Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Michael Suby, Vice President of Research at Frost & Sullivan Recorded: Aug 24 2016 36 mins
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralising business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • 利用大数据实现积极且具有高度关联性的安全防御Using Big Data For Active And Contextual Security 利用大数据实现积极且具有高度关联性的安全防御Using Big Data For Active And Contextual Security 周德振(Adam), 高级解决方案顾问, Akamai Technologies Recorded: Aug 24 2016 59 mins
    *This webinar will be conducted in Mandarin
    Organizations are turning to leverage big data and analytics to ‘look’ for indicators of intent or indicators of compromise, thus helping organizations focus their security resources on the threats at hand. The challenge though is how to process the vast amount of data, and furthermore, keep it relevant, timely, actionable – contextual. The challenge becomes harder when threat actors utilize a variety of techniques to maintain anonymity, reduce their ‘fingerprint’ and mask their intent.

    In this webinar, Adam will share how Akamai leverages the vast amount of data that it sees daily to help its customers improve their security decisions, when the threat would otherwise be unclear. John will showcase how Akamai’s big data and analytics platform, Cloud Security Intelligence, powers its Client Reputation service. A service that provides the ability to forecast intent and protect applications against Distributed Denial of Service (DDoS) and application layer attacks, and how active defence can be applied to a variety of response mechanisms, delivering an intelligent contextually aware defence.

    各家机构正越来越倾向于使用大数据资源来“查找”各种恶意行为的迹象、甚至是破坏的先兆,来帮助机构把有限的安全资源集中在关注现有的威胁之上。但是,挑战在于如何处理这样大量的数据,而且保证数据的相关性、及时性和可用性不会受到影响。而且,随着安全威胁使用了更多样的技术来保证其匿名性、减少留痕并掩盖其意图,机构所面临的安全挑战也越来越严峻。

    在本次的网络研讨会中,Akamai 高级解决方案顾问-周德振先生(Adam),将会向您展示Akamai是如何在威胁尙不明确的情况下,使用每日承载的海量数据来帮助客户做出更加明智的网络安全决策的。Adam将会展示Akamai的大数据及分析平台、云安全智能是如何强化其客户端信誉(Client Reputation)服务。这种服务能够提前预告各种行为的迹象,并保护应用程序不会受到DDoS和应用层攻击。此外,您还将看到这种积极的安全防御是如何帮助各种响应机制,是如何交付智能化、高度关联的防御。

    8月24日(周三)| 时长60分钟 | 北京时间 14:00
    演讲人: 周德振(Adam), 高级解决方案顾问, Akamai Technologies
    主持人: 毛宇, CISSP, AMBCI, CCNP, PRINCE2, (ISC)²官方授权讲师


    预留席位,就在此刻!

    *This webinar will be conducted in Mandarin
  • New Legal Requirements for Mobile Security – EMM is not Optional New Legal Requirements for Mobile Security – EMM is not Optional Ojas Rege, MobileIron VP Strategy, and Carl Spataro, MobileIron Chief Privacy Officer Recorded: Aug 23 2016 36 mins
    As of 2016, California requires all companies, no matter where they are based, to implement a minimum set of mobile security controls if they process sensitive personal information about California residents. Spend 30 minutes with us on how to comply with these new requirements. Review the California Data Breach Report for the new requirements.

    This webcast is for Mobile IT and information security professionals and their legal and compliance teams. This webcast will cover:

    The foundational security controls now required by law
    How these controls are applied to mobile
    Best practices to achieve compliance
    The central role of Enterprise Mobility Management (EMM)
  • Screen Sharing Worth 1000 Chats Screen Sharing Worth 1000 Chats Donald Hasson Recorded: Aug 23 2016 38 mins
    Chat is an excellent channel to improve service desk productivity, but when dealing with complex issues, it’s sometimes not enough. If your chat solution is implemented in a standalone silo, then customers may have to transfer to phone support when their issues go beyond the point of text, resulting in a disjointed customer experience. But if the chat transitions directly into a screen-sharing session, the support agent can instantly see and resolve the issue while maintaining a seamless conversation. This session will outline how to increase the value and power of chat through integrating it with other solutions such as remote support, knowledge bases, CRM and more. Turn your service desk into a one-stop-shop with a modern, integrated approach to support.
  • Hunting for Threats: tips and tricks for SOC experts Hunting for Threats: tips and tricks for SOC experts Matias Bevilacqua, Mandiant Principal Consultant Recorded: Aug 23 2016 49 mins
    Many Security Operation Centers operate in a reactive mode. They primarily respond to alerts that are being presented to them by implemented detection technologies. And we all know alerts are generated in overwhelming volumes, severely crippling SOC’s effectiveness and efficiency. Today’s threat landscape requires SOCs to operate ever more proactively to keep up with the threat actors. More and more SOCs therefor are actively ‘hunting’ for threats that may be residing in the environment they are to defend. ‘Hunting' however requires a different approach from the traditional, reactive mode, not least for the SOC experts themselves.

    Join Matias Bevilacqua, Mandiant Principal Incident Response Consultant, as he discusses tips and tricks for hunting for those lurking threats: what to look for, what tools to use, etc.? You will leave the session with some hands-on material to start turning over stones and uncover threats you never knew were there.
  • eSummit Session 3: Under the Shadow of the Cloud eSummit Session 3: Under the Shadow of the Cloud Rik Ferguson, Vice President Security Research, Trend Micro, Adrian Davis, Managing Director, (ISC)² EMEA Recorded: Aug 23 2016 49 mins
    This presentation will enumerate some of the risks, old and new, of migrating to a cloud infrastructure as well as the risks posed by consumer and employee “cloud creep”. I will detail how your business could impacted and illustrate some architectural and procedural changes that can help to mitigate these risks.
  • eSummit Session 2: Cloud Breach – Detection and Response eSummit Session 2: Cloud Breach – Detection and Response Matthias Maier, Product Manager EMEA, Splunk, Adrian Davis, Managing Director (ISC)² Recorded: Aug 23 2016 47 mins
    Your next breach or insider attack will most likely have you digging for evidence in the cloud. Are you prepared? The old styles of imaging disks and tapping networks won't work. They will not scale. Join this webinar to discover response scenarios for cloud enabled and cloud dependent enterprises, a model for preparing for cloud response and examples of cloud breach investigations.
  • eSummit Session 1: Protecting Cardholder Data in the Cloud – A PCI Perspective eSummit Session 1: Protecting Cardholder Data in the Cloud – A PCI Perspective Jeremy King, International Director PCI Security Standards Council, Adrian Davis, Managing Director (ISC)² Recorded: Aug 23 2016 46 mins
    With more and more organisations using the services of a cloud provider, what impact does this have on securing Cardholder Data. This presentation will give an general overview of the PCI SSC, and then focus specifically on the issues relating to storing data in the cloud. Especially it will look at the key issues of “Who is responsible?” and “What happens when there is a data breach”. In addition the presentation will look briefly at the impact of the recent GDPR on cloud storage and cloud providers.
  • The modern way of hunting  - How three CTOs tackle incident response The modern way of hunting - How three CTOs tackle incident response OpenDNS CTO, Dan Hubbard, Lancope CTO, TK Keanini, and Threat Grid CTO, Dean De Beer Recorded: Aug 22 2016 53 mins
    Your corporate network is open terrain. And it's hunting season. Malware, ransomware, and phishing scams are lurking. It's time to identify these threats to the enterprise earlier in the kill-chain and protect your employees, your data, and your network. The next evolution of Incident Response is here.

    Isn't it time you adapted your security stack to gain visibility into threats across you endpoints, network, and cloud? We can arm you with the tools you need most to see what’s happening not just on your network and your endpoints, but also out on the Internet in the wild.

    Join the product CTO’s from both OpenDNS and our Advanced Threats Groups, Dan Hubbard, Dean De Beer, and TK Keanini as they review how to modernize your response with critical solutions that provide visibility into the network, endpoint, and cloud and additionally talk about how to use these tools to investigate threats in the present, retrospectively, and into the future.

    Join not one, but three CTOs from OpenDNS, AMP Threat Grid and Lancope for a complete review of what it takes to accelerate investigations, decrease incident response times, and uncover potential attacks before they are launched.

    Hear from OpenDNS CTO, Dan Hubbard, Lancope CTO, TK Keanini, and Threat Grid CTO, Dean De Beer on August 22nd at 10am PT. You’ll learn:

    -Strategies for addressing customer incident response challenges across Network, Endpoint and Cloud
    -Three unique approaches for digging deeper into what happened before, during, and after an attack
    -How together OpenDNS, AMP Threat Grid and Lancope combine to give you the best incident response portfolio

    Register now and let the hunting begin.
  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Michael Suby, Vice President of Research at Frost & Sullivan Recorded: Aug 18 2016 35 mins
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralizing business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • Improving on "Whack-a-Mole" Vulnerability Management Improving on "Whack-a-Mole" Vulnerability Management Joseph Blankenship Senior Analyst, Forrester & Jimmy Graham Director, Product Management, Qualys Recorded: Aug 18 2016 50 mins
    The need to prioritize vulnerability management (VM) is greater than ever as IT security teams become overwhelmed with trying to protect against every threat that pops up. Organizations that understand the varying risks across vulnerabilities can focus on resolving dangerous exploitation, and avoid wasting crucial time addressing insignificant ones.

    We invite you to attend the “Improving on 'Whack-a-Mole' Vulnerability Management” webcast featuring guest speaker Joseph Blankenship, Senior Analyst at Forrester, and Jimmy Graham, Director of Product Management at Qualys.

    The following topics will be discussed during the webcast:

    * Forrester data trends and insights from real-world client scenarios

    * Why vulnerability management needs to be prioritized and elevated

    * How Qualys ThreatPROTECT shows you what to remediate first (led by Qualys)


    This webcast includes a live Q&A.
  • What does the GDPR mean to you? What does the GDPR mean to you? Arif Muhammad, Director Product Management and Wilfred Mathanaraj, Product Owner TDM, CA Technologies Recorded: Aug 18 2016 42 mins
    There's new legislation in place, that's expanded the definition of personal data and puts IT and testing departments on high alert to safeguard personal data, across testing and development environments. It's the General Data Protection Regulation (GDPR). Are you ready for it?

    In this session, we’ll demonstrate how CA Test Data Manager helps to both mask your production data and to generate synthetic test data; a powerful combination to help you meet compliance needs and deliver quality applications. There will be a short section on the future of the tester self-service model that will enable testers to efficiently get access to the right test data.
  • Briefings Part 2: The Evolving Nature of Ransomware Attacks Briefings Part 2: The Evolving Nature of Ransomware Attacks Ryan Benson, Senior Threat Researcher, Exabeam; Brandon Dunlap, Moderator Recorded: Aug 18 2016 59 mins
    Like all cyber threats, ransomware continues to evolve and its effects will cause significantly greater impact to corporate organizations and networks. Just as computer viruses caused more damage as they grew in sophistication, ransomware is increasing its way to enter networks and wreak more havoc. Newer strains now know to look for networked file shares as encryption targets. Do you know what signals to look for to detect ransomware as it begins to attack? Exabeam researchers have analyzed nearly 100 strains of malware and have categorized some of the more aggressive techniques being used. Join Exabeam and (ISC)2 on August 18, 2016 at 1:00PM Eastern and gain a better understanding of the mechanisms ransomware might use to propagate and how to detect signs of these mechanisms in use.
  • Simplify Your Google Apps Collaboration and Management with IDaaS Simplify Your Google Apps Collaboration and Management with IDaaS Nathan Chan, Solutions Architect at OneLogin Recorded: Aug 18 2016 44 mins
    Google Apps for Work is a preferred solution for productivity and collaboration in the modern enterprise. But with a large suite of tools, proper provisioning and maintenance is anything but easy. Attempting to roll out Google Apps to the right users with the right access often results in over-extended IT resources, delayed employee on- and off-boarding, and misallocated access to key documents and data.

    It doesn’t have to be this way. Hundreds of organizations are using OneLogin’s best-in-class directory integrations to achieve faster Google Apps time-to-value and on-going application security and automation.

    Join OneLogin for an informative webinar designed to get you through the most complex of Google Apps deployments.
  • Intelligent Endpoint Security: Why Taking A Modern Approach Matters Intelligent Endpoint Security: Why Taking A Modern Approach Matters Robert Westervelt, Research Manager at IDC Security and Alejandro Borgia, VP Product Management at Symantec Recorded: Aug 18 2016 61 mins
    Endpoint security is a critical component in an organization's security program and is needed to gain the visibility necessary to rapidly detect threats and contain them before criminals gain access to critical resources.

    Join us for an interactive discussion and learn more about:

    • How emerging security technologies are helping organizations defend against targeted attacks that use zero-days and evasion tactics to evade detection

    • What technologies typically make up modern threat protection solutions and how they enable incident responders to quickly identify infected endpoints and determine the scope of an attack

    • Why endpoint visibility must be combined with network, web, and messaging security solutions to create a security architecture that works cohesively to reduce the amount of time an attacker has on infected systems

    • How risk assessment plays a role in strengthening your security to preempt future attacks
  • Microsoft SQL Series: 5 steps to Migrate from Oracle to SQL Server Microsoft SQL Series: 5 steps to Migrate from Oracle to SQL Server Kevin Orbaker & Rajinder Gill Recorded: Aug 17 2016 65 mins
    Migration is a process. We have in-depth methodologies, resources, offers and tools to help you move from Oracle to SQL Server quickly and painlessly. Learn 5 steps to migrate from Oracle and unlock value from your data using the cutting edge capabilities of SQL Server.

    Join this session to learn about the 5 steps in migration:
    •Assess your current data systems
    •Develop a Migration Plan
    •Deploy to the new system
    •Validate everything is working properly
    •Cutover from your old system
  • Thwarting Cybercrime in Healthcare with Continuous AppSec Testing Thwarting Cybercrime in Healthcare with Continuous AppSec Testing Lynne Dunbrack, IDC Health Insights; Michael Goldgof, WhiteHat Security Recorded: Aug 17 2016 55 mins
    Healthcare organizations are increasingly vulnerable to devastating cybercrime attacks on a daily basis. Web applications in healthcare are particularly exposed to such attacks. This webcast will explore how continuous application security assessment-as-a-service which combines machine and human intelligence can help healthcare organizations improve their security and risk posture.

    Please join us as IDC’s Lynne Dunbrack and WhiteHat Security’s Mike Goldgof discuss the role of application security in healthcare. You will learn:

    - Today’s cyberthreat landscape in the healthcare industry
    - Relevant security regulations for healthcare: HIPAA, Breach Notification IFR, HITECH Act, and more
    - Vulnerability statistics for healthcare organizations
    - How continuous application security testing can help your security and risk posture
  • How to Plan & Manage Work as a Highly Regulated CRO How to Plan & Manage Work as a Highly Regulated CRO Kael Pratt, Senior Principal Consultant Recorded: Aug 17 2016 48 mins
    As a Clinical Research Organization, you likely collect large volumes of data to price out and manage your clinical trials. But, with the new revenue recognition regulations that went into effect earlier this year, the way you plan and manage your business is fundamentally changing. Are you ready for it? Join this exclusive webinar for an overview of how the new regulations may affect you, and how you can be prepared to:

    •Manage your revenue recognition properly
    •Maintain control over your projects and increase profit margin
    •Align your accounts with the proper regulations
    •Ensure you are utilizing your employees in the most effective manner
  • 5 Ways to Secure Your Containers for Docker and Beyond 5 Ways to Secure Your Containers for Docker and Beyond Tim Mackey, Senior Technology Evangelist, Black Duck Software Recorded: Aug 17 2016 44 mins
    To use containers safely, you need to be aware of potential security issues and the tools you need for securing container-based systems. Secure production use of containers requires an understanding of how attackers might seek to compromise the container, and what you should be aware of to minimize that potential risk.

    Tim Mackey, Senior Technical Evangelist at Black Duck Software, provides guidance for developing container security policies and procedures around threats such as:

    1. Network security
    2. Access control
    3. Tamper management and trust
    4. Denial of service and SLAs
    5. Vulnerabilities

    Register today to learn about the biggest security challenges you face when deploying containers, and how you can effectively deal with those threats.
  • Microsoft SQL Series: Running your Mission Critical Line of Business Apps Microsoft SQL Series: Running your Mission Critical Line of Business Apps Ross LoForte & Jimmy May Recorded: Aug 16 2016 57 mins
    In a recent Gartner survey, more than 85% of enterprise respondents indicated that data growth, performance and availability was their largest challenge.

    Join this session to learn how SQL Server can help you run your mission critical line of business applications including:

    •Enterprise performance
    •Security and compliance
    •Scalability
    •High availability and disaster recovery
  • Place Your Bets on Securing Your Network Against Advanced Threats Place Your Bets on Securing Your Network Against Advanced Threats Gary Fisk (Solutions Architect, FireEye), Robert McNutt (Director, Strategic System Engineer, ForeScout) Recorded: Aug 16 2016 56 mins
    According to the latest M-Trends report, 53 percent of network compromises are identified by an external organization rather than the internal IT department. This is especially apparent in the hospitality industry where massive amounts of customer data and credit card information are stored. Now more than ever, it’s critical to understand the security posture of your network and implement comprehensive security solutions that help you rapidly detect, analyze and contain potential threats.

    Join us and learn how a Fortune 500 company Gaming/Hospitality company gained instant visibility of previously unknown devices and deployed policy-based access controls in days. Our special guest customer will comment on the state of threats to hospitality companies and discuss how FireEye Network Threat Prevention Platform (NX Series) and ForeScout CounterACT® work together to provide a holistic approach to risk mitigation and threat management.

    Gain visibility into what and who is on your network—especially un-managed devices. Improve your defenses against advanced threats and create a policy based automated response to potential threats.

    Register today [link] to learn how!
  • Blazent- Growth drivers for IT Blazent- Growth drivers for IT Charlie Piper - CEO and Dan Ortega - VP of Marketing Recorded: Aug 16 2016 4 mins
    Charlie Piper, Blazent's CEO, joins Dan Ortega, the VP of Marketing to describe the central role data quality plays in transforming IT into a growth driver for business.
  • Windows 10 - One Year Later Windows 10 - One Year Later Andreas Fuchs, Senior Product Manager - HEAT Software | Mario Schwalm, Senior Systems Engineer - HEAT Software Recorded: Aug 16 2016 55 mins
    In the one year since the launch, Windows 10 is off to the fastest start in Windows history, with over 350 million active devices. Are organizations reaping the productivity benefits, how far along are they in their migration efforts, what best practices have distilled around how to handle apps and carry out updates with Windows 10?

    Join us on Tuesday, August 16th to find out the latest Windows 10 tips and tricks.

    In the webinar, we'll explore:
    •Windows 10 adoption rates
    •Windows 10 provisioning process best practices (hardware refresh, legacy migration, self-service)
    •Application configuration management and how to deal with Apps in the new AppStore
    •Security: configuration, remediation, patching Windows 10 and protecting personal data