Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Climbing the Corporate Ladder… in (Tasteful) High Heels Climbing the Corporate Ladder… in (Tasteful) High Heels Jo Stewart-Rattray (BRM Holdich) & Theresa Grafenstine (US House of Representatives) Recorded: Feb 16 2017 62 mins
    For many years, women have represented roughly half of all university graduates. Yet, there is a lingering imbalance of women that progress to senior leadership positions.

    Join two industry trailblazers, Jo Stewart-Rattray, the first woman to serve as CIO with responsibility for both operational and business IT in the Australian utilities space and Theresa Grafenstine, the first woman to serve as the Inspector General of the US House of Representatives, as they discuss how they cracked through the proverbial glass ceiling.

    Attendees will get practical advice on becoming a trusted advisor, building your personal brand, joining the “Old Boys Club,” and the art of gaining influence.

    Jo and Theresa will also reflect on their careers and share lessons learned on the bumps and bruises they encountered along the way with “What they wished they knew 20 years ago…”

    At the end of what will surely be a spirited discussion, attendees will have a chance to pose questions to these two role models who blazed a trail for women in the IT profession.
  • Long-term Data Retention: Challenges, Standards and Best Practices Long-term Data Retention: Challenges, Standards and Best Practices Simona Rabinovici-Cohen, IBM, Phillip Viana, IBM, Sam Fineberg Recorded: Feb 16 2017 61 mins
    The demand for digital data preservation has increased drastically in recent years. Maintaining a large amount of data for long periods of time (months, years, decades, or even forever) becomes even more important given government regulations such as HIPAA, Sarbanes-Oxley, OSHA, and many others that define specific preservation periods for critical records.

    While the move from paper to digital information over the past decades has greatly improved information access, it complicates information preservation. This is due to many factors including digital format changes, media obsolescence, media failure, and loss of contextual metadata. The Self-contained Information Retention Format (SIRF) was created by SNIA to facilitate long-term data storage and preservation. SIRF can be used with disk, tape, and cloud based storage containers, and is extensible to any new storage technologies. It provides an effective and efficient way to preserve and secure digital information for many decades, even with the ever-changing technology landscape.
Join this webcast to learn:
    •Key challenges of long-term data retention
    •How the SIRF format works and its key elements
    •How SIRF supports different storage containers - disks, tapes, CDMI and the cloud
    •Availability of Open SIRF

    SNIA experts that developed the SIRF standard will be on hand to answer your questions.
  • Logistics Analytics: Predicting Supply-Chain Disruptions Logistics Analytics: Predicting Supply-Chain Disruptions Dmitri Adler, Chief Data Scientist, Data Society Recorded: Feb 16 2017 47 mins
    If a volcano erupts in Iceland, why is Hong Kong your first supply chain casualty? And how do you figure out the most efficient route for bike share replacements?

    In this presentation, Chief Data Scientist Dmitri Adler will walk you through some of the most successful use cases of supply-chain management, the best practices for evaluating your supply chain, and how you can implement these strategies in your business.
  • Access control for Subversion and Git Access control for Subversion and Git Doug Robinson Mar 2 2017 6:00 pm UTC 60 mins
    Enterprise development teams are frequently working with multiple types of SCM repositories, such as Git and Subversion. Git does a solid job handling source code; Subversion does a solid job handling binary artifacts and is likely where many older projects' full histories reside. Managing both Subversion and Git repositories together is quite a challenge. Join us to learn how to make it easy.
  • Keeping Applications Compliant and Secure Using ARA Keeping Applications Compliant and Secure Using ARA Keith Puzey, CA Technologies Recorded: Feb 16 2017 25 mins
    Are you burdened with regulatory mandates that require the proper compliance controls and audit trails? Do last-minute security updates hold-up your application releases—or more problematic, have you missed security patches that impacted the business?

    In this 30-minute webcast:
    -Discover what it means to shift your security thinking left and incrementally improve security as part of your continuous delivery practice.
    -Learn how you can apply the right levels of governance, gain end-to-end transparency and ensure full auditability of your releases.
    -See how an Application Release Automation (ARA) solution like CA Release Automation enables you to deliver applications with the agility and speed required by your business while enabling you to stay in control.

    At the end of this webcast, you’ll have insights into how to mitigate digital risks as you apply continuous delivery practices.
  • NIST 800-171 Protect CUI or Risk Losing Federal Business NIST 800-171 Protect CUI or Risk Losing Federal Business David Kim. ITPG Secure Compliance. Principal Consultant and SVP | Governance Risk and Compliance Mar 23 2017 5:00 pm UTC 60 mins
    Federal contractors that process, store or transmit what’s called Controlled Unclassified Information have until December to implement new, more stringent security guidelines to protect that information. Chances are your organization already meets some of the requirements, but it’s unlikely that you meet them all. Join us to identify what’s new, what’s not, what you have to do and how to assess the impact.
  • Evolution of Traditional Investigations and Modern Forensics Evolution of Traditional Investigations and Modern Forensics Bill Hickman, COO of CSI Corporate Security and Investigations Inc. and Peter L. Mansmann, president of Precise, Inc., a lit Recorded: Feb 16 2017 57 mins
    The use of web enabled devices has profoundly changed the world we live in. The average American now spends upwards of 10 hours per day in front of some form of electronic medium. More and more, the smart phone is becoming the device of choice to communicate, get news/information, and share social information on a real time basis. This is how people navigate through today's world and has had a significant behavioral impact as a result.

    Internal Auditors can benefit greatly from understanding how to best integrate this new wealth of information in their audits and investigations. The future of both audits and investigations will need to rely more on technology but cannot neglect the impact and role of the “human element”. Points of particular interest include:
    •social media searches to identify where someone has been and plans to be,
    •location enabled services identifying where someone's phone (and presumably they) have been,
    •devices and apps measuring and sharing individual’s mobility and activity,
    •the trend towards this data going directly to the public cloud, and
    •the emergence of the "internet of things".
  • SAP Indirect Usage costs more than you think. Learn how to avoid financial risk. SAP Indirect Usage costs more than you think. Learn how to avoid financial risk. Brian Skiba, Dan Kirtley Recorded: Feb 16 2017 41 mins
    SAP customers are becoming increasingly exposed to financial risk through audits, particularly where third party applications and add-ons indirectly access and use SAP data.

    This type of access is known as Indirect Usage.

    In this webinar, we explain how some of the recent amendments to SAP’s terms and conditions might lead to further exposure for your organization. You will learn how to efficiently highlight activity in the SAP system to identify where Indirect Usage may be taking place and what to do about it.

    Don’t walk your organization into a hefty audit fine! Make sure that you’re fully prepared and reduce your exposure to a minimum.
  • Transformation für mehr Sicherheit durch Sichtbarkeit Transformation für mehr Sicherheit durch Sichtbarkeit Kristian von Mejer, Strategic Account Director – Germany Recorded: Feb 16 2017 42 mins
    Kommt es Ihnen so vor, als hätten die Angreifer den Vorteil zunehmend auf ihrer Seite? Es gibt immer öfter Berichte über erfolgreiche Cyberattacken und Datenverluste, obwohl die Ausgaben für Sicherheitsmechanismen ebenfalls steigen. Der Schutz muss verbessert werden und dabei ist der erste Schritt mehr Visibilität.
    In unserem Webinar zum Thema Transformation für mehr Sicherheit durch Sichtbarkeit zeigen wir Ihnen, wie Sie in drei Schritten Ihr Netzwerk sicherer machen:

    • See: Erkennen Sie jedes Endgerät, sobald es sich mit dem Netzwerk verbindet. Dabei spielt es keine Rolle, ob Firmengerät, BYOD oder Endpunkte aus dem Internet der Dinge (IoT) – alle Devices werden ohne den Einsatz von Agenten erkannt
    • Control: Verwalten Sie Netzwerkzugriffsrechte für Gerätegruppen auf Basis von festgelegten Sicherheitsrichtlinien. Zudem können kritische Endpunkte automatisch bewertet und gesichert werden
    • Orchestrate: Teilen Sie Informationen mit bestehenden Sicherheitslösungen und automatisieren Sie Arbeitsprozesse durch die Extended Modules von ForeScout
  • Taming the "God" User Taming the "God" User Amar Singh and Joseph Carson Recorded: Feb 16 2017 60 mins
    Privileged IT users hold significant power in an organisation. They can delete, change or read emails and create, reset or change user accounts amongst other things. In many cases the privileged user can easily bring a business to its knees.

    Businesses may be aware of the scale of the privileged insider threat but efficiently managing these users often remains an aspiration. Join Amar Singh in this interactive webinar as he talks to privileged management expert Joseph Carson and discusses how you can expertly manage your privileged users.

    Cyber Management Alliance's webinars are highly interactive and have a higher than normal user interaction during the webinar. So, sign-up now and take this opportunity to ask, learn and share.
  • Denken Sie über die DSGVO hinaus – Integrieren Sie Ihre Cyberabwehr Denken Sie über die DSGVO hinaus – Integrieren Sie Ihre Cyberabwehr Alexander Peters, Robert Arandjelovic Recorded: Feb 16 2017 64 mins
    Wie verhindern Sie, dass die DSGVO lediglich zu einem lästigen Kostenfaktor für Ihr Unternehmen wird? Indem Sie die Verordnung dazu nutzen, Ihre Strategien für Informationssicherheit und Datenschutz zu überarbeiten.


    Die DSGVO beruht auf dem Prinzip einer guten Daten-Governance. Wenn Sie sich dieses Prinzip zu eigen machen, können Sie die Verordnung nicht nur leichter einhalten, sondern auch andere geschäftliche Risiken mindern. Ein Fokus, der sich auf eine solide, langfristige Datenschutzstrategie richtet, bringt laufende Vorteile mit sich, zumal Cyberbedrohungen und Datenschutz zu den größten Risiken für Unternehmen zählen. Wenn Sie Informationsschutz und Sicherheit in Ihren DSGVO Plan einbeziehen, können Sie vorhandene Infrastruktur nutzen und sich auf die wichtigsten Verbesserungsbereiche konzentrieren.

    Hören Sie sich an, was die Teilnehmer unserer Diskussionsrunde zu den Hürden zu sagen haben, vor denen Unternehmen am häufigsten stehen, und erfahren Sie, wie die Integration von Technologie dabei helfen kann, diese zu bewältigen. Das Webinar bietet einen grundlegenden Überblick über die Bestimmungen der DSGVO, erläutert einen Ansatz für die Ausarbeitung Ihres Plans und erörtert die Vorzüge verschiedener Technologien zur Verbesserung des Datenschutzes. Außerdem werden die weiteren Auswirkungen aufgezeigt, insbesondere im Hinblick auf Sicherheitskultur und Prozessgestaltung, um die erfolgreiche Umsetzung Ihrer Strategie zu gewährleisten.
  • Think beyond GDPR – Integrate your cyber defences Think beyond GDPR – Integrate your cyber defences Sunil Choudrie & Robert Arandjelovic Recorded: Feb 16 2017 64 mins
    How do you stop GDPR becoming just a burden to your business? By using it to fundamentally review your information security and data privacy plans. Why?

    As GDPR is based on the principal of good data governance, adopting that mindset will not only ease your ability to comply, but reduce other business risks. A focus on a robust, long term, data protection strategy will deliver ongoing benefits, particularly as cyber threats and data protection are cited as top risks to organisations. Encompassing information protection and security, within your GDPR plan will allow you to utilise existing infrastructure allowing to focus on the key improvement areas.

    Join our panel to hear their views on the most common hurdles organisations face, and how integrating technology can help you overcome these. The webinar will provide a basic overview of the GDPR regulations, identify an approach you can take to develop your plan and discuss the merits of different technologies in improving data protection. The panel will also identify the wider implications, particularly regarding security culture and process design to ensure successful implementation of your strategy.
  • 5 Ways to Improve IT Service Delivery While Reducing Cost 5 Ways to Improve IT Service Delivery While Reducing Cost Stephen Mann, Independent ITSM Blogger, Writer, and Presenter Recorded: Feb 15 2017 48 mins
    For a corporate IT organization to create business value, then it needs to focus on things beyond the IT infrastructure, including: understanding customer needs and wants; delivering high quality services, support, and customer service; and effective financial stewardship.

    Attend this webinar for practical help with five opportunities to improve how corporate IT organizations are run, and the value they ultimately provide to their business, across:

    1.Exploiting automation
    2.Improving service desk performance while reducing costs
    3.Redefining services through BRM and service portfolio management
    4.Better IT asset management
    5.Financial management that focuses on the right things
  • Bridging the Data Silos Bridging the Data Silos Merav Yuravlivker, Chief Executive Officer, Data Society Recorded: Feb 15 2017 48 mins
    If a database is filled automatically, but it's not analyzed, can it make an impact? And how do you combine disparate data sources to give you a real-time look at your environment?

    Chief Executive Officer Merav Yuravlivker discusses how companies are missing out on some of their biggest profits (and how some companies are making billions) by aggregating disparate data sources. You'll learn about data sources available to you, how you can start automating this data collection, and the many insights that are at your fingertips.
  • Mainframe Security 101: What Your CISO Needs To Know Mainframe Security 101: What Your CISO Needs To Know Jeff Cherrington, Senior Director of Mainframe Security Product Management, CA Technologies Recorded: Feb 15 2017 59 mins
    The mainframe is mission essential in the application economy and hosts the majority of the world’s corporate data, processes over 2.5 billion mobile transactions per day and touches 55% of all applications. And while the connected mainframe drives significant business value, it also brings sophisticated threats and looming regulations along with it.

    Join Jeff Cherrington, Senior Director of Mainframe Security Product Management at CA Technologies for an overview of the mainframe security landscape, examine how the mainframe fits into the overall enterprise security strategy, and best-practices on how to secure the most sensitive and regulated data in the business - from access control to data protection to compliance.
  • Best Practices for Protecting Your Applications on Azure Best Practices for Protecting Your Applications on Azure Vince Bryant, Cloud Platform Partner Executive Recorded: Feb 15 2017 35 mins
    Microsoft Azure is experiencing enormous growth as an increasing number of organizations turn to Azure to more easily launch and scale applications and services, and achieve the benefits of using the cloud. Azure offers several native platform capabilities and services to help ensure these workloads are secure, easy to manage, and able to scale to meet demand. Organizations are rethinking their approach to securing these dynamic environments, not because cloud platforms are insecure themselves, but because the vast majority of legacy on-premises security products and strategies do not work for cloud workloads. 

    Join Alert Logic team member Vince Bryant, Cloud Platform Partner Executive, for an in-depth webinar where we will discuss best practices for securing applications running on Azure and in multi-cloud deployments, including: 

    • Five things you must consider when securing applications running on Azure or multi-cloud deployments 
    • Tips for addressing your responsibilities in the Microsoft Azure Shared Security Model 
    • Case study: Learn how Bentley Systems addressed customer and compliance requirements in their multi-cloud deployments
  • Automation for Check Point R80 & Rule Decommissioning Automation for Check Point R80 & Rule Decommissioning Amnon Even Zohar, Director of Cloud Product Management & Maya Malevich, Director, Product Marketing Tufin Recorded: Feb 15 2017 40 mins
    For many enterprises 2017 will be the year they start automating security changes for increased agility across their hybrid network.
    Tufin is ready to provide policy-based automation across legacy and next generation networks, physical FWs and cloud platforms.
    Join us to learn about the enhancements in Tufin Orchestration Suite R16-4:
    •Policy-based automation for Check Point R80
    •End-to-end automation for rule and server decommissioning
    •Built-in enforcement of cloud tag policy
    and much more.
  • Spotlight on EMEA:Unlock the full potential of BitLocker – with SecureDoc On Top Spotlight on EMEA:Unlock the full potential of BitLocker – with SecureDoc On Top Ben Thirlby, Corporate Account Manager Recorded: Feb 15 2017 33 mins
    As the simplest way to mitigate risks, many organisations are opting to deploy the Full Disk Encryption (FDE) capabilities built into their operating systems as an enterprise standard. For enterprises dominated by the Windows OS, experts highly recommend that to get the most out of BitLocker, organisations should consider a third party BitLocker management solution. So take 30 minutes with WinMagic’s Corporate Account Manager, Ben Thirlby, and learn how to achieve more robust security from your BitLocker deployment.

    Key Learnings:
    1.Why you should support a multi-OS or BYOD environment within one solution
    2.How you can reduce the current pressures on your help desk and IT Admins
    3.Discover how an intelligent key management solution can simplify your encryption needs, from deployment to compliance
  • DDoS Threats of Past, Present and Future DDoS Threats of Past, Present and Future John Ellis, Chief Strategist, Cyber Security (APJ), Akamai & Michael Smith, Chief Technology Officer, Security (APJ), Akamai Recorded: Feb 15 2017 62 mins
    The Fourth Industrial Revolution is in all full swing with the Internet at its core. While the Internet is connecting everyone and everything it also connects us to a variety of nefarious threat actors, who have found ways to exploit and monetize many aspects of our digital world. In recent times, one area has been DDoS, which has become one of the top cyber threats du jour.

    In this webinar, you will learn:

    - Historical developments in the DDoS threat landscape
    - How criminal operators are building out their botnets – discover, infect, operate and maintain
    - Technical examination of new botnet trends such as the Mirai IoT botnet
    - Architectural concepts and design for DDoS mitigation solutions - covering cloud and data centre environments
    - Response strategies to defending and responding to DDoS attacks
    - Predictions for future and next steps.

    Join Akamai and (ISC)² on Feb 15 (Wed) at 13:00 (Singapore time) and learn about the DDoS threats of past, present and future.

    - John Ellis, Chief Strategist, Cyber Security (Asia-Pacific & Japan), Akamai
    - Michael Smith, Chief Technology Officer, Security (Asia-Pacific & Japan), Akamai

    - Clayton Jones, Managing Director, Asia-Pacific, (ISC)²
  • Strategies for Successful Data Preparation Strategies for Successful Data Preparation Raymond Rashid, Senior Consultant Business Intelligence, Unilytics Corporation Recorded: Feb 14 2017 33 mins
    Data scientists know, the visualization of data doesn't materialize out of thin air, unfortunately. One of the most vital preparation tactics and dangerous moments happens in the ETL process.

    Join Ray to learn the best strategies that lead to successful ETL and data visualization. He'll cover the following and what it means for visualization:

    1. Data at Different Levels of Detail
    2. Dirty Data
    3. Restartability
    4. Processing Considerations
    5. Incremental Loading

    Ray Rashid is a Senior Business Intelligence Consultant at Unilytics, specializing in ETL, data warehousing, data optimization, and data visualization. He has expertise in the financial, manufacturing and pharmaceutical industries.
  • Tech Demo - Simplify SecOps with Single-Dashboard Monitoring Tech Demo - Simplify SecOps with Single-Dashboard Monitoring Cheryl O'Neil - Dir. Prod. Mktg.; Kedar Dhuru - Sr. Prod. Mgr.; Ido Tzang - System Architect Recorded: Feb 14 2017 39 mins
    Managing data security across a distributed enterprise – deployed on-prem or in the cloud – is a daunting task. Imperva has powerful centralized management and reporting solutions that unify and streamline security operations to simplify distributed management. This webinar will provide an overview of SecureSphere MoM, providing visibility into system wide performance and problem areas by aggregating performance and status metrics for individual MX Management Servers, Gateways and Agents in a single dashboard view.
  • What’s Next In Securing Identities? Key Identity & Access Management Trends What’s Next In Securing Identities? Key Identity & Access Management Trends Danna Bethlehem - Director, Product Marketing, Identity Protection Recorded: Feb 13 2017 43 mins
    Over the past year, we have seen data breaches shift towards identity-based breaches, targeting personal information of either employees or consumers. The access to the information is used to craft and construct highly organized attacks on enterprises and is a growing contributor to identity theft. The problem is compounded by the convergence of personal and work place identities, ultimately creating major security challenges for companies.

    Our 2016 Authentication and Access Management survey found 90% of enterprise IT professionals are concerned that employee reuse of personal credentials for work purposes could compromise security. During the webinar, we’ll be discussing this and other trends in the strong authentication and access management market, including:

    - The status of the two-factor authentication market and what we can expect in the years to come
    - The enterprise risk issues of using social media credentials to access to corporate resources
    - The role the cloud is playing in the enterprise especially as it relates to single sign on and application management and access
    - The ongoing challenges enterprises cite as barriers to mass adoption of a mobile workforce
  • The Unique Challenges of Protecting Cloud Assets The Unique Challenges of Protecting Cloud Assets Chris S. Smith, Product Marketing – Cloud and MSP, CyberArk Software, Adrian Davis, Managing Director, (ISC)² EMEA Recorded: Feb 10 2017 62 mins
    This session is targeted at IT and security leaders and is designed to help them understand and address the unique challenges that enterprises typically face when they deploy their applications in the public cloud. It summarize the areas that the public cloud vendors typically take care of and highlights the areas that the enterprise and application owners are typically responsible for. With a focus on managing privileged accounts in the cloud environment the session addresses challenges and solutions for securing application to application sharing and communications, elastic, hybrid and DevOps environments. While the focus is on public cloud many of the best practices and learnings will also be applicable to private cloud environments.