Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • A Proactive Prevention Strategy to Reduce Risk
    A Proactive Prevention Strategy to Reduce Risk
    Andrew Homer, VP Business Development Recorded: Jan 17 2020 40 mins
    Despite the increased security investments and proliferation of new infosec tools, the damage caused by cyber breaches continues to worsen. Meanwhile, the adversary plays by their own rules and evade detection by studying a static environment. They’ve had the luxury to decide when, where and how to attack, while organizations continue to remain in a reactionary defensive state.

    This session looks at the most common methods used to bypass detection. It will also discuss how to combat against the adversary advantage with simple proactive approaches to prevention. Finally, it presents recommendations to reduce risk, including a look at innovative technologies with Moving Target Defense to prevent advanced threats fileless attacks and zero days.
  • Spotting and Defending Against Common Business Email Compromise Tax Scams
    Spotting and Defending Against Common Business Email Compromise Tax Scams
    Erich Kron, James McQuiggan Recorded: Jan 17 2020 49 mins
    Tax season is upon us, which makes this prime time for hackers to target your unsuspecting users with the latest Business Email Compromise (BEC) scams. From evolved W2 fraud to tax-related spear phishing, cybercriminals capitalize on the first quarter of each new year with smarter, craftier attacks designed to convince your users to provide confidential information, authorize wire transfers, or enable malicious files.

    In this webinar Erich Kron and James McQuiggan, KnowBe4 Security Awareness Advocates, discuss the new types of BEC scams you can expect to see, what your users should be on alert for this tax season, and how to protect your organization from these evolved threats.

    You will learn:
    - Real-world examples of the latest BEC attacks
    - Common targets within your organization and techniques used to trick them
    - Red flags your users need to know now to spot BEC attacks
    - How to educate your organization so you don’t fall victim

    Don't let your organization become a statistic this tax season! Join our experts to find out how to stop the bad guys before it's too late.
  • Cortex XDR 2.0 - Neue Funktionen & Öffnung der Cortex-Plattform für 3rd Party Fi
    Cortex XDR 2.0 - Neue Funktionen & Öffnung der Cortex-Plattform für 3rd Party Fi
    Dirk Thelen und Bastian Schwittay Recorded: Jan 17 2020 49 mins
    Security Teams stehen heutzutage vor gewaltigen Herausforderungen - in Silos agierende Sicherheitssysteme generieren Unmengen von Alarmen ohne den notwendigen Kontext, um Angriffe schnell und umfassend erkennen, verstehen und stoppen zu können. Cortex XDR setzt diesem Dilemma einen neuartigen Ansatz entgegen, der auf der Analyse reichhaltiger, integrierter Daten über Endpunkte, Netzwerk und Cloud hinweg basiert - als erste XDR-Plattform für sichere Prävention, automatisierte Erkennung und schnelle Untersuchung und Eindämmung von Cyberangriffen.

    In diesem Webinar stellen Ihnen Bastian Schwittay und Dirk Thelen vor, wie die neue Version 2.0 von Cortex XDR mit der Einbindung von Daten aus Drittquellen, einem vollkommen neuen Device Control-Modul und umfassend verbessertem Benutzerinterface einen weiteren Meilenstein erreicht und die Messlatte für XDR ein weiteres Mal erheblich höher gelegt hat. Außerdem geben wir Ihnen einen Einblick in die neue Lizenzierung.
  • Success Story: Learn how Apria Healthcare gains unmatched asset intelligence
    Success Story: Learn how Apria Healthcare gains unmatched asset intelligence
    Dave Ochoa, Manager of Information Security Operations & Senior Director of User Support, Janet Hunt Recorded: Jan 16 2020 4 mins
    Learn how Apria Healthcare secures 10,000+ laptops, desktops, and tablets and stays compliant with industry regulations by using Absolute software.

    - Persistent security controls:
    Apria Healthcare is a leading provider of home respiratory services and certain medical equipment, with over 400 locations and 8,000 employees throughout the United States.

    In this interview, Senior Director of User Support, Janet Hunt, discusses the unique differentiator that Absolute offers: protection from the BIOS. The result is superior, more accurate asset tracking.

    The team at Apria Healthcare has visibility into the status of every device, with a persistent connection that cannot be seen or removed by the user. As Dave Ochoa, Manager of Information Security Operations, says, “I can’t protect what I don’t know exists”.

    - Proving compliance:
    In cases of lost or stolen devices, Absolute acts as a kind of insurance policy. The InfoSec team presents regulators with a full profile of the device, including its location, encryption status, other controls, and a list of freeze or wipe commands if the device goes back online.

    Absolute records a snapshot of each device every fifteen minutes, which Apria Healthcare can provide to auditors as proof of a full history of protection.

    - Visibility and control:
    Absolute has transformed how Apria Healthcare manages its devices, and how it keeps sensitive patient data secure.

    Janet Hunt summarizes the partnership by saying, “If Absolute were to disappear, I would retire because I would have no idea where anything was. That was the greatest thing about bringing Absolute in.”
  • Ransomware Hostage Rescue Manual
    Ransomware Hostage Rescue Manual
    Erich Kron, David Littman Recorded: Jan 16 2020 55 mins
    It is estimated that a business falls victim to a ransomware attack every 40 seconds, adding up to a projected $11.5 billion in damages for this year. As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks.

    So, how can your organization avoid getting held hostage? Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware.
  • SkyStem: Perfecting the Close Checklist
    SkyStem: Perfecting the Close Checklist
    Nancy Wu, Sales and Customer Support, SkyStem Recorded: Jan 16 2020 55 mins
    [Live Recording] It's time to spruce up the close checklist! Join us in this webinar where we will revisit best practices as well as practical tips to help improve the financial close process. Whether you have a close checklist, a close calendar, or even if you are still forming a close process, these practices will surely help your period-end close.

    Please note: CPE credit not available for this playback
  • Hybrid Multi-cloud Infrastructure for Modern App Delivery
    Hybrid Multi-cloud Infrastructure for Modern App Delivery
    Dave Potter, Senior Solutions Architect at Citrix, and Robin Manke-Cassidy, Director of Networking and Security Product Marke Recorded: Jan 16 2020 57 mins
    IT transformation, cloud, and new application development methods are changing the face of application delivery infrastructure. These new infrastructures require flexibility, security, and operational efficiency to uncover the true value to the business.

    We will discuss the changes driving infrastructure architects to evaluate the application delivery networking and provide a clear strategy on successfully migrating your business to a modern app delivery for hybrid multi-cloud and Cloud Native environments.
  • Not sure where to start with data privacy? Build a Privacy Center of Excellence.
    Not sure where to start with data privacy? Build a Privacy Center of Excellence.
    Bob Welshmer, Senior Sales Engineer Recorded: Jan 16 2020 12 mins
    Who in your organization needs to use sensitive data? Who manages it? Who defines acceptable levels of data privacy for different uses? Who ensures those levels are achieved every time? If you’re unsure, chances are you’re not utilizing your data to its fullest potential.

    Enter: the Privacy Center of Excellence, a team of executive members, policy implementers and data consumers who work together to find the balance between data utility and data privacy.

    Join Privitar’s Solutions Engineer, Bob Welshmer, to find out what it takes to set up a high-functioning Privacy Center of Excellence.

    Join this session to learn:
    · Who the main players are in the Privacy Center of Excellence
    · Roles and responsibilities in the Privacy Center of Excellence
    · How the Privacy Center of Excellence players work together to maximize data utility while maintaining privacy
  • Deep Dive into Ansible Network Resource Module - Network Automation
    Deep Dive into Ansible Network Resource Module - Network Automation
    Trishna Guha, Red Hat Recorded: Jan 16 2020 45 mins
    A “Resource Module” is defined as a specific discrete network function mapped to a single Ansible module. This session will shed light on how resource module benefits Network Operators/Developers/Architect by returning common payload and tunable output to match the life cycle phase of the playbook, therefore building consistency and transparency. It introduces new state operations and facts integration. The module eases Brownfield device onboarding by returning facts in the similar shape as the respective resource module’s argspec.

    In this presentation we will be doing deep dive with demonstration into the following:

    - Why Resource Module.
    - What a Resource module is.
    - How a playbook with resource module and new states looks like.
    - What common payload resource module returns.
    - How facts is integrated with the module.
  • Data Privacy and Data Protection | Cybersecurity Insights Series
    Data Privacy and Data Protection | Cybersecurity Insights Series
    Director of Security Strategy | Absolute Recorded: Jan 16 2020 8 mins
    Data Privacy is today's greatest challenge for IT and security teams, and with 35% of sensitive data out-of-sight on endpoints, there has never been a stronger need for persistent endpoint visibility and control.

    > DATA PRIVACY EXPLAINED
    Data privacy is a big concern for individuals and organizations alike. The EU’s General Data Protection Regulations (GDPR) has brought the topic to the forefront of society’s collective consciousness recently.

    People have always been conscientious about their personal privacy; however, with The Digital Transformation of our world, who we are has become a collection of individual pieces of data called Personally Identifiable Information (PII). And our PII is everywhere. Business, government, school, research, and even friend-to-friend interactions, all happen in the digital sphere making our data easily accessible and open to exploits by cybercriminals.

    > DATA PRIVACY LAWS
    Learn how the laws designed to protect the privacy of personal information.
    - The EU’s General Data Protection Regulation (GDPR),
    - Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
    - In the US: HIPAA (for health information) and S-P and S-ID statutes for financial records, enforced by the SEC. There is also the California Consumer Privacy Act (CCPA). But no national privacy standard. Yet.


    > DATA PRIVACY TIPS
    Thwart attackers and stay audit-ready with these three steps:
    1. See everything
    2. Analyze the risk
    3. Apply rapid response


    Learn tips and strategies for maintaining data privacy and data protection with confidence.
  • How to Lower Your AWS Bill with RIs, AWS Savings Plans, and Spot Instances
    How to Lower Your AWS Bill with RIs, AWS Savings Plans, and Spot Instances
    Todd Bernhard, CloudCheckr Product Marketing Director Recorded: Jan 16 2020 30 mins
    Amazon Web Services now offers a discount model called AWS Savings Plans. This program offers flexible pricing for EC2 Instances and AWS Fargate in exchange for a usage commitment (dollars/hour) over a set time period of 1 or 3 years.

    With this resource purchasing model now on the table, businesses are comparing Reserved Instances (RIs) vs AWS Savings Plans to find out which model offers the deeper discount and whether that makes sense for their global investment strategy. In this webinar, we cover the use cases for RIs, AWS Savings Plans, and Spot Instances, and how they impact your overall cloud cost optimization efforts.

    Join CloudCheckr’s Director of Product Marketing, Todd Bernhard for “How to Lower Your AWS Bill with RIs, AWS Savings Plans, and Spot Instances”. Understand how to use RIs vs AWS Savings Plans to lower our cloud bill, the percentage discounts you actually receive, and where Spot Instances fit into the picture.
  • Millennialization of the Mainframe and Beyond
    Millennialization of the Mainframe and Beyond
    Jeff Cherrington, VP, Product Management, Systems, ASG Technologies Recorded: Jan 16 2020 51 mins
    The mainframe market is experiencing a generational shift among its infrastructure support professionals. Those who extend to the earliest days of the mainframe have reached the point where they will no longer be part of the day-to-day workforce and millennials are emerging as the new mainframe mavens.

    The mainframe remains a critical component of the IT Infrastructure for many enterprises and, whether in-house, outsourced to a GSP, or in zCloud, the transitioning workforce requires changes to the tools, utilities and applications used to perform functions such as Performance Management and JCL Configuration.

    Join this ASG webinar to learn more about what these unavoidable changes mean for the user experience administering the mainframe, and how that experience can be provided.
  • A Strategic Approach to IoT Security Best Practices and Standards
    A Strategic Approach to IoT Security Best Practices and Standards
    Brian Russell, Co-chair, CSA IoT Working Group & Gonda Lamberink, Global Senior Business Development Manager, UL Recorded: Jan 16 2020 50 mins
    The market for IoT products continues to expand, with increased quantities of devices being integrated into consumer and business networks.  These products are turning into always-on services that incorporate cloud connectivity and expose many points of interconnection.  Automation is beginning to take hold on top of this layer of pervasive connectivity and users are becoming ever more reliant on workflows enabled by these systems. Even as the reliance on IoT systems continues to increase, manufacturers are still not getting cybersecurity right.  There are still far too many instances where even basic security controls are not enforced in IoT products.  This is concerning especially given the adoption of safety-critical and health-critical devices being introduced onto the market, and growing risk of data breaches and related security compromises next to an increasing prevalence of botnets and large-scale automated, distributed attacks. 

    As the future unfolds, the ‘attack surface’ will only grow larger and the public will be put at increasing risk if strategic changes do not occur immediately.  To this extent, UL and the Cloud Security Alliance (CSA) have partnered to better understand the current state of IoT cybersecurity regulations, standards and best practices through primary research.  Our aim is to identify gaps in coverage that could lead to deployment of insecure IoT services and systems.  In this webinar, we will share the results of that research and discuss our strategic approach to fixing the current state of IoT security based on constant collaboration between industry stakeholders, government agencies and enterprise users.
  • Building a Vulnerability Management Program
    Building a Vulnerability Management Program
    Erik Wille, Director, Information Security – Penske Automotive Group Recorded: Jan 16 2020 60 mins
    Join Erik in talking about building a thriving vulnerability management program that focuses on improving business risk through refocusing efforts on the vulnerabilities that matter most.
    Vulnerability Management is one of the most important, but least sexy, components of an Information Security program coming in at number 3 on the CIS Top 20. Despite its criticality, many organizations fail to get a program off the ground leading to low hanging fruit for attackers. Overwhelming volumes of vulnerabilities, lack of asset visibility and missing foundational components to support a vulnerability program are just a couple of reasons programs fail.
    Erik will take this time to offer ideas on how to build a sound foundation for and standup a program along with where to focus your time to avoid boiling the ocean.
  • How to Shorten Recovery Times with Cyber Protection for Manufacturing IT Systems
    How to Shorten Recovery Times with Cyber Protection for Manufacturing IT Systems
    James Slaby, Ryan Davis Recorded: Jan 16 2020 63 mins
    Learn how manufacturers can leverage cyber protection to tackle downtime.

    The manufacturing industry suffers punishing downtime costs: $260K/hour, according to industry research. Worse, it faces an army of cybercriminals trying to exploit its vulnerabilities for profit. Aging process control systems and antiquated data protection regimens further add to manufacturing tech staffs’ worries.

    Learn how to effectively defend against new malware menaces like ransomware and cryptojacking, and deliver quick recovery even for your process control servers that cannot easily be patched or upgraded. Review our insightful, complimentary webinar: “Cyber protection for the manufacturing industry”.

    For even more information about how Acronis Cyber Backup can fit into your manufacturing IT needs, visit our resource page https://www.acronis.com/en-us/s/lp/business/manufacturing-backup/
  • Security Policy Automation for Your SDN Fabric with Tufin R19-3 GA
    Security Policy Automation for Your SDN Fabric with Tufin R19-3 GA
    Hadas Lahav, Roi Alon Product Management & Sigalit Kaidar, Product Marketing, Tufin Recorded: Jan 16 2020 46 mins
    Enterprises are adopting SDN in order to align network operations and network security with the needs of the business. As networks become too complex to manage securely and effectively, many of them seek a central solution that offers visibility, compliance and automation within the SDN fabric and beyond – across the hybrid network.

    Tufin provides superior visibility and automation for the leading SDN platforms, and Tufin Orchestration Suite R19-3 GA complements essential capabilities. Join the webinar to learn about the highlights of this release, including:
    •Complete support for VMware NSX-T to ease the adoption and migration from NSX-V
    •Superior visibility and path analysis for Cisco ACI – within and beyond the fabric
    •Enhancements to zero-touch automation across vendors and platforms
  • 5 identity fraud predictions for 2020
    5 identity fraud predictions for 2020
    Dimi Radu - Senior Document Specialist | Simon Horswel - Senior Document Specialist Recorded: Jan 16 2020 49 mins
    Our document specialist team are our frontline against fraud. They analyse both genuine and fake documents from all over the globe to identify and highlight their weaknesses and strengths, so we can outfox the fraudsters.

    Following our 2019 Fraud Index, our experts look forward and sharing their predictions for 2020 in the world of identity fraud. Join us to learn what security threats and attack vectors will be making waves next year, what they expect to see more (and less of), and how you can protect yourself and your business.
  • Real-Time Corporate Investigations
    Real-Time Corporate Investigations
    Stuart Clarke Recorded: Jan 16 2020 58 mins
    Employee misconduct and unethical behaviour can have devastating effects on a company, from loss of revenue, to reputational damage, the burden of paying settlement costs and resulting fines, additional regulation, and even total closure of the company. In the age of corporate scandal, where malicious individuals or groups put organisations' entire viability at stake, a multi-faceted, real-time approach to threat detection and investigation is critical.

    Join this webinar to learn about common challenges facing corporate investigators, the impact of evolving and proliferating data, and why malicious insider actions are so difficult to detect. Plus, see a demo of the Nuix Investigation solution, where we'll cover how Nuix can:
    - monitor and review user activity and behaviour,
    - conduct incident remediation,
    - perform endpoint search and seamless collection, and
    - enable simultaneous, collaborative case analysis across teams and disciplines

    ...all in real time.
  • Cloud Backup Case Study: How the Uni. of Leicester Overcame Backup Challenges
    Cloud Backup Case Study: How the Uni. of Leicester Overcame Backup Challenges
    Mark Penny - Systems Specialist of Leicester University Recorded: Jan 16 2020 35 mins
    Join us to hear how the University of Leicester designed a new backup architecture increasing data availability and reducing complexity whilst significantly saving in storage space and reducing cost using on-premises object storage as a backup target.
  • Protecting the Edge with Forcepoint
    Protecting the Edge with Forcepoint
    Dr. Chris Boorman, Security Evangelist, Forcepoint & Mike Smart, Director Product Marketing, Forcepoint Recorded: Jan 16 2020 9 mins
    The traditional security perimeter is no longer! Organisations are adopting cloud services and mobile working and looking for better ways to protect their distributed office environments.

    Join security evangelist, Chris Boorman, and Director of Product Marketing Mike Smart as they look at the new world of Edge protection and how Forcepoint combines networking and security services to offer flexible protection for users and data everywhere.
  • TIBCO's take on Master Data Management
    TIBCO's take on Master Data Management
    Voiceover by Darrin Shimizu, Creative Director, TIBCO software Recorded: Jan 15 2020 5 mins
    When evaluating new technologies, it’s important to understand the assumptions a vendor used when developing their solution, and if it matches the challenges you’re facing. If there’s commonality, it’s a good indication the solution is a fit.

    This is one big reason why TIBCO always provides its point of view on your big challenges—and for master data management, it’s no different. In this short video, get an overview of our point of view on critical issues and success factors, and how we help address these challenges with TIBCO EBXTM software.

    Learn why MDM:

    Should be multidomain by default

    Must value business user adoption as a critical success factor

    Requires effective stewardship and governance processes
  • The 5 Challenges of Hybrid Reality
    The 5 Challenges of Hybrid Reality
    Chris Veith - Director of Strategic Alliances at OneLogin; Kelvin Brewer - CISSP, CEH, Sr SE at Saviynt Recorded: Jan 15 2020 52 mins
    Mobile, distributed workforces increase the number of access points, devices and platforms needed to achieve IT modernization goals. Commonly recurring challenges facing organizations with hybrid workforce include:
    - Lack of automated controls to protect mission-critical data in the cloud and on-prem
    - Increased compliance mandates requiring tools that match cloud privileged accounts to internal data center resources
    - Lack of continuous monitoring which fails to detect user data and access risks
    - Lack of visibility over the wide range of users and apps including external, internal, vendors and partners
    - Increasing compliance burdens requiring continuous assurance such as SOX,GDPR, CCPA, audits

    These five challenges roll up into a larger one - the cost to create a holistic, comprehensive security solution focused on people.

    Saviynt and OneLogin’s partnership combines our individual expertise to create a unified, coordinated user access and governance solution with fine-grained entitlements that ease identity security burdens facing the hybrid enterprise.

    So, join us for this webinar to learn how to remediate these 5 complex challenges with a simple and unified solution from Saviynt and OneLogin.

    Can’t make it to the webinar? Register anyway, and we’ll send you a link to the on-demand recording once available.
  • Automation without frustration: "Baking Perfect Images"
    Automation without frustration: "Baking Perfect Images"
    Diana Rodriguez, Voicethread Recorded: Jan 15 2020 34 mins
    Let's talk about eliminating the frustration factor! In our fast paced industry, multi-cloud architectures face many different challenges and for some, the immutable flow is "utopic" and difficult to maintain. How about we resolve configuring & bootstrapping services without hindering deployment time?

    Using reliable tools like Ansible & Packer we can add that needed attention to detail and configure our tasks the way we need them to perform. With a few tips, "baking" images can be easier than baking cupcakes!
  • Higher Education’s Top 3 Cyber Attack Vulnerabilities and How to Fix Them
    Higher Education’s Top 3 Cyber Attack Vulnerabilities and How to Fix Them
    Ben Nixon, IT Infrastructure & Security Architect, Point Loma Nazarene University, Christine Johnston and Tony Chon, OneLogin Recorded: Jan 15 2020 28 mins
    Colleges and universities – big and small – manage user identities across a diverse, highly complex user base that includes faculty, students, staff, teaching assistants, parents, and alumni. Not to mention all the individual apps and devices that require access to sensitive data on-demand in a time where mobile access is the norm.

    With 80% of the attacks on Education attributed to financial motives, colleges and universities are a prime target for cyber criminals and are looking to solutions for managing identity and access across multiple users, devices, applications – and oftentimes – across multiple campuses.

    Join the Education experts at OneLogin and Ben Nixon, IT Infrastructure & Security Architect at Point Loma Nazarene University, for a webinar where we will discuss how to:

    -Identify critical gaps in protecting sensitive data in on-prem and cloud systems
    -Prevent data leakage without compromising on access and collaboration
    -Deploy the right level of authentication for your students, faculty, staff and alumni
    -Streamline access management across all users, devices and applications
  • Comparing EDR, MDR, and MSSPs for Security Monitoring, Detection, & Response
    Comparing EDR, MDR, and MSSPs for Security Monitoring, Detection, & Response
    Todd Thiemann Recorded: Jan 15 2020 46 mins
    With thousands of cybersecurity products and services available, most technology leaders still struggle to answer one question: "What do I really need to keep my team and our customers safe?"

    Organizations need to monitor their environment to detect and respond to threats that inevitably crop up. There are three major approaches to solving this security conundrum: endpoint detection and response (EDR), managed detection and response (MDR), or managed security service provider (MSSPs). This webinar compares and contrasts the three approaches so you have the right questions in hand when considering your options.

    What you will learn:
    Why monitoring, detection and response is an essential element of a robust security strategy
    What elements comprise the EDR, MDR, and MSSP solution approaches?
    How do these approaches take advantage of the cloud as well as monitor cloud assets?
    What is the security “sweet spot” for EDR, MDR and MSSP approaches?
  • Zero-Touch Network Security Automation
    Zero-Touch Network Security Automation
    Dania Ben Peretz, Product Manager (AlgoSec) Jan 19 2020 3:00 pm UTC 35 mins
    Complex networks take significant resources to get projects from A to B. There’s a lot of hands-on, manual effort required to manage networks and keep them secure. Network management is demandingly ‘high-touch.’

    There is a better way. ‘Zero-touch’ solutions can accelerate change requests, with request generation to implementation taking just minutes. But, preparing for zero-touch network automation isn’t a zero-touch process. Preparation is needed, especially if you have a complex hybrid network: on-premise, in the cloud, and/or using an SDN.

    In this webinar, Dania Ben Peretz, AlgoSec Product Manager, will reveal technical tips and tricks and the steps needed to get zero-touch network automation up and running.

    Learn how to:
    • Get a comprehensive view of your network
    • Automate each step in the change process
    o Discover which security devices are in the path and blocking traffic
    o Define the allowed connectivity between zones
    o Plan changes, naming conventions, and change policies
    o Push changes to devices
    o Validate changes and detect out-of-band changes
    • Accelerate application changes and have application owners and IT managers speak the same language
  • Mindhunter: Mein zweiwöchiges Gespräch mit einer Ransomware-Zelle
    Mindhunter: Mein zweiwöchiges Gespräch mit einer Ransomware-Zelle
    Fabian Freundt, Sr. Sales Engineer, ALPS, SonicWall Jan 21 2020 8:30 am UTC 60 mins
    Lassen Sie sich vom SonicWall Security Experten Fabian Freundt einen Einblick in die menschliche Seite einer modernen Ransomware-Zelle vermitteln. Sie erhalten Ratschläge, wie Sie Hacker vom Eindringen in Ihre Organisation, von der Verschlüsselung Ihrer Endpunkte und von der Verbreitung auf andere Laufwerke und Segmente Ihres Netzwerks abhalten können.
  • Enterprise Information Archiving
    Enterprise Information Archiving
    Terry McMahon, Sr, Systems Engineer & Jacob Wild, Sr. Archiving Specialist Jan 21 2020 10:00 am UTC 48 mins
    Legal, compliance and security pressures are evolving in the face of today’s data growth, and developing a modern data archiving strategy isn’t easy. IT departments are plagued by data growth and legal and compliance teams struggle with how to best retain, discover, and supervise content. So what is the best way for you to develop and implement a new secure approach to your data archiving challenges?

    Join us for a live demo as we take an in-depth look at the technology that positions Proofpoint as a leader in enterprise information archiving:

    In this demo, we'll share how you can:

    - Mitigate reputational risk
    - Stay compliant with industry rules and regulations
    - Improve visibility into your archived data
  • 10 Años - El Estado de la Seguridad del Software
    10 Años - El Estado de la Seguridad del Software
    Antonio Reche, Solution Architect at Veracode Jan 21 2020 10:00 am UTC 45 mins
    Durante diez años, Veracode ha estado siguiendo el estado de la seguridad del software. En nuestro estudio en el décimo aniversario, confirmamos que los equipos están haciendo especial énfasis en la reducción de la deuda de seguridad. Este seminario web analiza algunos de los desafíos más comunes que afrontan los desarrolladores, y ofrece razones reales para el optimismo. Comenzamos Veracode con la misión de asegurar el software del mundo. Hoy, esa misión permanece, con el enfoque adicional de permitirle crear, innovar y "cambiar el mundo" con software, sin ser frenado por preocupaciones de seguridad.

    En este seminario web:
    - Conozca la realidad de seguridad que enfrentan los responsables de aplicaciones: la mayoría de las aplicaciones no cumplen con los estándares de la industria
    - Vea qué lenguajes son los peores infractores de seguridad
    - Observe qué fallos son las más frecuentes, con qué frecuencia se corrigen, cómo se explotan y qué categorías conducen a la mayor cantidad de incidentes.
    - Comprenda cómo los equipos pueden alcanzar una reducción de 5 veces en la deuda de seguridad
    - Obtenga información sobre cómo los desarrolladores pueden reducir el "tiempo medio de remediación" (MTTR) en más del 70%
  • Escape Your Legacy Backup Provider - Three Steps to a Better Backup Renewal
    Escape Your Legacy Backup Provider - Three Steps to a Better Backup Renewal
    Mike Palmer Chief Product Officer, Druva and Prasanna Malaiyandi Director, Product Architecture, Druva Jan 21 2020 10:30 am UTC 30 mins
    More than 60% of companies sign their storage backup renewal contracts between October 1 and March 31. Before you sign your next contract, evaluate the costs and services you’re receiving. You’re likely to achieve a complete, simple and cost-effective solution with a move to cloud data protection.

    Join this webinar with Druva Chief Product Officer, Mike Palmer, who breaks down the backup contract renewals process and pricing, and compares the pros and cons of legacy on-premises solutions versus SaaS-based data protection.

    Register to learn:
    •Market forces impacting data backup strategies and IT budgets
    •Key questions to evaluate if your existing renewal contract is costing you more than modernizing
    •Three steps to better backup, whether you’re six months or 1 month out from renewal

    Who should attend:
    IT leaders in charge of budget and strategy
    CTO, CIO, VP of IT, IT Managers, IT Directors
  • Stories from the Front Line of Threat Hunting
    Stories from the Front Line of Threat Hunting
    Zeki Turedi, Technology Strategist EMEA, CrowdStrike, Brandon Dunlap, Moderator, (ISC)² Jan 21 2020 1:00 pm UTC 60 mins
    CrowdStrike’s 2019 Falcon OverWatch Mid-Year Report provides unique insights into the targeted, state-sponsored and criminal campaigns the CrowdStrike team has encountered in the first half of 2019.

    Join this webcast and hear CrowdStrike Technology Strategist, Zeki Turedi provide detailed accounts of real-world incidents the CrowdStrike team have observed, including the trends, adversaries and techniques that were most prominent in the last 12 months. You will also gain valuable information on the industries and regions most impacted by cyberattacks.

    Learning Outcomes:
    -Why “speed” is the new critical metric in cybersecurity.
    -How organisations are using the MITRE ATT&CK framework to shorten the time to investigate and understand threats.
    -Trends in adversary tradecraft, as seen across 1000s of real-world intrusion attempts.
    -Action plans that you can use to ensure your organisation is ready to anticipate and defend against the most dangerous threats of tomorrow.
  • Delivering AI at Enterprise Scale
    Delivering AI at Enterprise Scale
    Dan Jeavons, General Manager of Data Science (Shell) Jan 21 2020 3:00 pm UTC 25 mins
    Shell has been an early adopter of artificial intelligence (AI), as it attempts to speed up its digital transformation. From machine learning to computer vision, deep learning to virtual assistants and autonomous vehicles to robotics, Shell has been focused on a range of technologies that have supported advances in AI.

    Dan Jeavons joins us to detail Shell’s journey to data analytics excellence, focusing on the deployment of self-service analytics both for the data science teams who look to deploy mission-critical models for real-time use and for the longer-term strategy of filling the “data science skills gap.” Dan Jeavons is the General Manager of Shell’s Data Science CoE within the company’s central Digital Technology organisation. He is currently part of a leadership team tasked with leading Shell’s digital transformation.
  • Digitale Identität und Connected Cars - Die Power von IAM richtig eingesetzt
    Digitale Identität und Connected Cars - Die Power von IAM richtig eingesetzt
    Dr. Heiko Klarl, CMO, iC Consult Group and Gerhard Zehethofer, Vice President IOT, ForgeRock Jan 21 2020 3:00 pm UTC 39 mins
    Fahrzeuge werden zunehmend intelligenter und vernetzter. Um das Kundenerlebnis bestmöglich zu personalisieren und zu sichern, baut ihre Technologie auf digitale Identität. Für den Fuhrpark-Manager, den Versicherer, den Verbraucher und alle anderen Akteure im Connected Car Ökosystem ist es wichtig zu wissen, "wer" auf "was" zugreifen kann.

    In dem gemeinsamen Webinar von iC Consult und ForgeRock erfahren Sie, wie Sie:
    - Ihre Connected Identity-Strategie aufbauen können.
    - Synergien mit anderen Geschäftsbereichen schaffen können.
    - Beim Rollout von vernetzten Diensten als auch bei der Erforschung neuer Geschäftsmodelle die Geschwindigkeit erhöhen und die Time-to-Market verkürzen können.

    Webinare / Webcasts
    Mit Ihrer Registrierung erklären Sie sich damit einverstanden, dass wir Ihre Daten an den Sponsor dieses Webinars weitergeben, damit dieser Sie kontaktieren und Follow-up-Marketing betreiben kann. Die Rechtsgrundlage für die Verarbeitung Ihrer personenbezogenen Daten auf diese Weise ist unser berechtigtes Interesse gemäß Art. 6 (1) (f) DSGVO, das wäre die Teilnahme unserer Sponsoren, die einen großen Teil der Kosten für die Webinare / Webcasts übernehmen.
  • PCI 4.0 So What? How to Centre your PCI Programme Around your Business Objective
    PCI 4.0 So What? How to Centre your PCI Programme Around your Business Objective
    Craig Moores, Risk Advisory Practice Director Jan 21 2020 4:00 pm UTC 60 mins
    SureCloud will explore the challenges that organisations face when achieving and maintaining compliance with PCI DSS, with a particular focus on how organisations can design and deploy a programme that aligns with wider business objectives and embeds compliance activities into business operations.

    With headlines focusing on the evolution of PCI DSS 4.0, our session will target all levels of stakeholder involvement in the management of PCI compliance. Using our experience of delivering compliance applications, as an Approved Scanning Vendor, a penetration testing provider and critically from the experience of our ex-QSAs, we will share some of the shortfall’s that organisations have experienced, particularly focusing on the people, process and technologies critical in protecting an organisations’ payment channels.

    Craig is responsible for SureCloud’s Risk Advisory Practice including engagement scoping, consultancy delivery and client relationships. Craig has experience in leading and delivering complex cyber security solutions aligned to strategic business objectives. Craig has broad cyber security experience including a strong technical, software development and project management background, with particular strengths in the areas of information risk management, PCI DSS, strategic planning and business auditing.


    (The session will be structured around our case study organisation, Bananas to help bring this use case to life.)

    Key session takeaways:
    •Understand some of the business challenges that organisations face when implementing and maintaining a PCI compliance programme.
    •Gain real-world insight into the compliance management shortfalls and lessons learned by other organisations.
    •Reflect on how the next release of the PCI DSS 4.0 provides an opportunity for organisations.
    •Learn how to gain visibility of compliance using metrics and automation.
  • A Practical Approach to  FFIEC, GDPR & CCPA Compliance
    A Practical Approach to FFIEC, GDPR & CCPA Compliance
    Ulf Mattsson, Head of Innovation, TokenEx Jan 21 2020 4:00 pm UTC 60 mins
    With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced data privacy and security solutions has become even more critical. French regulators cited GDPR in fining Google $57 million and the U.K.'s Information Commissioner's Office is seeking a $230 million fine against British Airways and seeking $124 million from Marriott. Facebook is setting aside $3 billion to cover the costs of a privacy investigation launched by US regulators.

    This session will take a practical approach to address guidance and standards from the Federal Financial Institutions Examination Council (FFIEC), EU GDPR, California CCPA, NIST Risk Management Framework, COBIT and the ISO 31000 Risk management Principles and Guidelines.

    Learn how new data privacy and security techniques can help with compliance and data breaches, on-premises, and in public and private clouds.
  • Data Privacy and Compliance: A Look Ahead for 2020
    Data Privacy and Compliance: A Look Ahead for 2020
    Scott Giordano, VP Data Protection, Spirion Jan 21 2020 5:00 pm UTC 45 mins
    2020 promises to be a banner year for data privacy and compliance, and it’s not just about the California Consumer Privacy Act of 2018 (CCPA). While the CCPA has significantly raised the bar for the protection of personal data, it’s proposed replacement, the California Privacy Rights and Enforcement Act of 2020 (CPREA), adds a whole host of new protections.

    Many U.S. states have already introduced CCPA-like legislation or will do so shortly, and others are expected to introduce legislation that address issues such as biometrics, the Internet of Things, and use of consumer credit reports. GDPR enforcement is promising to be rigorous, with the Irish Data Protection Commissioner’s office expected to resolve complaints related to Facebook and Twitter.

    In this interactive presentation, a data protection industry veteran will offer insight into likely changes in the data privacy and compliance landscape for 2020, including:

    - Analysis of the California Privacy Rights and Enforcement Act of 2020
    - A review of current and potential data privacy and compliance litigation
    - Insight into the recently-released NIST Privacy Framework and ISO 27701
  • Supercharge Your Data Landscape with Artificial Intelligence & Data Intelligence
    Supercharge Your Data Landscape with Artificial Intelligence & Data Intelligence
    Jonathan Kaufman, Head of AI Products and Services, 4th-IR Jan 21 2020 6:00 pm UTC 39 mins
    Join ASG and 4th-IR to learn how the combination of Artificial Intelligence (AI) & Data Intelligence (DI) can enrich your data landscape and improve your understanding of your organization's data.

    In this webinar, we’ll discuss:
    • How AI supports data quality and drives better data insights
    • Customer use cases in banking and healthcare
    • Where AI improves data lineage
    • Different ways in which ASG Data Intelligence can be used to curate data to improve the performance of AI algorithms

    Register now to learn how to kickstart and accelerate your own AI and DI projects.
  • Keeping Pace: How Identity Fraud Will Change in 2020
    Keeping Pace: How Identity Fraud Will Change in 2020
    Julie Conroy, Research Director at Aite and Kevin King, Director of Marketing Jan 21 2020 6:00 pm UTC 60 mins
    Identity fraud is a pervasive problem that is constantly evolving to keep institutions guessing. Identity criminals today vary channels, techniques and even the type of identity fraud they utilize to fraudulently open accounts, altering their approach to circumvent new authentication technologies and identify weaknesses in defenses. Because identity fraud is so dynamic, risk managers must keep pace with the latest fraud trends and tactics in order to better protect their business while safeguarding the customer experience.

    In this webinar, Julie Conroy, Research Director for Aite Group, and Kevin King, Head of Marketing for ID Analytics, will cover all things related to identity fraud, including:
    1.2020 fraud trends at account opening
    2.Shifts in fraudster techniques and behaviors
    3.The impact of new regulation on fraud defenses
    4.Best practices for keeping pace with identity fraudsters
  • Balancing Data Privacy & Security in 2020
    Balancing Data Privacy & Security in 2020
    Dr. Christopher Pierson | Shahrokh Shahidzadeh | Michelle Drolet | George Wrenn Jan 21 2020 6:00 pm UTC 60 mins
    How has the compliance landscape changed in 2020? Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - CCPA is now in effect and what this means for you
    - The main differences between GDPR and CCPA
    - Best tools, practices, required policies and cultural game changers for commercial and government environments
    - Other data regulations on the horizon
    - Recommendations for 2020

    Speakers:
    - Dr. Christopher Pierson, CEO & Founder, BLACKCLOAK
    - Shahrokh Shahidzadeh, CEO, Acceptto
    - Michelle Drolet, CEO, Towerwall
    - George Wrenn, CEO & Founder, CyberSaint Security

    This Q&A panel is part of Privacy Month.
  • Tackling the Container Iceberg: How to Approach Open Source Security
    Tackling the Container Iceberg: How to Approach Open Source Security
    Jeffrey Martin (Director of Product) and Dan Garfield (Chief Technology Evangelist at Codefresh) Jan 21 2020 6:00 pm UTC 60 mins
    Container images are based on many direct and indirect open source dependencies, which most developers are not aware of. What are the security implications of only seeing the tip of the iceberg? What are the challenges one faces when relying so heavily on open source? And how can teams overcome these?

    Join Codefresh and WhiteSource, as they embark on a journey to tackle:

    *The container iceberg - learn what are your blind spots
    *The main security challenges when using open source in containerized applications
    *The role of automation in open source security in containers
    *A live demo showing how WhiteSource & Codefresh can allow you to automate open source security in containers throughout the DevOps pipeline
  • Best Practices for DevSecOps at Scale
    Best Practices for DevSecOps at Scale
    Andrew van der Stock, Senior Principal Consultant, Managed Services SIG Consulting​, Synopsys Jan 21 2020 6:00 pm UTC 60 mins
    Today’s security professionals and software developers not only have to do more in less time; they have to do it securely. This means mitigating risk and addressing compliance requirements in an environment where:
    - The threat landscape continues to evolve.
    - Application portfolios and their risk profiles continue to shift.
    - Security tools are difficult to deploy, configure, and integrate into workflows.
    - Consumption models continue to change.
    How can your internal resources keep pace in this dynamic environment? Managed application security testing can be just the relief valve your organization needs. In this webinar, we’ll discuss the need for managed application security testing, the sweet spots where it offers maximum value, what you should look for in a managed application security testing provider, and highlights from Synopsys’ Managed Services offering.
  • Top Five Privacy Predictions for 2020
    Top Five Privacy Predictions for 2020
    Daniel Barber, CEO and Co-founder, DataGrail and Anthony Stark, General Counsel, ZoomInfo Jan 21 2020 7:00 pm UTC 45 mins
    Join this webinar to hear from DataGrail's CEO and Co-founder Daniel Barber and ZoomInfo General Counsel Anthony Stark to learn more about the compliance landscape for 2020 and the trends we predict for the year ahead that will impact privacy and legal professionals.

    As the systems have become more complex and the lines around ownership more blurred, the explosion in data collection - not just the volume but also the variety and velocity of data - has led to some major security and privacy concerns.

    While we’ve made headway with the data privacy regulations that exist today, we shouldn’t be surprised if consumers demand more. As we head into a new decade, 2020 will be the year that data privacy regulation finally takes off and the government begins to put stakes in the ground for a national privacy framework.
  • Hybrid and Multi Cloud Infrastructure for DevOps
    Hybrid and Multi Cloud Infrastructure for DevOps
    Stephane Lefrere and Øystein Bedin Jan 21 2020 7:00 pm UTC 42 mins
    Container platforms help enterprises become more nimble and increase responsiveness. As a result, containers are becoming a key component of digital transformation. In fact, large IT organizations are increasingly looking to develop innovative software applications using containers in their hybrid and multi cloud architectures. However, building these cloud-native applications using a DevOps methodology requires an agile and open infrastructure, one that is flexible, secure, and cost efficient.

    An end-to-end, deployment ready solution is needed to allow organizations to more easily build cloud-native applications, deploy them, and manage workloads across hybrid or multiple clouds, helping businesses modernize IT infrastructure without sacrificing investments. During this webinar, we’ll discuss the architecture needed to build a hybrid cloud for DevOps using OpenShift on OpenStack in conjunction with public cloud.

    Featuring:
    Stephane Lefrere, Director, Cloud Infrastructure Practice, Red Hat
    Øystein Bedin, Principal Architect, Red Hat Open Innovation Labs, Red Hat
  • The Next Wave of Digital Automation
    The Next Wave of Digital Automation
    Jesse McHargue and Stowe Boyd Jan 21 2020 7:00 pm UTC 59 mins
    Between paper-based processes, manual approvals over emails, and excel sheets being passed around things get lost, missed or bottlenecks are created. Automating these processes eliminates that. It’s time to adopt a modern framework of digital processes and forms.

    Join GigaOm Research and expert in digital transformation analyst Stowe Boyd and special guest from Nintex, Jesse McHargue.

    Learn a step-by-step approach to transitioning through process mapping and information capture, to process automation, data management and process intelligence.

    Watch the webinar to learn:
    - The six pitfalls of paper
    - Six degrees of digital transformation
    - Best practices for digital processes and forms
  • Aligning Application Security & Compliance
    Aligning Application Security & Compliance
    Ed Adams, President and CEO, Security Innovation Jan 21 2020 8:00 pm UTC 45 mins
    Regulatory compliance mandates have historically focused on IT & endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance.

    This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include:

    * Consolidating security and compliance controls
    * Creating application security standards for development and operations teams
    * Identifying and remediating gaps between current practices and industry accepted "best practices”
  • SkyStem: Seducing the Auditors with Internal Controls
    SkyStem: Seducing the Auditors with Internal Controls
    Nancy Wu, Sales and Customer Support, SkyStem Jan 21 2020 8:00 pm UTC 57 mins
    With the auditors approaching (or maybe they just never left), the accounting team needs to put its best foot (and documentation) forward in order to avoid a long and drawn out affair with the auditors. Join us in this webinar, where we share the best ways to build and maintain your internal controls infrastructure to impress your auditors and make the year-end audit as quick and painless as can be.

    Please note: CPE credit not available for this playback.
  • Identity Verification for CCPA Compliance: Trial & Error
    Identity Verification for CCPA Compliance: Trial & Error
    Nathan Rowe, Chief Product Officer & Co-Founder, Evident Jan 21 2020 9:00 pm UTC 45 mins
    The California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020, gives consumers the right to access, delete, or opt out their personal data. Under CCPA, companies are not only obligated to furnish, delete, or opt consumers out of the sale of their data, they’re also required to verify every requestor’s identity to avoid inadvertently sharing sensitive data with fraudsters.

    After a giant GDPR loophole was exposed, it quickly became understood how easily cybercriminals were fraudulently submitting data subject requests in order to gain access to personal data that isn’t theirs. While this is certainly one reason to incorporate adequate identity verification into the consumer rights request workflow, cybercriminals aren’t the only threats that businesses need to worry about.

    Opportunistic data protection and privacy lawyers will be proactively scrutinizing processes to see if companies will make mistakes and accidentally furnish data to the wrong person so they can sue on behalf of their consumers. Additionally, CCPA consumer rights requests will likely shine a light on companies’ data protection practices, as the 2019 Carlton Fields Class Action Survey indicated that the next wave of class action suits will result from data breaches.

    In this webinar, we’ll discuss potential DSR threats from three different groups: cybercriminals, privacy lawyers, and data subjects, and how to avoid attacks with proper identity verification that offers an appropriate level of assurance that’s compatible with business’ specific needs.

    Key Takeaways:
    The importance of getting an automated DSR fulfillment workflow in place to handle a high volume of requests securely, consistently, and compliantly
    The role identity verification plays in avoiding DSR denial of service attacks
    Discuss how to implement “reasonable” verification that is frictionless for consumers and lawyers, but that keeps the bad guys out
  • [Earn CPE] Critical Steps to Manage CCPA Compliance and Risk in 2020
    [Earn CPE] Critical Steps to Manage CCPA Compliance and Risk in 2020
    Panelists: K Royal, TrustArc; Ilia Sotnikov, Netwrix, Dr. Else van der Berg, Datawallet; and Harold Byun, Baffle. Jan 22 2020 12:00 am UTC 77 mins
    The California Consumer Privacy Act of 2018 (CCPA) is arguably the most expansive privacy law in U.S. history and will become enforceable in just a matter of months. The CCPA introduces new privacy rights for consumers and will force companies that conduct business in the State of California to implement structural changes to their privacy programs.

    The new rights given to California consumers are similar to the rights provided in the European Union’s General Data Protection Regulation (GDPR). The CCPA also subjects non-compliant businesses to expensive fines, class-action lawsuits, and injunctions.

    On this webinar, we will examine the impact of the CCPA, answer your burning questions, uncover the CCPA’s nuances, and address its ambiguities and challenges. We will also include strategies for creating compliance programs in the midst of the unknowns, and a strategic action plan for businesses to become compliant.

    Learning objectives are to gain insights on:

    - Understanding the nuances, ambiguities and challenges of the CCPA;
    - Creating compliance programs in the midst of the unknowns;
    - Developing a strategic action plan to become CCPA compliant;
    - How to avoid expensive fines, class-action lawsuits, and injunctions;
    - Getting ahead of the curve and enabling your business with alternate data sharing and privacy preserving techniques.