venture, cyber criminals are writing and distributing malware to steal computing resources to mine for cryptocurrencies like Bitcoin and Monero by attacking victims' endpoints, public cloud accounts, and websites. Through various attack vectors, cyber attackers can turn compromised systems into a silent zombie army of cryptocurrency miners. Unless you have advanced threat detection capabilities to detect crypto-mining activities on your endpoints, in the cloud and on premises, you might be unknowingly sharing your valuable computing resources with cryptomining criminals.

    Join this webcast to learn:

    - The what, why and how of cryptomining
    - How cryptomining can evade traditional antivirus and other security controls
    - Best practices and essential tools for detecting cryptomining quickly
    - How AlienVault Unified Security Management (USM) can alert you immediately of cryptomining activity

    Speakers: Danielle Russell, Group Product Marketing Manager
    Amy Pace, Principal Product Marketing Manager
  • Using Cloud Content Management to Improve Your Content Workflow
    Using Cloud Content Management to Improve Your Content Workflow Rand Wacker, VP of Product Marketing, Box Recorded: Oct 18 2018 43 mins
    Digital transformation is driving organizations to rethink the way they work. Businesses are under intense pressure to quickly swap old processes for new ones and do more with all the content that's the lifeblood of the business.

    Watch this webinar to learn how to effectively and securely manage your content flow with Cloud Content Management. We'll show you how easy Box makes it to collaborate from anywhere, simplify and streamlines processes, and securely integrate with existing applications — all from a platform that provides native security, governance and compliance.
  • Auditing Smarter – Not Harder
    Auditing Smarter – Not Harder Sajay Rai, CPA, CISSP, CISM Recorded: Oct 18 2018 61 mins
    Technology is omnipresent. Technology is helping businesses work faster, smarter and become more innovative. But the same technology is introducing more security risks. Organizations are deploying security technologies to mitigate the security risks and implement continuous monitoring of these risks. Audit departments within organizations are planning to conduct more technology audits than ever before. They are looking to automate their audits. They are looking for newer, smarter audit tools. But before we go any further to identify any new tools, let’s look at the same continuous monitoring tools already deployed within the organizations, which could help the auditors as well.
    The session will discuss the following areas:
    •Asset Inventory
    •Security Information Event Management
    •Identity and Access Management
    •Network Security
    •Mobile Device Management
  • The Future of FinTech - What to Expect at Money20/20 USA 2018
    The Future of FinTech - What to Expect at Money20/20 USA 2018 Claire Harrop (Freshfields Bruckhaus Deringer), Robert Prigge (Jumio), Peter Spee (AEVI), Tony Raval (IDMERIT) Recorded: Oct 18 2018 60 mins
    With the worlds largest FinTech event coming up next week, we've gathered some of the elite speakers who will be taking the stage and debating the hottest topics and the biggest challenges that the Financial Services world is currently facing and the latest Fintech innovations.

    What will they be talking about in Las Vegas on the 21-24 of October 2018, what do they want to hear about, what are they looking forward to?
  • The 1/10/60 Challenge: Stopping Breaches Faster
    The 1/10/60 Challenge: Stopping Breaches Faster Brandon Dunlap, Moderator, (ISC)², Zeki Turedi, Technology Strategist EMEA, CrowdStrike Recorded: Oct 18 2018 58 mins
    Breakout time, the time that it takes an intruder to jump from the machine that’s initially compromised and move laterally through your network, on average is 1h and 58m*. This is your critical window to take action and stop the breach. When an attack is in progress, we’re seeing world leading security teams take one minute to detect it, 10 minutes to understand it and one hour to contain it. Is your organisation ready to meet the 1/10/60 minute challenge?

    Attend this webcast to learn:

    -What breakout time is and what it means for defenders that are responding to attacks in real time
    -How the incident response process unfolds and the barriers that keep organisations from mounting a rapid and efficient response
    -The key steps you can take to improve your organisation’s ability to rapidly detect, investigate and remediate threats
  • The Implications of the 2018 UK Corporate Governance for Risk Managers
    The Implications of the 2018 UK Corporate Governance for Risk Managers Mark Butterworth Recorded: Oct 18 2018 51 mins
    Following significant revisions to the FRC’s UK Corporate Governance Code in 2018, Risk Managers should consider how they should respond to the key features of the new Code. In parallel with assessment of the implications of the updated FRC Guidance on Board Effectiveness, this webinar will review the headline features: managing risk culture, the role of the Board in governance and risk, the importance of stakeholders in risk assessment and why Risk Managers should focus on Board effectiveness evaluations. Setting risk management in the context of more demanding governance requirements will bring greater recognition, but is also more challenging.
  • Reimagine Data Governance: Data Governance. Meet Data Security.
    Reimagine Data Governance: Data Governance. Meet Data Security. Andy Joss, Head of Solutions & Data Governance, Steve Holyer, Solutions Specialist, Informatica Recorded: Oct 18 2018 59 mins
    With organizations collecting an ever-increasing volume of data, the risk of a data breach or falling foul of a regulator is also increasing. Data security, privacy and protection is fast becoming a “must have” requirement within many data programs.

    Organizations are starting to realize that there are potentially great synergies in having a much closer understanding of their data from both a governance and security viewpoint. Add in Artificial Intelligence and automation for remediation, together these capabilities are proving to be significant allies in the continuous battle of cyber-security and enabling Data Governance programs.

    This webinar explores how these two worlds can now better understand the role that each has to play, in supporting and protecting their organization.

    As part of the Reimagine Data Governance series of webinars, Informatica will demonstrate how having a closer relationship between the worlds of governance and security can enhance existing data use and data security capabilities. And how you, in taking that holistic approach, can provide governed and protected data to achieve key business outcomes.
  • How to Build Smarter Recommendation Engines with a Graph Database
    How to Build Smarter Recommendation Engines with a Graph Database Joe Depeau, Neo4j Recorded: Oct 18 2018 43 mins
    Real-time recommendations are at the core of digital transformation in any business today. Whether you’re building features such as product, content or promotion recommendations, personalised customer experience, or re-imagining your supply chain to meet growing customer demands, you’re facing challenges that require the ability to leverage connections from many different data sources, in real-time. There’s no better technology to meet these challenges than a native graph database technology such as Neo4j.

    This webinar will cover the fundamentals of building recommendation engines with a graph database. We will discuss typical architectures, give a demonstration of Neo4j in action, and go over some of our top use cases of recommendation engines for companies such as Walmart, eBay, and more.
  • Ensuring Data Security in Hybrid and Multi-Cloud Environments
    Ensuring Data Security in Hybrid and Multi-Cloud Environments Simon Keates, Business Development Manager, Thales eSecurity Recorded: Oct 18 2018 41 mins
    Chris Ogilvie interviews Simon Keates, Thales eSecurity Business Development Manager, EMEA on “cloud” - the biggest growth area of technology investment this year.

    Companies are increasingly reliant upon multi-cloud or hybrid cloud to meet specific workload and needs. However, these multi-faceted environments come with advanced threats in the form of security gaps which exploits individuals and organisations. In addition, embracing cloud environments brings challenges around data control, complex security policies and compliance reporting.

    Join Chris and Simon for the second in our series of “coffee break” webcasts when they will discuss:

    a) How can enterprises reduce security gaps in the cloud without affecting their business efficiency?
    b) How are organisations maintaining effective security whilst adopting new digital technologies to improve agility, customer engagement and support business growth?
    c) How does BYOE (Bring Your Own Encryption) alleviate the core issues of security, control and compliance and can it be applied to the common public cloud environments cost-effectively?
    d) How can enterprises regain control of their data security?
  • 人工智能在網絡領域的影響
    人工智能在網絡領域的影響 蕭松瀛, Nicholas Hsiao, FireEye 技術顧問 Recorded: Oct 18 2018 48 mins
    人工智能(AI)為企業提供了更好的方法來保護他們的系統,但它也為黑客提供了更好的方法來破壞這些系統。 企業需要了解AI在依賴網絡防御之前如何影響網絡安全。
    Nicholas Hsiao 北亞技術顧問將會討論有關人工智能系列的第二單元:
  • Data Virtualization: Key Foundation of a Cloud-First Strategy
    Data Virtualization: Key Foundation of a Cloud-First Strategy Kevin Moos, Eric Greenfeder, Jay Livens Recorded: Oct 17 2018 58 mins
    As more organizations adopt a cloud-first strategy, the task of migrating high-volume transactional workloads presents a unique set of challenges, particularly in handling the large amounts of data involved. Join Primitive Logic and Actifio as we discuss the most pressing challenges around transactional data migrations … and the solutions that can help address them.

    You will learn:
    The unique challenges in migrating transactional data to the cloud
    How to handle data for applications with both on-prem and cloud components
    How to approach transactional data as part of a multi-cloud strategy
    How data virtualization helps resolve issues of security, governance, multi-cloud coordination, and more
  • FireEye Global Threat Response – How we Protect the World
    FireEye Global Threat Response – How we Protect the World Tim Wellsmore, Director, Government Security Programs, Mandiant International, a FireEye Company Oct 22 2018 2:00 am UTC 75 mins
    Most approaches to the global cyber security problem are usually focused locally inside separate organisations, who struggle to look out across the global landscape and effectively respond. National responses from government capabilities can be challenged by capacity and jurisdiction to truly understand the global threat environment, and to effectively respond. This presentation will highlight how FireEye utilises its various capabilities and threat focused teams from all parts of the business to build a cohesive global detection and response capability for the biggest global threats.

    This presentation will outline how we tactically respond within our internal capability teams, and across our customer base of 67 countries and how we keep the media, our customers and our government partners informed on the latest information. How we scale quickly to respond to WannaCry or NotPetya to ensure our Community Protection mandate is relentless maintained is an impressive story. This presentation will highlight how our FireEye technology arm and FireEye's subsidiary companies of Mandiant and iSight work seamlessly together in a global cyber threat event to bring our best against the world's most advanced cyber threat actors.
  • What Executives Should Know about Cyber AI
    What Executives Should Know about Cyber AI Claudio Scarabello Director Product, APAC FireEye Inc Oct 22 2018 6:00 am UTC 60 mins
    Artificial intelligence (AI) is a transformative technology that provides organizations with better cyber defense tools but also helps adversaries improve methods of attack. Organizations need to understand how AI will impact cyber security before they rely on it for their defenses.
    Watch this webinar as we discuss:
    • How AI tools can be used for offensive and defensive purposes in the cyber domain
    • Changing geopolitical landscape as threat actors develop and implement AI capabilities
    • Enhancement of a businesses’ defensive capabilities through AI technology
    • How FireEye uses machine learning to bolster its internal defenses and tools
  • Your breach readiness master plan: take the sting out of a cyber attack
    Your breach readiness master plan: take the sting out of a cyber attack Judith Moore, Director & Partner, FleishmanHillard Fishburn; Mark Deem, Partner, Cooley; Mike Trevett, UKI Director, Mandiant Oct 22 2018 10:00 am UTC 60 mins
    With numerous market-leading companies making negative data breach headlines this year, and attackers constantly evolving their techniques, tactics and procedures, it seems there’s no longer a case of ‘if’ an organisation will be breached, but instead ‘when’.

    “Do you know how your team will respond to and remediate a cyber-attack?”, is an increasingly pertinent question that all C-suite leaders should be able to answer—and more importantly, have a role in finding that answer to ensure their organisation’s cyber-security posture and incident response (IR) plan is built for success.

    Join and contribute to the conversation as Judith Moore, Director & Partner, Corporate and Crisis at FleishmanHillard Fishburn, Mark Deem, Partner at Cooley LLP and Mike Trevett, UKI Director at Mandiant discuss:

    •How to identify security maturity improvement areas before, during and after a breach
    •Why constantly-evolving threats require organisations to periodically revisit their crisis communication plans
    •What actions organisations should take to ensure they can effectively protect their reputation in the event of a breach
    •Which key strategic communication tactics should be considered when reporting a breach
  • Cyber Security in Today's IoT World
    Cyber Security in Today's IoT World Parnian Najafi Borazjani, Senior Analyst, FireEye Oct 22 2018 11:00 am UTC 45 mins
    IoT devices have become a mainstream part of our lives. IoT devices are no longer just consumer devices, rather they are interwoven in different parts of corporations.

    The August 2016 Mirai botnet attack has shown that security in IoT is required to have overall security. The lack of security in IoT devices not only affects users, but also affects the society in a larger scale. Manufactures of these devices need to follow a set of guidelines to ensure secure developments and deployments.
    Moreover, device consumers such as corporations should be aware of their attack surface.

    Join us for a live webinar as we address the top security and privacy issues in IoT devices, the threats that are targeting them and recommendations for possible solutions.
  • Cloud Strategy & Improving Your Enterprise Security Posture in 2019
    Cloud Strategy & Improving Your Enterprise Security Posture in 2019 Sushila Nair (NTT DATA Services) | Yonatan Klein (AlgoSec) | Diana Kelley (Microsoft) Oct 22 2018 5:00 pm UTC 60 mins
    This keynote panel is part of Cloud Month on BrightTALK.

    Join this keynote panel of security and cloud experts as they discuss:
    - The most prevalent security risks and challenges and how to contend with them
    - Your cloud strategy and how it affects your overall security posture
    - How to extend network security to the cloud
    - Areas for automation
    - Best practices on how to secure your enterprise in 2019

    - Sushila Nair Sr. Director Security Portfolio, NTT DATA Services
    - Diana Kelley, Cybersecurity Field CTO, Microsoft
    - Yonatan Klein, Director of Product, Algosec
  • Evolving to an Intel-led Security Organization
    Evolving to an Intel-led Security Organization Nigel Gardner, MGM Resorts Intl., Joseph O’Laughlin, FireEye; Jason Tuininga, FireEye Oct 22 2018 6:00 pm UTC 60 mins
    Threat intelligence has the power to enhance an organization’s security effectiveness, improve its time-to-response, and reduce business risk. No matter where an organization is on the continuum of security operations maturity, threat intelligence can provide significant value. The question is, what is the best way to maximize that value? What advantages can you gain through simple process or technology changes to ensure that you’re ready to respond quickly to the threats that matter? Come hear from our experts about what threat intelligence can do for you, and hear from a FireEye customer who has made this journey, transforming its security operations to be intelligence-led.
  • Addressing Today’s Cloud Attack Vectors
    Addressing Today’s Cloud Attack Vectors Joe Leonard, CISO, Presidio Oct 22 2018 7:00 pm UTC 60 mins
    During this session, we will discuss today’s cloud attack vectors and the potential impact there could be on your organization’s data.

    -How are these attack vectors exploited by an adversary?
    -What can you do to prevent these types of attack?
    -How are cloud security controls maturing to address these concerns?

    We will discuss what security controls can be put in place to reduce the attack vectors surface and minimize the risk to your organization.
  • Inside an Enterprise Breach in a Public Cloud Environment
    Inside an Enterprise Breach in a Public Cloud Environment Sam Bisbee, CSO, at Threat Stack Oct 22 2018 9:00 pm UTC 46 mins
    With the visibility provided by the Threat Stack Cloud Security Platform®, the Threat Stack Security team has the unique ability to observe user, system and file trends across cloud infrastructure, to see how bad actors are attempting to exploit it. Over the past year, the team has observed strong evidence of increasing sophistication of public cloud attacks. Although simpler methods, like exploiting S3 buckets or utilizing mass botnet activity, are still popular as ever, attackers are increasingly using multi-step attacks to traverse infrastructure in search of sensitive customer information and company crown jewels.

    In this session, Threat Stack CSO Sam Bisbee will walk through the steps of a recent customer breach while discussing trends in the rising sophistication of public cloud actors and how to monitor your own infrastructure for these threats.
  • Are you Ready to Handle a Cyber Crisis?
    Are you Ready to Handle a Cyber Crisis? Rob van der Ende, VP APJ, Mandiant, a FireEye company & Mimi Yang, Senior Foreign Legal Consultant Ropes & Gray Oct 23 2018 3:00 am UTC 60 mins
    How prepared are you and your organization to respond to a data breach?
    Executives and their teams in PR/Communications, Cybersecurity, IT, (external) Legal Counsel, and others, should all be intimately aware of the Breach Response Plan and practice their tasks regularly through a Cyber Breach Simulation, or Tabletop Exercise.

    Ropes & Gray and Mandiant have joined forces to help you evaluate your organization’s ability to respond effectively to a cyber incident before it occurs. The Tabletop Exercise uses gameplay techniques to assess your cyber crisis processes, tools and proficiency from legal, governance and technical perspectives. During the exercise, multiple scenarios based on real-world experience are simulated in a roundtable environment, allowing Ropes & Gray to provide concrete legal advice to your organization based on the results, including advice on potential enhancements to your organization’s cyber breach and incident response preparedness that Mandiant and Ropes & Gray identify through the exercise.

    About Ropes & Gray
    Ropes & Gray privacy & cybersecurity attorneys have advised and assisted clients in responding to cyberincidents of multiple shapes and sizes, including many of the largest incidents in history, and apply that extensive background to counsel clients on cybersecurity incident preparedness.

    About Mandiant
    Mandiant, a FireEye company, has over 14 years of near-daily interaction with organized, persistent attackers and threat groups around the world. Mandiant consultants spend hundreds of thousands of hours annually working with organizations of all sizes to remediate security breaches, identify vulnerabilities and provide guidance on closing security gaps.
  • Applying AI to Unstructured Content
    Applying AI to Unstructured Content Anthony Tate, Head of Product Marketing EMEA Box & Mike Schwartz, Senior Product Marketing Manager, Box Oct 23 2018 9:00 am UTC 47 mins
    AI and machine learning technologies are rapidly maturing and becoming more enterprise ready — but 83% of organisations don't yet know how to leverage AI/ML in their business.

    Join us to learn how the new Box Skills makes all your business-critical unstructured content easier to find, organise, manage and protect by automating mundane processes to get to your most impactful work faster.

    During this live webinar you'll learn how you can:
    - Use Box Skills to manage and tap the potential inside unstructured content like videos, photos, audio and more
    - Reap the value from your unstructured content — without recruiting a team of data scientists to build AI/ML from scratch
    - Apply ML to your content to increase employee productivity, improve customer experience, accelerate or automate business processes, and mitigate risks
  • AppSec: Les Erreurs à éviter – Les Cinq Principales Mauvaises Pratiqu
    AppSec: Les Erreurs à éviter – Les Cinq Principales Mauvaises Pratiqu Nabil Bousselham, Architecte Solutions chez CA Veracode Oct 23 2018 9:00 am UTC 45 mins
    Malgré une augmentation de 25% des attaques au niveau de la couche applicative (Akamai), les entreprises continuent à sous investir dans ce domaine. La raison de cette négligence est due aux manques de compétence en sécurité applicative et à la complexité des taches liées à la création d’un programme App Sec. Au cours de ce webinaire les experts du programme de sécurité de CA Veracode partageront des exemples, des cas d’usages et des retours d’expériences.

    Nous présenterons notamment le parcours AppSec allant d’un environnement peu sécurisé jusqu’à la mise en place d’un programme aboutit. Nous exposerons les meilleures façons de collaborer entre équipes sécurité et développement afin d’harmoniser les programmes de sécurisation applicatives.

    Rejoignez-nous pour ce webinaire (en direct) au travers duquel Nabil Bousselham, Architecte solutions chez CA Veracode, couvrira notamment les sujets:

    • Comment pour prioriser les applications selon leur niveau de criticité

    • Comment pour suivre la politique de sécurité efficacement

    • Comment pour Établir des rapports significatifs et exploitables

    • Comment pour travailler avec les équipes de développement pour intégrer la sécurité dans les premières phases du SDLC

    • Comment pour harmoniser et construire un écosystème sécurisé
  • SSL Decryption - the pro’s, the con’s and best practices
    SSL Decryption - the pro’s, the con’s and best practices Fred Streefland, Chief Security Officer Northern and Eastern Europe and Marco Vadrucci, Systems Engineer Oct 23 2018 9:00 am UTC 45 mins
    Join Fred Streefland, Chief Security Officer and Marco Vadrucci, Systems Engineer from Palo Alto Networks for this exclusive Cybersecurity Webinar focusing on ‘The Pros and Cons of SSL Decryption.’

    During the webinar Fred and Marco will discuss how Secure Sockets Layer Decryption (SSL) (and its successor Transport Layer Security (TLS)) is designed to protect the privacy and security of sensitive communications across an internal or external network.

    During this webinar you'll learn:

    •SSL, its benefits and growth
    •Challenges of encryption
    •How Palo Alto Networks can provide visibility and control across encrypted SSL channels

    Register Now and join us on Wednesday October 10th at 10:00am. We’re looking forward to seeing you there.
  • Automate the Dreaded Task of Software Asset Management
    Automate the Dreaded Task of Software Asset Management Gary Paquette, CTO, Mike Schmitt, Sr Director Product Marketing, Karen Hutton, Sr Director of Marketing, at Nlyte Oct 23 2018 9:00 am UTC 31 mins
    Nlyte’s Gary Paquette uncovers how you can automate discovery, management, and reporting with Nlyte Software Optimizer agentless software.

    What you will learn from the webinar:

    - Organic installation and distribution of software
    - Lack of visibility in current and new deployments
    - Matching databases to physical and virtual
    - Reconciliation between required services versus installed
    - Inaccurate systems, too many systems and files
  • Top 10 Security Recommendations for Public Cloud Migration
    Top 10 Security Recommendations for Public Cloud Migration Dejan Stanic - Consulting Engineer Cloud EMEA at Palo Alto Networks Oct 23 2018 10:00 am UTC 45 mins
    Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the case then, the speed of adoption often means that “good enough” security is viewed as acceptable.

    With the underlying premise that the public cloud is someone else’s computer, and an extension of your network, this session will cover public Cloud security concerns, what the shared security responsibility model really means and recommendations for protecting your public Cloud workloads and data.
  • How to Elevate Security as a Boardroom Priority
    How to Elevate Security as a Boardroom Priority Simon Moor, Director, Northern Europe, FireEye; Duncan Brown, Associate VP, European Infrastructure & Security, IDC EMEA Oct 23 2018 10:00 am UTC 60 mins
    Despite the continued focus on security and cyber-risk, most organisations demonstrate poor alignment between the business and security in the consideration of risk. This disconnect can start right at the beginning of a business process, where security is often not involved early enough (or at all) in strategic projects. Boardroom visibility of security threats is often weak, while the nature of security threats means that a continuous reassessment of risk is required, but rarely occurs.

    This webinar explores the gap between security and business risk, and examines the opportunities for alignment in Digital Trust, as a prerequisite for digital transformation.
  • Advanced Data Privacy: Attacks & Defences
    Advanced Data Privacy: Attacks & Defences Theresa Stadler, Data Scientist, Privitar Oct 23 2018 10:00 am UTC 24 mins
    Sensitive information about individuals can be recovered from different types of data releases, including aggregate statistics or machine learning models. This session will address the privacy risks in publishing analysis results and introduce data privacy techniques to defend against them.

    Theresa Stadler, Data Scientist at Privitar, will explain differencing and reconstruction attacks on simple summary statistics such as count tables, along with discussing the privacy risks of supervised machine learning.

    Some of the takeaways of the session include:

    - Reasons to be concerned about the privacy of training data

    - The attacks on machine learning models that can occur and what private information about individuals in the training data can be recovered

    - A simple example of a black-box privacy attack on a classifier, a common machine learning model

    - An introduction to the differential privacy framework that functions as a privacy-enhancing technology to defend against the attacks introduced
  • Risk Management for Infrastructure
    Risk Management for Infrastructure Graham Nicol Oct 23 2018 10:00 am UTC 75 mins
    Join us on this webinar to listen to Graham Nicol present on why an effective and dynamic risk management framework is vital for the successful delivery of large projects, programmes or portfolios within an Infrastructure capital asset delivery environment. This webinar covers how to communicate the need and associated benefits of risk management to employees, delivery partners and stakeholders, how best to identify and assess risk (qualitatively and quantitatively), when to apply appropriate quantitative techniques, whilst challenging schedule integrity standards to support a QSRA. All of which should inform proactive decision making that aligns to projects/organisations risk culture.
  • Enriching Your Security Product Stack With The Power of IPAM and DNS
    Enriching Your Security Product Stack With The Power of IPAM and DNS Lindsay Drabwell, (ISC)² EMEA, Gary Cox, Infoblox, Alastair Broom, Logicalis Oct 23 2018 11:00 am UTC 60 mins
    Today’s enterprise network has a vast number of network and security devices – all generating their own incidents, but they don’t always share information. According to the ESG research report on Security Operations Challenges, Priorities and Strategies in 2017, keeping up with the volume of security alerts and lack of integration between different security tools are the biggest challenges related to security. Organizations are investing heavily in automation/orchestration of incident response to improve collaboration, prioritize alerts and shorten time for incident response.

    This webinar will discuss how integration of different network and security tools can:
    •Provide better visibility across your entire network and remove silos
    •Improve agility and automate IT workflows
    •Enable faster remediation to threats

    Please join Infoblox and Logicalis for this key discussion on the integrated ecosystem -- taking your organization to the next level of security.
  • Security in the Cloud: Identity Management, Access Control and Authentication
    Security in the Cloud: Identity Management, Access Control and Authentication Emma Bickerstaffe, Senior Research Analyst and Benoit Heynderickx, Principal Analyst, ISF LTD Oct 23 2018 12:00 pm UTC 45 mins
    Organisations increasingly rely on cloud services, motivated by the benefits of scalability, accessibility, flexibility, business efficiencies and reduced IT costs. However, there are several security implications that organisations need to address, including the challenge of verifying identity and managing access to cloud services.

    Cloud services bring added complexity to identity and access management, exacerbated by the distribution of data across a myriad of applications accessed by users from multiple devices and locations. Failure to adequately implement user authentication and access control in the cloud can be exploited by attackers to gain access to users’ credentials, manipulate systems and compromise data.

    In this webinar, Senior Research Analyst Dr Emma Bickerstaffe and Principal Analyst Benoit Heynderickx will discuss identity management, access control and user authentication in the cloud environment, and consider how organisations can effectively tackle this security concern.
  • Migrating to the Cloud with Automation
    Migrating to the Cloud with Automation Omer Ganot, Product Manager, AlgoSec Oct 23 2018 1:00 pm UTC 60 mins
    83% of enterprise workloads will be in the cloud by 2020. Migrating the storage and compute is the easy part. Migrating the SECURITY is the part that you have to get right – unless you don’t care about outages and cyberattacks. Don’t struggle with application connectivity and management of cloud security controls. Automate the entire process and get it right.

    In this webinar, Omer Ganot, Product Manager at AlgoSec, provides technical insight and best practices for discovering, mapping and updating network security policies to provide a smooth application migration that assures proper operation and security.

    This webinar will cover:
    • Automatic discovery of existing application-connectivity requirements
    • Automated analysis of changes necessary for migrating application-connectivity to the cloud
    • Automatic execution of the required changes of all the security constructs – on-premise and in the cloud
    • Maintaining complete and ongoing visibility across the entire network topology and security constructs, including:
    o On-premise firewalls and routers
    o Cloud security controls
    o Virtual traditional firewalls deployed in the cloud
  • Cloud Security Trends and Best Practices for 2019
    Cloud Security Trends and Best Practices for 2019 Dave Klein (GuardiCore) | Prof Avishai Wool (Algosec) | Fred Streefland (Palo Alto Networks) Oct 23 2018 3:00 pm UTC 60 mins
    As more corporate data moves to the cloud, the new challenge is to efficiently manage security in both the cloud and on premises. How are organizations coping and what are the solutions they should be employing?

    Join this keynote panel of security and cloud experts as they discuss:
    - Cloud security challenges today
    - Extending network security to the cloud
    - Security policy management in the cloud
    - Security automation
    - Best practices and recommendations for improving your enterprise security posture
    - Future trends in cloud security

    - Dave Klein, Sr. Director Engineering & Architecture, GuardiCore
    - Prof Avishai Wool, CTO & Co-founder, Algosec
    - Fred Streefland, Chief Security Officer North & East-Europe (NEEUR), Palo Alto Networks