Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Spot & Patch Web App Bugs in One Click
    Spot & Patch Web App Bugs in One Click Vikas Phonsa, Product Management, Qualys WAF and Frank Catucci, Product Management, Qualys WAS Recorded: May 23 2017 57 mins
    Web application security is becoming increasingly complex due to the continuously evolving threat landscape, the diverse nature of web applications, and the broad range of systems needed to manage security.

    Qualys simplifies web app security with an end-to-end solution.

    During this webcast, presenters Vikas Phonsa and Frank Catucci will show you how you can:

    * Scan your apps using Qualys Web Application Scanning (WAS)
    * Deploy one-click virtual patches for detected vulnerabilities in Qualys Web Application Firewall (WAF)
    * Manage it all from a centralized, cloud-based portal

    This webcast will include a live Q&A session.
  • Data Protection in the Changing Payments Landscape
    Data Protection in the Changing Payments Landscape Smrithi Konanur Global Product Manager – Payments, Web, & Mobile, HPE Security – Data Security Recorded: May 23 2017 35 mins
    With continued improvements in payments security through technologies such as P2PE and EMV, the PCI community has been effective at combating crime in a wide variety of financial institutions, retail environments and enterprises. As the use of stolen or fraudulent cards for in-person card present transactions becomes more difficult, criminals are shifting their focus to online activities. To stay ahead of the bad guys, merchants and institutions need tools that are specifically designed to address these challenges.

    There are powerful solutions that enable organizations to securely protect payment transactions and retain control over their consumers’ buying experience, while integrating with existing payment flows. Join us to hear more about proven ways to safeguard sensitive crypto process and protect payment transactions while eliminating the exposure to sensitive cardholder data.


    Presenter: Smrithi Konanur
    Global Product Manager – Payments, Web, & Mobile, HPE Security – Data Security

    Smrithi Konanur has over 14 years of computer software industry experience including more than 7 years of experience in Payment Industry. Her main focus in her current role is providing data security solutions for PCI, P2PE, tokenization, PII, and PHI in different channels like in-store(POS systems), e-commerce/browser-based applications and other mobile applications. Her background ranges from technical product development, management, integration, product management, and product strategy. She holds a Masters in Computer Engineering and multiple management continuing education programs.
  • Strategies for Effective 3rd Party Risk Management
    Strategies for Effective 3rd Party Risk Management Scott Roller, Founder of 3WP; Rebecca Herold, Privacy Professor; Sam Kassoumeh, SecurityScorecard. James Christiansen, Optiv. Recorded: May 23 2017 63 mins
    The challenges that organizations face today are increasingly more complex than in the past. The constant change of the global economy, dynamics of business risks and opportunities, and an increased threat of cyber-attacks add complexities we’ve never faced. As organizations rely on more and more third parties to grow and thrive, they’re exposed to higher levels of risk, and regulators are focused on the need for organizations to manage 3rd party risk more effectively.

    Manual processes, silos in contract administration, and technology and resource constraints can all lead to significant errors in the third party supply chain that leads to violation of privacy guidelines and security breaches, which cause substantial fines, penalties, and damage to brand value. On this webinar our panel of experts will discuss the risks and repercussions associated with third party contract management shortcomings, common gaps in third party contract management processes, examples of how new solutions and technologies can help organizations optimize their third party processes, and effective strategies for managing 3rd Party Risk.
  • Inside The New Generation of Phishing Attacks
    Inside The New Generation of Phishing Attacks Michael Landewe, Researcher, Avanan Cofounder Recorded: May 23 2017 37 mins
    What we know and have trained users about phishing attacks has changed. Old methods no longer apply.

    IT teams have deployed filters and taught our users to detect phishing attacks by scanning for suspicious URLs, spoofed login pages, and unrecognized senders. We've told people to change passwords, turn on two factor authentication and watch for suspicious logins.

    None of these methods can defend against the next generation of automated, malicious API-based phishing attacks that are invisible to users and unmonitored by SaaS.

    Once exclusive to advanced state-sponsored actors, the recent Google Docs worm pushed this sophisticated method into the headlines.

    In this webinar we will dig deep into the next generation of phishing attack and describe the new methods every IT team must deploy to defend against them. Because the vulnerability is not unique to Google, we will also discuss Office 365, Box, Salesforce and other popular business apps.
  • Credential Theft:  A Perspective From the FBI & Unit 42 Threat Intel Team
    Credential Theft: A Perspective From the FBI & Unit 42 Threat Intel Team SSA John Caruthers, FBI & Jen Miller-Osborn Palo Alto Networks Recorded: May 23 2017 62 mins
    Even the most sophisticated adversaries know it’s far easier to steal credentials and use them for covert activities than it is to locate a zero-day vulnerability in an external-facing system. Plus, since attackers will take the easiest path, most breaches still rely on stolen credentials.

    Join the FBI and our own Unit 42 threat intelligence team as they present their insightful perspective on the cyberthreat landscape in 2017, with an emphasis on credential-based attacks and phishing. In addition to presenting their unique attack lifecycle, they will:

    * Identify trends and techniques in methods used for credential theft and abuse.
    * Review how cybercriminals have changed their tactics to compromise networks.
    * Examine who is being targeted, and why.
    * Discuss techniques to stop credential leakage.
    * Review the FBI’s role in combating this destructive attack.

    Defending against cyberattacks is tough enough, especially when attackers pose as authenticated users on your network.

    Join the FBI and Palo Alto Networks® Unit 42 to learn what to do when you discover intruders on your network, and how to prevent their attacks from succeeding
  • Don’t let Smartphones Kill your PKI Security Strategy
    Don’t let Smartphones Kill your PKI Security Strategy Gregory Vigroux, Enterprise Mobility Expert at Gemalto Recorded: May 23 2017 51 mins
    Half of businesses admit security is their biggest concern to increasing user mobility. Securing enterprise mobility has been an ongoing and arduous topic for IT security professionals. Maintaining high-assurance security, while offering access to company resources to an on-the-go workforce has become a balancing act. So much so, a third of businesses actually prevent employee access to company resources via mobile. This is likely not a long term or sustainable solution to the problem.

    So how do you find a compromise that won’t kill your security strategy? There are currently many technologies from derived credentials to mobile PKI. IT professionals are feeling the pressure to find a viable, user friendly, easy-to-deploy and secure options. In this webinar, we will discuss the current solutions in-depth and how they impact your current IT security policies. Attendees will learn more about:
    -Software-based security versus hardware-based security
    -How this impacts your back-end systems
    -Technology such as derived credentials and mobile PKI
    -Implementing a mobile PKI solution
  • Reputation Matters: Keeping Your Brand Strong in the Age of Cyber Risk
    Reputation Matters: Keeping Your Brand Strong in the Age of Cyber Risk Jake Olcott, VP of Business Development, BitSight; Siobhan Gorman, Brunswick Group; John Fiore, Former CIO, BNY Mellon Recorded: May 23 2017 61 mins
    In today's world, a cybersecurity incident can quickly become a risk to an organization's reputation. Reputational risk management is a critical business practice to ensure that your organization is doing everything possible to minimize the potential damage to its character or value.

    Join our panelists Jake Olcott, VP of Business Development at BitSight, Siobhan Gorman, Director at Brunswick Group, and John Fiore, Former CIO of BNY Mellon as they discuss:

    - How to mitigate reputational risk through cybersecurity risk management
    - Ways in which reputational risk can affect your company's bottom line
    - What executive leaders and board members care most about in regard to reputational risk
    - Examples of successful and unsuccessful reputational risk management
    - How security officials should be thinking about reputational risk management in their data security initiatives
  • GDPR: Global Implications of EU Legislation
    GDPR: Global Implications of EU Legislation Jonathan Armstrong, Cordery & Nima Baiati, Absolute Recorded: May 23 2017 62 mins
    Enforcement of the EU General Data Protection Regulation (GDPR) is looming, giving you less than 12 months to prepare. And it has major implications for every organization that processes EU personal data – regardless of where they are based.

    With the cost of non-compliance set at an astronomical 4% of global annual revenue – not to mention damage to reputation – the time to protect yourself is now.

    On May 23rd, join Absolute’s data protection experts alongside leading technology and compliance lawyer Jonathan Armstrong, as they share practical insights on the global implications of GDPR. Register today and learn:

    • GDPR compliance – what’s required and what’s at stake
    • Organizational steps you need to take now to avert disaster
    • The best security approaches to ensure compliance and protect your data – and your brand
  • Stop Blaming Russia & China for all Cyber Attacks
    Stop Blaming Russia & China for all Cyber Attacks Amar Singh, Joseph Carson Recorded: May 23 2017 59 mins
    Cyber-attacks can originate from anywhere, but there appears to be an unabated trend of pointing the finger on either "sophisticated attackers" or, more blatantly, naming and blaming nation-states like Russia, China and now North Korea (alright, maybe even Iran).

    The truth about attribution (who is the attacker) is often overlooked for something more dramatic, especially in situations where sensitive information or brand reputation is at risk.

    The tactic is simple. Switch the focus from internal bad practices and shift the blame to “sophisticated, nation states and or criminal gangs.” Lazy, but effective.

    Join Amar Singh and Joseph Carson, from Thycotic, as they both discuss the real reason behind why cyber attacks succeed (no - not because of Russia or China)and the steps you can take to make the job of hackers, both sophisticated and otherwise, much harder.
  • [Video Interview] AI & Machine Learning in Cyber Security: The IBM View
    [Video Interview] AI & Machine Learning in Cyber Security: The IBM View Josh Downs, BrightTALK & Martin Borrett, CTO, IBM Security Europe Recorded: May 23 2017 10 mins
    - BrightTALK at CRESTCON & IISP Congress -

    BrightTALK caught up with IBM Security Europe's Martin Borrett for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - AI & machine learning and the influence that the technology will have on the security space

    - The ins and outs of AI & machine learning and how it analyses your data looking for security incidents

    - How to find a good solution to suit all budgets

    - The growth of IoT networks and how we can look to protect them effectively

    - V2V security and how to ensure connected cars are protected from cyber threats

    - The threatscape in 2017; the threat actors, motives and attack techniques
  • Spotlight on INDIA - Data Security, a Major Consideration in IT/ITES Sector
    Spotlight on INDIA - Data Security, a Major Consideration in IT/ITES Sector Vaibhav Pathak, Sr. Pre Sales Engineer Recorded: May 23 2017 20 mins
    What does an IT/ITES organization need to consider in its efforts to protect itself from fraud, including data breaches?

    These organizations need to provide assurance to customers, clients, internal stakeholders and regulatory bodies that any data being collected and processed by businesses is secure or risk massive fines, public embarrassment, loss of business, or even a closure of it.

    Key learnings:

    •How to manage data security on shared computing resources?
    •How to secure storage and transfer of data on company-owned, or company-managed endpoints?
    •How to facilitate the path to meeting organizational and industry compliances?
    •How to ease the daily burden of your data security administration functions?
  • Are you ready for the GDPR? One year out.
    Are you ready for the GDPR? One year out. Christoph Luykx, Director, Government Relations EMEA, CA Recorded: May 23 2017 61 mins
    The European Union General Data Protection Regulation (GDPR) is a new regulation in Europe with global impact that will come into force on May 25th, 2018. Its objective is to further strengthen data protection. Enforcement will be backed by heavy fines. Organizations that deal with data on a Global scale will need to review their data lifecycle and put in place processes and technology to be compliant. In this webinar, CA experts will share some thoughts around the journey organizations are on and discuss some real life examples.
  • Detecting Network Threats: What Can Endpoint Data Tell You?
    Detecting Network Threats: What Can Endpoint Data Tell You? Greg Foss, Security Architect, LogRhythm & Chris Berninger, Senior Systems Engineer, Carbon Black May 24 2017 12:00 am UTC 60 mins
    Data-driven security is the future, but alarm fatigue and data overload continue to hold Security Operations teams back. Fortunately, there are some easy ways to organize and correlate data so you can simplify the threat hunting process and free up your resources to better detect, respond and neutralize advanced threats.

    In this webcast, Greg Foss, Security Architect at LogRhythm, and Chris Berninger, Senior Systems Engineer at Carbon Black, discuss how to proactively search for and detect threats in your network.

    You’ll learn:

    • To use endpoint data to gain visibility into your network and understand what’s really going on in your network
    • How LogRhythm SmartResponse can help orchestrate security operations
    • Threat hunting techniques using Carbon Black within LogRhythm

    Register now to discover how to use insights from endpoint data to best protect your organization from advanced attacks.
  • State of the Internet/ Security Report–Latest DDoS and Web App Attack Trends
    State of the Internet/ Security Report–Latest DDoS and Web App Attack Trends Nick Rieniets, Senior Security Specialist, Akamai Technologies May 24 2017 5:00 am UTC 60 mins
    As an organization that delivers and protects 15-30% of the world’s web traffic on a daily basis, Akamai is uniquely positioned to observe a large amount of attacks ranging from 20 malicious HTTP requests containing SQL injection to DDoS attacks up to 650 Gbps. Our security experts analyze this information and share trends, observations, and findings in our quarterly State of the Internet / Security Report. We will present this information and associated insights in this webinar series.

    In this webinar, you will learn:

    • A summary of global findings from the State of the Internet Report
    • Attack statistics for APJ
    • How IoT botnets have changed the attack topology in APJ
    • The responsibilities for security of IoT

    Join Akamai and (ISC)² on May 24 (Wed) at 13:00 (Singapore time) for an overview and analysis of traffic and trends from Distributed Denial of Service (DDoS) and web application attacks.
  • Countdown to GDPR - Reduce your Risk
    Countdown to GDPR - Reduce your Risk Darron Gibbard, Managing Director, EMEA North at Qualys & Jonathan Armstrong, Partner at Cordery May 24 2017 9:00 am UTC 60 mins
    This is a must-attend webcast for anyone working for an organisation within Europe and responsible for the security of personal data.

    You are probably already thinking about the EU General Data Protection Regulation (GDPR) and the huge potential fines of €20m or 4% of annual worldwide turnover.

    For organisations headquartered across EMEA, GDPR is a key focus for the next 12 months as the 25 May 2018 deadline approaches. Qualys solutions can help your organisation prepare and comply with GDPR.

    During this webcast, Jonathan Armstrong, Compliance and Technology Lawyer, Partner at Cordery, will answer any compliance questions and highlight the key areas to consider. Darron Gibbard, Managing Director, EMEA North at Qualys, will show you how to know and control your data, assets and suppliers.

    You will get practical advice on:

    - What you need to focus on: data, assets, suppliers
    - Who you should involve: key stakeholders and departments
    - How you can automate processes with Qualys Security Assessment Questionnaire

    This webcast will include a live Q&A session.
  • Vulnerability Intelligence Eine wichtige Komponen
    Vulnerability Intelligence Eine wichtige Komponen Thomas Todt, Senior Sales Engineer DACH, MEA & Eastern Europe May 24 2017 12:00 pm UTC 45 mins
    Software Vulnerability Management ist eine Herausforderung für die IT- und Informationssicherheitsstrategie Ihres Unternehmens. Hunderte neue Schwachstellen pro Woche machen das Thema zu einem Albtraum für Sicherheitsprofis. Die Informationen zu sammeln, zu prüfen und sie den relevanten Personen als Grundlage für die Risikobewertung zur Verfügung zu stellen ist eine weitere Herkules-Aufgabe. Doch es geht auch einfacher:

    *Was ist Vulnerability Intelligence?
    *Wie kann Vulnerability Intelligence Manager eingesetzt werden, um die Herausforderungen zu meistern?
    *Wie managen Sie Software Vulnerabilities effektiv?

    Nehmen Sie an diesem Webinar teil, um einen Überblick über Vulnerability Intelligence und den Wert für Ihr Unternehmen zu gewinnen. Lernen Sie, wie Sie die Sicherheit Ihrer Anwendungen mit Vulnerability Intelligence Manager effektiv steigern.
  • [VIDEO] Man & Machine: Analytics as a Defence Against Advanced Cyber Threats
    [VIDEO] Man & Machine: Analytics as a Defence Against Advanced Cyber Threats Ross Brewer, vice president and managing director EMEA, LogRhythm & Josh Downs, Senior Community Manager, BrightTALK May 24 2017 1:00 pm UTC 30 mins
    As technology advances, so does the threat landscape, with cyber criminals effectively exploiting weak points on an almost daily basis. When malware infiltrates an organisation’s first layer of defence, it can spread quickly throughout the network, exposing data and weakening security - and in most cases this happens faster than analysts or administrators have time to react to. Indeed, with reams of data being generated and transferred over networks, organisations are having a hard time monitoring everything, which means potential threats can easily go unnoticed.

    Organisations need to rely on machines to detect and respond to threats more quickly and efficiently. Even enterprises with a dedicated security team that monitors the latest security threat trends and understands the blueprint of evolving attack vectors still need to continuously monitor all network activity. The sheer volume of processes, services and applications running on a corporate network is just too much for human beings to monitor alone. However, this doesn’t mean that human analysis is not important.

    User and entity behavioural analytics (UEBA) is essential in keeping up with continuously evolving threats and making sense of anomalous network behaviour. Security approaches that utilise both machine learning and human analysis enable all threats to be analysed for effective detection and response, ensuring all data is accounted for and including the human element to help reduce the opportunities for false positives. To keep up with the ever-changing security landscape, companies need to integrate internal and external threat context in their environment by updating processing rules for operating systems, applications, and network devices in order to strengthen the accuracy of real-time machine analytics.
  • Action GDPR: Finding Sensitive Data
    Action GDPR: Finding Sensitive Data Paul Garstang, Snr Manager EMEA - Data Security Group & Steve Holyer, EMEA Specialist - Data Security Group May 24 2017 1:00 pm UTC 60 mins
    GDPR (General Data Protection Regulation) is only a year away, and many organisations are still trying to understand what this new regulation means to them, and their data governance practices.

    Join us for the second in a series of webinars which focus on how organisation's can begin to action GDPR - this short session is all about accelerating Data Discovery & Classification, how to automate and put in place a repeatable 'near real time capability' with Informatica's Secure@Source.

    Secure@Source provides 360º visibility of sensitive data and analyses and ranks sensitive data risk. In the context of GDPR, it helps organisations understand where their sensitive data resides, which data stores contain high risk combinations and how it proliferates through the organisation.

    This session will cover:
    - Where to start with your sensitive data
    - How to identify potential data risks
    - Live Demo of Secure@Source
  • GDPR: Countdown to Day0
    GDPR: Countdown to Day0 Neil Thacker, Forcepoint, Moyn Uddin, Cyber Counsel, Jonathan Armstrong, Cordery, Adrian Davis, (ISC)² EMEA May 24 2017 2:00 pm UTC 60 mins
    With the EU General Data Protection Regulation entering into force and becoming applicable from the 25th May 2018, this webcast, featuring an expert panel, will focus on key milestones to become ready for the new regulation and what we have learned to date with 1 year to go.

    Topics for discussion will include obligations to:

    · Maintain a personal data inventory
    · Map Data flow vs. Data Transfer Agreements
    · Incident Response and obligations for mandatory data breach notification
  • APT32: New Cyber Espionage Group
    APT32: New Cyber Espionage Group Nick Carr, Sr. Manager Incident Response, Mandiant, a FireEye Company May 24 2017 3:00 pm UTC 60 mins
    Learn more about APT32 (OceanLotus Group), a Southeast Asian cyber espionage group threatening multi-national companies operating in Vietnam. After long-term monitoring and response of their activities, FireEye has given this threat actor the newest APT designation.

    Join Nick Carr, Sr. Manager of Incident Response, as he shares how Mandiant, iSIGHT Intelligence and FireEye as a Service teams reveal:

    • Who is part of APT32, where they are based, whom they target and how they operate
    • Advice on how to defend against, hunt for and respond to APT32
    • How your organization can improve your ability to detect, prevent and remediate APT32 attacks
  • Turn Disruption into Differentiation with your Digital Transformation Strategy
    Turn Disruption into Differentiation with your Digital Transformation Strategy Sheryl Kingstone 451 Research, Bill Hurley CMO CenturyLink May 24 2017 5:00 pm UTC 60 mins
    Join 451 Research and CenturyLink May 24th at 1pm ET to discuss how enterprises are choosing and using digitization initiatives for business gain.

    Organizations of all sizes and in every sector are busy redefining their IT priorities for a digital future, identifying the goals of enhanced customer experience, operational efficiency, business agility and improved risk management as four key pillars for their digital transformation strategies.

    Digital transformation is playing out differently depending on a company’s maturity, the vertical sector in which it operates, its employees, its infrastructure, and its ability to innovate. Knowing where to start, and how to maintain momentum is critical.

    Join 451 Research and Centurylink to learn how some global enterprises are making assured first steps, and hear the following:

    •Understand how companies with more progressive Digital Transformation strategies are prioritizing their efforts for competitive differentiation, changing the nature of their business with innovative technologies that are becoming more easily accessible with a lower barrier to entry.

    •Insights and recommendations from a major survey of enterprises worldwide about IT priorities and how to make service provider choices to accelerate digital transformation mandates such as the role of cloud and other IT infrastructure options that are built for availability, speed, and resilience.

    •Identification of key shifts in business context that will continue to shape digitization efforts, and how these need to be reflected in a digital transformation roadmap for IT organizations.
  • Next-generation Security for the Public Cloud
    Next-generation Security for the Public Cloud Matt Keil, Director of Product Marketing at Palo Alto Networks May 25 2017 8:00 am UTC 60 mins
    As more and more organizations move their workloads to the public cloud, security remains a top concern because cybercriminals do not care whether your applications and data reside in your datacenter or in the cloud. Their goal is to steal data or computing resources by gaining access to the network, then moving laterally, potentially to the cloud to execute their goal.

    Join us for this webinar to learn how the VM-Series protects your public cloud deployment with the same next-generation firewall and threat prevention features available in our physical appliances.

    The webinar will cover:
    • Overview of the VM-Series next-generation firewall
    • How the VM-Series prevents cyberattacks in the public cloud
    • Key differences between the VM-Series and other cloud security offerings
  • iGov Survey Results: GDPR Compliance and Creating a 360 Citizen View
    iGov Survey Results: GDPR Compliance and Creating a 360 Citizen View Guy Bradshaw from Entity Group and Informatica May 25 2017 9:30 am UTC 60 mins
    This webinar will present the latest research project from iGov.

    This research considers the challenges and benefits for public sector organisations as they prepare for the EU’s forthcoming General Data Protection Regulation (GDPR).

    This webinar will illuminate:

    • The current state of Public Sector readiness in the light of GDPR’s introduction on May 25th 2018.

    • How present data management capabilities, illustrated by the iGov survey findings, could be affected by the new regulations.

    • How GDPR could affect Public Sector organisations when it comes to collecting and maintaining personal data.

    • Discussions regarding a realistic roadmap for GDPR compliance based on the survey findings.

    Registrants will also receive a complimentary copy of the survey report - to benchmark against other participating Public Sector organisations.

    Presented by
    Guy Bradshaw and Kate Tickner from Entity Group and Informatica
  • Turning the Table on Hackers through Situational Awareness
    Turning the Table on Hackers through Situational Awareness Jason Hart, CTO Data Protection, Gemalto, Adrian Davis, Managing Director, (ISC)² EMEA May 25 2017 11:00 am UTC 60 mins
    Data breaches in 2016 got even more personal with big hacks of adult entertainment sites and social media databases. Hackers mined these for gold, in other words, valuable data to create social engineering attacks, ransom operations, and identity theft. According to Gemalto's Breach Level Index, the number of stolen, compromised, or lost records increased by 86% in 2016, while the number of breaches decreased by 4%. Hackers are going after more data than ever before, and they are finding it in large databases that are left relatively insecure.

    Whether consciously or not, hackers have grasped the idea of situational awareness. They have figured out how to exploit these golden opportunities by keeping a finger on the pulse of what is going on. It seems too simple to be true, but it goes back to the age-old principle "information is power". Getting the information comes from being aware of one's surroundings. To become situationally aware, companies need to change their mindset—building a walled garden isn't an option anymore. During the webinar, we will look at the major data breach trends and findings from 2016 and discuss how this information can help develop your situational awareness. Join us as we cover topics like:

    •What we can learn from Jason Bourne about knowing one's surroundings
    •What we can learn from hackers to better protect valuable data
    •What we as security professionals can do by going back to the basics of accountability, integrity, auditability, availability, and confidentiality
    •How to change our mindset in a new era of a hacker-driven gold rush
  • Segment & Conquer - Segmentation Strategies to Accelerate GDPR Compliance
    Segment & Conquer - Segmentation Strategies to Accelerate GDPR Compliance Erik Luysterborg, EMEA Privacy Leader, Deloitte; Jesse McKenna, Director of Product, vArmour; David Melnick, CEO, Weblife May 25 2017 2:00 pm UTC 60 mins
    With GDPR enforcement beginning May 2018 and fines of 4% of global revenue, it’s time for organizations inside and outside of the EU to build plans for compliance. How will GDPR's broad scope of requirements affect the personal information processed in your data center, and how can you simplify your path to compliance?

    In this webinar, we’ll give you the strategy you need to understand how personal data is flowing across your data center, and how you can implement segmentation to narrow your project scope and get you GDPR compliant faster.

    Join Erik Luysterborg, EMEA Privacy Leader for Deloitte, along with WebLife and vArmour to learn:

    • An Overview Understanding GDPR
    • The key requirements and how they impact security teams at organizations both in and outside the EU
    • Why environmental segmentation is a critical aspect of regulatory compliance and should be part of your GDPR strategy
    • Ways organizations can use segmentation to simplify and accelerate GDPR compliance
  • Tick, Tock: Just 1 Year to GDPR Enforcement – How to be technology ready
    Tick, Tock: Just 1 Year to GDPR Enforcement – How to be technology ready Derek Brink, VP, Research Fellow, Information Technology May 25 2017 3:00 pm UTC 60 mins
    Just one year remains before enforcement of the EU General Data Protection Regulation (GDPR) goes into effect. It’s arguably the most important privacy regulation in a generation. But it’s time to move beyond mere awareness and understanding of what GDPR is, and start making decisions about how you’re going to address it.

    In this webinar, join Derek Brink, vice president and research fellow for Aberdeen Group, and Neil Cooper, Regional Sales Manager, UK&I, for Thales eSecurity, as they share the following helpful insights:

    • Short synopsis of the timeline and key provisions of GDPR
    • Quantify the business risk of GDPR, in terms of both the likelihood and the business impact of non-compliance
    • Summarise the six fundamental strategies for safeguarding sensitive data
    • Identify the three most important capabilities for addressing GDPR requirements
  • Why cybersecurity is everyone’s responsibility in today’s FS organization
    Why cybersecurity is everyone’s responsibility in today’s FS organization Steve Holt, EY EMEIA Head of Cybersecurity Financial Services May 25 2017 3:00 pm UTC 60 mins
    This webinar will discuss the global cybersecurity landscape, and the threats and opportunities cybersecurity is presenting for financial services organizations. Given the panel is being held exactly one year before the official General Data Protection Regulation (GDPR) implementation date, panelists will be reflecting specifically on the implications of this regulation for FS organizations.

    Panelists

    * Cheri McGuire, Group Chief Information Security Officer, Standard Chartered Bank
    * Simon Hales, Group Head of ISR, HSBC
    * Tony de Bos, EY EMEIA Financial Services, Data Protection and Privacy Leader

    Topics for discussion:

    * Talent and awareness - building a culture that makes cybersecurity part of everyone’s job and rethinking the role of the Chief Information Security Officer (CISO)
    * Strategy and innovation - putting cybersecurity at the heart of business strategy and ensuring that new digital innovation includes cybersecurity at the outset
    * Regulation - assessing the impact GDPR will have on your organization’s people, processes and technology ahead of the 2018 implementation date
    * Resilience and scalability - being prepared to recover rapidly from a cyber-breach while holding up your ecosystem to the same cybersecurity standards that you follow as an organization

    This publication contains information in summary form and is therefore intended for general guidance only. It is not intended to be a substitute for detailed research or the exercise of professional judgment. Member firms of the global EY organization cannot accept responsibility for loss to any person relying on this article.
  • Learning from the RSA Conference 2017 - Uncover Data Security Blind Spots
    Learning from the RSA Conference 2017 - Uncover Data Security Blind Spots Ulf Mattsson, CTO Atlantic BT Security May 25 2017 4:00 pm UTC 60 mins
    The RSA conference is a unique and valuable event for IT security experts from around the world. With cyber-attacks on the rise, securing your data is more imperative than ever. The RSA conference pointed out that revisions to PCI (Payment Card Industry) DSS (Data Security Standard) is increasingly focusing on Rugged DevOps or SecDevOps, and the different approach called DevSecOps, embracing the speed of DevOps and continuous delivery in a secure environment. DevOps does affect security, and you can use it to your advantage. As cloud, big data and DevOps disrupt traditional approaches to security, new capabilities emerge to automate and enhance security operations.
    Join this session and learn how to automatically address these data security blind spots and how security can be built into the development process and IT platforms. We will discuss how security can be built into Rugged DevOps,SecDevOps, DevSecOps, Scrum, SAFe, DAD and use in Large-scale Development.
  • Let the countdown begin: What does the GDPR mean for US companies?
    Let the countdown begin: What does the GDPR mean for US companies? Stephen Bailey, Head of Privacy at NCC Group, Terry Blake, SureCloud EVP – North America, and Nick Rafferty, SureCloud COO. May 25 2017 5:00 pm UTC 60 mins
    Exactly one year from the date of this webinar, the General Data Protection Regulation will take effect in the European Union. The GDPR applies to any organization that stores, processes or transfers the personal data of residents within the EU. It includes organizations located in and outside the EU. Non-compliance can result in fines of more than $20 million or 4% of worldwide revenues, whichever is greater. A recent survey found an alarming percentage of US-based companies are planning to reduce their presence in Europe or exit the European Union altogether rather than deal with the GDPR. Instead of tossing up their hands over the GDPR and going home, strategic US companies can follow the defined steps and adopt software solutions that can bring certainty to these uncertain times. In fact, they see another company’s exit from the EU as a potential opportunity to gain share. The good news is that you’re not too late in getting started to meet the GDPR deadline. But as the countdown begins, urgency escalates. The time to act is now.

    In this webinar, you will learn:
    What the GDPR means for you
    How to get started on your journey to compliance
    How the SureCloud GDPR Applications Suite can help you gain and demonstrate compliance and continuously improve your performance

    Agenda includes plenty of time to address your questions.
  • Segment & Conquer - Segmentation Strategies to Accelerate GDPR Compliance
    Segment & Conquer - Segmentation Strategies to Accelerate GDPR Compliance Erik Luysterborg, EMEA Privacy Leader, Deloitte; Jesse McKenna, Director of Product, vArmour; David Melnick, CEO, Weblife May 25 2017 5:00 pm UTC 60 mins
    With GDPR enforcement beginning May 2018 and fines of 4% of global revenue, it’s time for organizations inside and outside of the EU to build plans for compliance. How will GDPR's broad scope of requirements affect the personal information processed in your data center, and how can you simplify your path to compliance?

    In this webinar, we’ll give you the strategy you need to understand how personal data is flowing across your data center, and how you can implement segmentation to narrow your project scope and get you GDPR compliant faster.

    Join Erik Luysterborg, EMEA Privacy Leader for Deloitte, along with WebLife and vArmour to learn:

    • An Overview Understanding GDPR
    • The key requirements and how they impact security teams at organizations both in and outside the EU
    • Why environmental segmentation is a critical aspect of regulatory compliance and should be part of your GDPR strategy
    • Ways organizations can use segmentation to simplify and accelerate GDPR compliance
  • Workload Placement Made Simple: Private or Public?
    Workload Placement Made Simple: Private or Public? Jason McKinney, Chief Revenue Officer and Julian Macri. Cloud Consultant May 25 2017 6:00 pm UTC 30 mins
    During this session you will learn how to bring clarity to help make cloud decisions in minutes, not months.

    Jason McKinney will be presenting.

    CloudAssist™ is the portal through which you research cloud options and map your application portfolio to the best cloud solution.

    Assess application profiles, model transformation scenarios, and discover the best execution venues for your needs based upon user demographics, service levels, security, technology and total cost of ownership.

    Define Requirements
    Compare Options and Providers
    Receive Actionable Recommendations
    Evaluate the Business Case
    Move from Decision to Provision
  • Lifecycle Container & Docker Security - The CISO's Perspective
    Lifecycle Container & Docker Security - The CISO's Perspective Dave Ginsburg, Ravi Rajamiyer, Izak Mutlu May 25 2017 6:00 pm UTC 60 mins
    Are containers & Docker secure? We look at best practices across their lifecycle, including image scanning within CI/CD process, container OS hardening, and orchestration security with Kubernetes. Guest speaker is Izak Mutlu, former CISO at Salesforce.
  • SEP 14 Webinar Series: Easy Ways to Improve Your Security Posture
    SEP 14 Webinar Series: Easy Ways to Improve Your Security Posture Kirk Gibbons, System Engineer, Symantec May 30 2017 5:00 am UTC 30 mins
    Effective communication between the network and the endpoint is critical to quickly identifying advanced threats and preventing the spread of infection. The more automated the process the less damage an attack can do.

    Join use to learn what tight integration between Symantec Endpoint Protection and Secure Web Gateway looks like. You will discover:

    •Why tighter integration between the network and endpoint improves security posture
    •How new REST APIs help orchestrate a rapid response at the endpoint
    •What the future plans are for new APIs, integrations, and global threat intelligence

    Lastly, watch a demo that showcases how easy it is to integrate Symantec Endpoint Protection and Secure Web Gateway and what orchestrated response looks like.

    We look forward to welcoming you in our webinar.

    Register today!