Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Get Started: Billing and Invoicing in the Cloud
    Get Started: Billing and Invoicing in the Cloud Brett Gadberry, Technical Account Manager at CloudCheckr Recorded: Aug 21 2018 43 mins
    Managed Service Providers (MSPs), Cloud Service Providers (CSPs), and resellers often have a tough enough time generating invoices for their customers. Add to that the demands of a multi-cloud environment, with AWS, Azure, Google Cloud and more, and it becomes extremely challenging to allocate billing and invoicing.

    The solution is automation and self-healing. CloudCheckr can automatically generate invoices and even help resellers profit by keeping discounts and credits allocated among clients, presenting list price, as well as custom charges and credits as desired.

    Attendees will learn:
    - How to turn billing and invoicing into a profit center
    - Setting up cost ingestion and credentials in CloudCheckr
    - Setting up Custom Charges
    - How to structure automation monthly, weekly, and daily
    - Live demonstration
  • Advanced & Frictionless Security in a Multi-Cloud Environment
    Advanced & Frictionless Security in a Multi-Cloud Environment Anuj Sawani, Product Marketing Manager Recorded: Aug 21 2018 62 mins
    Today, organizations need higher performance and faster access to the latest innovative technologies in order to grab whatever competitive edge they can. This almost always means going to the cloud.

    Unfortunately, in the rush to get there, enterprises can find themselves with data and applications scattered across private and public clouds – often multiple public clouds – spanning IaaS, PaaS and SaaS.

    Without the appropriate security and compliance strategy in place, this often results in poor visibility and increased risk. The simple truth is that multi-cloud security isn’t intuitive.

    We can make it easier. This webinar will cover:

    •Common speed bumps your security and DevOps teams face
    •Innovative security strategies to tackle a wide range of cloud risks
    •Security automation and integration within the development lifecycle
    •Achieving consistent and advanced multi-cloud protections

    Register now and learn how to secure your multi-cloud environment with advanced, frictionless protection.
  • The Deathly Hallows of Application Security - Flaws, Vulnerabilities & Exploits
    The Deathly Hallows of Application Security - Flaws, Vulnerabilities & Exploits Paul Farrington - Director of Solutions Architects @ CA Veracode Recorded: Aug 21 2018 39 mins
    To understand the severity of a flaw you need to understand the extent to which it can be exploited. With software becoming more and more complex so does the difficulty of securing it.

    Join Paul Farrington, Director of Solutions Architect @ CA Veracode for this live webinar, where he will explore the distinctions between various security flaws and how you can combat them.

    You will leave the session understanding how to identify and address risk factors, how attackers exploit vulnerabilities & the extent to which organisations rely on AppSec technology to secure the SDLC.
  • Encryption & Tokenization as effective GDPR Best Practices
    Encryption & Tokenization as effective GDPR Best Practices An expert panel including Alex Pezold, Mark Rasch, Ian West and Ulf Mattsson Recorded: Aug 20 2018 63 mins
    This session will cover one of the more important aspects of GDPR: Encryption and Tokenization. In this session you will learn the relevance of Encryption and Tokenization as it applies to GDPR and what is the difference between the two security methods.
  • Overcoming The Cybersecurity Skills Shortage in Law Firms
    Overcoming The Cybersecurity Skills Shortage in Law Firms Todd Thiemann, Director Product Marketing - Arctic Wolf Networks Recorded: Aug 16 2018 40 mins
    The evidence is clear: law firms of all sizes need to securely handle sensitive information associated with their clients, investigators, and witnesses. According to the American Bar Association’s 2017 Legal Technology Survey Report, 22 percent of respondents suffered a security breach at their law firms.*

    Compromised client information can destroy reputations and lead to decreased billables and lost business. While the need for improved security is evident, IT and security teams struggle to locate, retain and train talent needed to maintain and improve their security posture. So, what are optimal approaches for law firms to manage staffing needed to monitor and defend their valuable data and infrastructure?

    In this Arctic Wolf webinar, you will:

    - Discover why cybersecurity is top of mind in the legal community
    - Recognize the IT and Cybersecurity skills shortage and its impact on security
    - Understand how SOC-as-a-Service approaches enable law firms to rapidly improve their security posture and provide evidence to satisfy technology audits

    Save your seat today to learn more!

    *https://www.americanbar.org/groups/law_practice/publications/techreport/2017/security.html
  • Build Your Cyber Budget for 2019: Part 1
    Build Your Cyber Budget for 2019: Part 1 Jerry Caponera, VP of Cyber Risk Strategy Recorded: Aug 16 2018 35 mins
    Choosing cyber vendors and balancing budgets can be a challenge. We want to help cut through the clutter and show how we build a cybersecurity budget and identify spending needs an organization needs to immediately address. This is a two-part webinar series where you will learn how to approach the cybersecurity budgeting process (as well as see common mistakes to avoid) and how to build your own cyber budget. We will offer a budget plan worksheet to guide you along the way and share best practices and takeaways.
  • Defending the Castle – Back to the Future using Isolated Networks
    Defending the Castle – Back to the Future using Isolated Networks John Alexander, Director of Product Marketing, OPSWAT Recorded: Aug 16 2018 58 mins
    In industries where extreme security is a requirement, like the nuclear, energy, manufacturing, financial, and defense industries, an air gapped network can be an extremely powerful defense. Air gapped networks are like dealing with the past and present at the same time: they harken back to a time before the Internet, but they are also even more useful now because of the Internet, which provides a path for both good and bad activity.

    In this presentation, we’ll discuss the concept of the air gap, or isolated network, and explain what their weaknesses are and when they should or shouldn't be used. We’ll also discuss how, when used correctly, an air gapped network can be such a powerful defense.

    Even though air gaps are extremely powerful defense mechanisms, every defense has its weakness. The key is to minimize these weaknesses by establishing a secure work flow that at the same time reduces the operational productivity concerns that surround air gapped networks. The latter portion of this presentation covers one of the most critical defense measures that is required in an air gap network, "the Kiosk", and best practices in employing "kiosks" as a critical part of an air gapped network defense strategy. We’ll also talk about data diodes, and how they can be employed to help reduce the operational cost of using an air gapped network.
  • Your Organization's Role in the Shared Responsibility Model
    Your Organization's Role in the Shared Responsibility Model Todd Bernhard, CloudCheckr Product Marketing Manager Recorded: Aug 16 2018 29 mins
    A Guide to Understanding and Taking Control

    There is no doubt managing massive amounts of enterprise data is inherently easier in the public cloud. However, given its size, that data is a target for malicious security threats from attackers both within and outside organizations. While leading cloud platforms like Amazon Web Services and Microsoft Azure can help ease the burden of cloud migration, they are not responsible for the comprehensive security and compliance checks necessary to keep your data safe in the cloud. That’s why next-generation automated cloud monitoring and security management tools like CloudCheckr are essential for closing the loop.

    In this webinar, Product Marketing Manager Todd Bernhard maps out shared responsibility models for AWS and Azure and explains how CloudCheckr keeps your data secure and compliant.
  • Defending our Critical Infrastructure
    Defending our Critical Infrastructure Juanita Koilpillai and Mark Rasch Recorded: Aug 16 2018 62 mins
    Critical Infrastructures such as Power, Water, Internet, Pipeline(Gas), and Smart Cities have been and continue to be attacked. This session will address the vulnerabilities and best practices for defending and protecting critical infrastructures.

    In this session, you will learn:
    Attacks most commonly used
    Defensive measures
    Best practices
  • Leveraging Security Automation for Improved Management
    Leveraging Security Automation for Improved Management Ken Wilson, Dir, Sales Central U.S., Skybox, Michael Roling, CISO, State of MO; Curtis Dukes, CIS; Brandon Dunlap (Moderator) Recorded: Aug 16 2018 61 mins
    Security automation technologies can help drive improvements in managing security policies, including their implementation in firewalls and other network devices. However, whether you’re struggling with continuous compliance, auditing and reporting or managing firewall changes, deciding what to automate can be challenging. Join Skybox Security and (ISC)2 on August 16, 2018 at 1:00PM Eastern for a discussion where we’ll examine which automated processes in security policy management deliver the biggest rewards while introducing the least risk to your organization. Areas to be examined include why automation, visibility and context should be the indivisible, foundational components of any security policy management solution, which processes in security policy management are ripe for automation and where human intervention is still valuable. We’ll also explore how to educate security stakeholders in your organization on what’s needed to make automation initiatives a success.
  • How to Develop a Secure Cloud Strategy
    How to Develop a Secure Cloud Strategy Brian McHenry, Security Solutions Architect; Tom Thomas, Director of Architecture Recorded: Aug 16 2018 63 mins
    How are you deciding what applications should move to the cloud? Is there a clear understanding of how to best secure those apps?

    Join F5’s own Director of Architecture Tom Thomas, and Security Solutions Architect Brian McHenry, as they discuss a deployment framework which you can use to assess the impact of on-premises versus cloud, while considering the business, data security, and financial impact of cloud migration.

    By the end of this webinar you’ll have the answers to these questions and more:

    • Are the security services my cloud provider offers enough to secure my applications?
    • How much of my business should migrate to the cloud?
    • What tools can help protect against the cost of lost or compromised data?
  • Gain Deep Visibility into APIs and Integrations with Anypoint Monitoring
    Gain Deep Visibility into APIs and Integrations with Anypoint Monitoring Andrew Bragdon, Principal Product Manager, MuleSoft Recorded: Aug 16 2018 56 mins
    On average, a business supporting digital transactions now crosses 35 backend systems — and legacy tools haven’t been able to keep up. This session will cover how MuleSoft’s new monitoring and diagnostic solutions provide end-to-end actionable visibility to APIs and integrations to help customers identify and resolve issues quickly.

    Key Takeaways:
    * Measure application performance across APIs and integrations in production
    * How to query and retrieve log data across your network
    * End-to-end walkthrough of priority issue identification and resolution
    * Exciting new capabilities of Anypoint Monitoring
  • How to Simplify PCI DSS Compliance with a Unified Approach to Security
    How to Simplify PCI DSS Compliance with a Unified Approach to Security Sanjay Ramnath, AlienVault; Jacques Lucas, Terra Verde; Zuri Cortez, AlienVault Recorded: Aug 16 2018 60 mins
    Demonstrating compliance with PCI DSS is far from a trivial exercise. The 12 requirements of PCI DSS often translate into a lot of time and effort to access the necessary data and reports from many different systems and tools. And, after an audit is complete many teams struggle to maintain compliance.

    In this webcast, you'll hear from Jacques Lucas, a Qualified Security Assessor (QSA) with Terra Verde, and Sanjay Ramnath, VP of Product Marketing at AlienVault, sharing best practices to help you simplify implementation of PCI DSS security controls and reporting.

    Join us for this webcast to learn:

    - The most common challenges in meeting and maintaining compliance with PCI DSS
    - Best practices to help you plan and prepare for an audit
    - The core security capabilities you need to demonstrate compliance
    - How AlienVault Unified Security Management can simplify the compliance process

    Hosted By
    Sanjay Ramnath
    VP of Product Marketing at AlienVault
    Jacques Lucas
    Qualified Security Assessor (QSA) with Terra Verde
    Zuri Cortez
    Sales Engineer at AlienVault
  • Dynamic Data Protection for Government: Proactive Security without the Headaches
    Dynamic Data Protection for Government: Proactive Security without the Headaches Rob Campbell (Director, Data Security Solutions) & Rob Mathieson (Sr. Analytics Specialist), Forcepoint Global Governments Recorded: Aug 16 2018 35 mins
    Government agencies have unique and complex cybersecurity challenges that are worsened by an understaffed workforce, legacy IT systems, and a lack of modernization funding. Security teams are constantly bogged down with alerts from disparate point products that require manual investigation.

    With Forcepoint Dynamic Data Protection, you can take your agency from yesterday’s threat-centric model to a more proactive approach focused on human behavior. We combine our best-in-class data loss prevention with behavioral analytics to reinforce security without hindering productivity.

    Watch our webcast to find out how Forcepoint DDP can deliver risk-adaptive security and help your agency protect its most sensitive data.
  • Das Geheimnis erfolgreicher Unternehmen
    Das Geheimnis erfolgreicher Unternehmen Oliver Sehon (Director Analytics Integation, SAP) und Jochen Alig (Solution Consultant Senior, SAP Concur) Recorded: Aug 16 2018 46 mins
    Nur wer seine Daten kennt, kann sie erfolgreich einsetzen. Erleben Sie anhand des Digital Boardrooms, welche Möglichkeiten die Integration von SAP Concur in die SAP Analytics Cloud bringt.

    Daten aus dem Geschäftsreisemanagement berühren viele Abteilungen:

    - Finanzverantwortliche, die sich volle Transparenz über Kosten und eine verlässliche Datengrundlage für Investitionsentscheidungen wünschen.

    - Travel Manager, die wissen wollen, wie Mitarbeiter reisen, um in Verhandlungen mit Anbietern das Maximum herauszuholen.

    - HR-Experten, für die es wichtig ist, die (Reise-)Gewohnheiten Ihrer Mitarbeiter zu kennen, um so in der Lage zu sein, deren Zufriedenheit zu erhöhen.
  • Don't Ignore Endpoint Data Protection in your Data Management Plans
    Don't Ignore Endpoint Data Protection in your Data Management Plans Kalyani Kallakuri and Gregg Ogden from Commvault Recorded: Aug 16 2018 25 mins
    Today, most organizations already have a practical understanding of how to manage their data center. However, they often overlook or decide not to focus on data that resides on endpoints, and walk out the door on a nightly basis.

    This session will discuss the business drivers and technical challenges associated with protecting, managing and controlling data that lives on their edge devices – endpoints. 

    We will help you the answer the question : Isn’t using a cloud file-sharing service good enough?
  • The IoT Enterprise: Why Your Organisation Is Already IoT'd
    The IoT Enterprise: Why Your Organisation Is Already IoT'd Nick Savvides, Chief Technology Officer APAC, Symantec Recorded: Aug 16 2018 61 mins
    With the potential for energy savings, improvement of business processes, automation of the supply chain and more, organisations around the world are giving IoT a serious look - but security concerns are proving to be a barrier for adoption.

    With most IoT devices and platforms missing even basic security hygiene and existing network security tools lacking the capability to properly manage an IoT network, implementing IoT devices can be a security nightmare.

    Join us in our upcoming webinar as we discuss the current state of IoT in enterprises, the challenges of properly securing IoT devices, and our top recommendations on how to resolve these challenges and prepare your organisation for the age of automation.
  • Advancing Cybersecurity in Health Care
    Advancing Cybersecurity in Health Care Julian Crowley and Vaughn Adams Recorded: Aug 15 2018 26 mins
    As the value of patient records, infrastructure, and services grows, the health care industry continues to become a major target for cyberattacks With an expanding attack surface — due to cloud infrastructure — it's critical this vulnerable industry continues to mature its security capabilities for its most valuable data and apps.

    Epic Systems is a market-leading Electronic Health Records (EHR) vendor widely used by large hospitals and health systems to access, organize, store, and share patient medical records. Given the volume and sensitivity of personal data on Epic platforms, it’s critical to ensure threats to patient privacy are detected and mitigated quickly.

    In this webinar you’ll learn how organizations in health care are using LogRhythm’s Epic Hyperspace App, combined with traditional security data, to provide greater value and network visibility. Members of LogRhythm’s Strategic Integration team and Health Care Sales Engineering team will show you how LogRhythm’s Epic Hyperspace App provides a focused point solution for real time visibility — as well as detection of suspicious activity within an Epic deployment. See how this app provides real-time visibility (including alarms and reports) into:

    · Inappropriate access or access attempts to patient medical records
    · Inappropriate attempts to record or download patient medical records
    · Users and systems trying to access the EHR
    · Context of the user who is accessing the patient records
    · Logic or reasoning behind the attempted access to medical records

    If you have Epic and LogRhythm, this is a must-see webinar. If you use another EHR, use the information from this webinar as a template on how and why to monitor your EHR platform.

    Speakers:
    - Julian Crowley, Strategic Integration Engineer
    - Vaughn Adams, Enterprise Sales Engineer
  • HIPAA-Aware Security Breach Prevention Policies for Email
    HIPAA-Aware Security Breach Prevention Policies for Email Simon Reddington, Technical Product Manager, Healthcare Practice Recorded: Aug 15 2018 32 mins
    Healthcare is the number one industry where employees are the predominant data security breach and compliance threat. 62% of breaches tend to be associated with unintentional outbound email misdelivery. In the context of ever increasing expectations on healthcare workers and reliance on electronic communication, it has become critical for IT security professionals to develop strategies to mitigate security breaches related to the release of protected health information (PHI).

    Join this summit session to learn how organizations are automating security breach policy oversight with pre-defined, HIPAA-aware data leak prevention policies that can be rapidly configured and then applied to a healthcare organization’s entire local or distributed workforce.

    Presenter Info:

    Simon Reddington, Technical Product Manager, Healthcare Practice

    Simon is a Technical Product Manager at Mimecast. Prior to joining Mimecast in 2013, he held technical roles at companies such as WorkShare and Fuel-IT Ltd. He has domain expertise around cloud computing and virtualized environments, Windows Server, Microsoft Exchange, and network administration. He holds a BSc in Computer Science, with Honors, from the University of Essex.
    David Hood, Cyber Security Strategist and Director of Technology Marketing, Healthcare Practice
    David is a Director of Technology Marketing at Mimecast. Previously he was Vice President and General Manager of Data Services at Connotate. David has held senior positions in marketing and product marketing at Kyruus, Memento (acquired by FIS) and additional enterprise software companies. He holds an MBA from Boston College and graduated from Vanderbilt University.
  • Should More Protection Really Equal More False Positives?
    Should More Protection Really Equal More False Positives? Nir Gaist, Founder & CTO, Nyotron Recorded: Aug 15 2018 30 mins
    Security professionals accept the paradigm of “more protection equals more false positives (FPs)” as a fact of life. The tighter they make the “screws” of the security policies in their DLP, Web or Email Gateways, UEBA, application control/whitelisting and AV tools, the higher the likelihood something benign is misclassified as malicious. That’s why it is not uncommon to see false positive rates exceed 5% using the most aggressive settings.

    What if we were thinking about this wrong? Can we break this correlation between more security and more FPs?

    During this webinar we will briefly review the definition of false positives, false negatives, true positives and true negatives, as well as the history of “more protection = more FPs” paradigm. Then we will turn the paradigm on its head and discuss how more protection can actually mean fewer FPs.


    About the Speaker
    Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
  • Enhance Application Security with Automated, Open-Source Security Management
    Enhance Application Security with Automated, Open-Source Security Management Dave Meurer, Alliances Technical Manager at Black Duck by Synopsys, Kamala Dasika, Pivotal Recorded: Aug 15 2018 60 mins
    Almost every major company uses or builds software containing open-source components today—96% of them, according to a report from Black Duck by Synopsis. The same report revealed that 78% of the apps that were audited had at least one vulnerability, including several that were reported nearly six years ago! Needless to say, not having solid open-source use policies and procedures in place for your developers poses a significant risk to any enterprise.

    Black Duck and Pivotal collaborated to deliver a secure and simple user experience for rapidly building and deploying applications so that developers can benefit from the many advantages of using open source in their apps with confidence.
    Join Dave Meurer from Black Duck and Kamala Dasika from Pivotal as they discuss:

    - Key security concepts you need to know pertaining to cloud-native application development
    - How to simplify and automate open-source security management for your applications and reduce license, operational risk, or policy violations

    Dave Meurer, Alliances Technical Manager at Black Duck by Synopsys, leads solution development, enablement, and evangelism for Synopsys Software Integrity Group.

    Kamala leads GTM with Pivotal Cloud Foundry Technology partners. She has been working at Pivotal since 2013 and has previously held various product or engineering positions at VMware, Tibco, SAP, and Applied Biosystems.

    Pivotal Privacy Statement:
    https://pivotal.io/privacy-policy

    BlackDuck Privacy Statement:
    https://www.blackducksoftware.com/legal/privacy

    This webinar:
    https://content.pivotal.io/webinars/aug-15-enhance-application-security-with-automated-open-source-security-management-webinar
  • Protecting IoT Endpoint Devices and Communications – Mocana TrustPoint
    Protecting IoT Endpoint Devices and Communications – Mocana TrustPoint Dean Weber, CTO, Mocana and Keao Caindec, Vice President of Marketing, Mocana Recorded: Aug 15 2018 46 mins
    Part 2 Dangers of Relying on Threat Detection

    When people think about cybersecurity today, they typically think about securing data in motion and at rest or analyzing threats. But when you move into this new connected world, you need to think about more than just the data and watching hackers. How do you ensure you can trust the actual IoT endpoint device? This 3-part webinar series will focus on approaches for making devices trustworthy and enabling secure device-to-cloud communications.
  • Optimize Phishing Detection and Response with LogRhythm and Office 365
    Optimize Phishing Detection and Response with LogRhythm and Office 365 Randy Franklin Smith (UWS) | Greg Foss (LogRhythm) Aug 22 2018 12:00 am UTC 75 mins
    Today’s hackers often favor the phishing email as their weapon of choice. Phishing attacks are not only common, but are also very difficult to defend against. What if you could detect and mitigate a phishing attack before its intended target clicks on that fatal link or opens that malicious attachment?

    When your Exchange server is in the Office 365 cloud, solutions such as constant inbox scanning or relying on synchronous mail flow aren’t viable options. Instead, you can find a strong defense against phishing emails in the Message Tracking log in Exchange.

    The Message Tracking log is available in both on-prem Exchange and Office 365 Cloud’s Exchange Online. Message Tracking logs include valuable information about the client, servers, sender, recipients, message subject, and more. If you can access this information and know how to mine it, you can detect likely phishing emails.

    In this webinar, you’ll learn how to:

    - Recognize the format of message tracking logs
    - Pull message tracking logs from Office 365 using PowerShell’s Get-MessageTrackingLog cmdlet
    - Work through a list of checks to perform against message tracking events to detect phishing emails
    - Move suspect emails to a sandbox where you can use analysis tools like PhishTank, ThreatGRID, or OpenDNS
    - Remove copies of phishing emails from other recipients
    - Automatically detect and respond to phishing attacks with no analyst intervention
    - To optimize your phishing response efficiency, LogRhythm has introduced a new open-source Phishing Intelligence Engine (PIE). PIE is a PowerShell framework focused on phishing attack detection and response.

    Register for the webinar now to learn how you can use LogRhythm’s PIE and Office 365 to better detect and respond to phishing attacks.
  • Welcoming the Informatica Intelligent Cloud Services
    Welcoming the Informatica Intelligent Cloud Services Dion Jensen, Principal Presales Consultant, Informatica Aug 22 2018 9:00 am UTC 60 mins
    This session will give you an overview of the new IICS platform: covering an introduction to the Informatica Intelligent Cloud Services platform with numerous, real world use cases, as well as a session around how to bring your PowerCenter workload to the Cloud.


    Other webinars in this Cloud Webinar Series:

    Session 1: How to engage with Cloud Computing?
    Session 3: Using IICS to orchestrate complex order processing
    Session 4: Lift & Shift (EDW) Enterprise Data warehouse to Azure
    Session 5: Customer Case: Rockwool’s Cloud journey
    Session 6: How to engage with Cloud Computing?
  • GDPR: 4 Key Principles for Success
    GDPR: 4 Key Principles for Success Keith Brennan Director, Field Engineering FireMon Aug 22 2018 3:30 pm UTC 60 mins
    In this webinar replay, we'll discuss 4 key principles your organization needs to be successful with the EU's demand for tighter data protection, along with the penalties for the violation. GDPR provides an example of how countless security professionals can be led to anxiety and dread with a looming stack of regulations on fast approach. Put the fears to rest.

    In this webinar, we’ll show you the principles needed for GDPR success:

    -Risk-based data protection
    -Measuring security effectiveness
    -Monitoring data protection
    -Orchestrating persistent compliance

    GDPR is a special instance of government regulations; you’ve seen this for decades. There is nothing to fear. Nothing.
  • Accudata's White-Hat Files | August 2018 Edition
    Accudata's White-Hat Files | August 2018 Edition Anton Abaya, CISA, PCI QSA, Senior Consultant Aug 22 2018 4:00 pm UTC 15 mins
    Our fourth White-Hat File is once again from Anton Abaya, CISA, PCI QSA, Senior Consultant in Accudata’s Risk and Compliance practice.

    In the July edition, Anton talked about his expertise with physical social engineering. In this 15-minute webinar, he’ll describe the most effective ways he uses online phishing techniques to break into corporate networks—and how you can ensure these remote attacks don’t work on your employees.
  • Security Champions: Only YOU Can Prevent File Forgery
    Security Champions: Only YOU Can Prevent File Forgery Marisa Fagan, Product Security Lead, Synopsys Aug 22 2018 4:00 pm UTC 60 mins
    If you’re a developer, there will come a time when you realize that you have the power not only to ship awesome features but also to protect them so that no one else can tamper with all your hard work. Every developer is responsible for coding securely, but a brave few among us will take this duty one step further by wearing the mantle of a Security Champion.

    This webinar is your guide to becoming the Security Champion you always wanted to be, in just five easy steps. We’ll also talk about what benefits you’ll get out of it, besides saving the world, and what to do if your company doesn’t have a Security Champions program or even a product security program.
  • Picking the Right Assessment Types for your Application Security Program
    Picking the Right Assessment Types for your Application Security Program Chris Kirsch, Director, Product Marketing at CA Veracode Aug 22 2018 4:00 pm UTC 45 mins
    Most companies start their application security program with a manual penetration test of their most business-critical applications. While this type of assessment covers a lot of ground, it’s not as scalable and repeatable as automated scanning technologies. As your program matures, you’ll have to branch out into more automated technologies.

    This talk will review the merits of static analysis, dynamic analysis, software composition analysis, and penetration testing, indicating which technologies make sense in your specific situation as you mature your application security program.
  • There's A New Privacy Sheriff In Town: The California Consumer Privacy Act
    There's A New Privacy Sheriff In Town: The California Consumer Privacy Act Debra Farber (BigID) & Doron M. Rotman (KPMG) Aug 22 2018 5:00 pm UTC 60 mins
    The California Consumer Privacy Act ("CaCPA") - the first data protection regulation of its kind in the U.S. - will go into effect on Jan 1, 2020. Join Doron Rotman, Managing Director and National Privacy Service [DMR] Co-Leader, Advisory at KPMG LLP and Debra Farber, Senior Director of Privacy at BigID, for a discussion on what the CaCPA means for companies doing business in California, and how to prepare for its requirements. The discussion will provide a practical perspective on how companies can develop and tailor their privacy management programs to respect the new rights afforded to California consumers and what steps they should take between now and 2020 to comply.

    In this webinar, attendees will learn:

    - The main similarities and differences between the CaCPA and the EU General Data Protection Regulation ("GDPR").

    - Why the CaCPA means "no more business as usual" for how personal data are collected, governed, and secured.

    - The foundational processes, technology, and organizational elements that companies should put in place to prepare.

    - Trends: How other companies are approaching compliance with CaCPA.
  • Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Take the Industry’s Most Authentic Cyber Range for a Security Test Drive Mike Cooper, Sr. Security Manager Aug 22 2018 5:00 pm UTC 30 mins
    Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.

    Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.

    We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.

    Sign up to test drive CMD+CTRL!
  • Incident Response and Forensics in a Cloud Native World
    Incident Response and Forensics in a Cloud Native World Neil Carpenter, Principal Solution Architect, Twistlock & Keith Mokris, Product Marketing Lead, Twistlock Aug 22 2018 5:00 pm UTC 60 mins
    With the rapid increase in containers and cloud native applications at the enterprise, security teams and incident responders are continually tasked with new requirements and challenges for detecting and investigating security incidents.

    In this webinar, Neil Carpenter from Twistlock will discuss what a transition to containers means for incident response teams and how Twistlock can help to ease the pain.

    Register for this webinar to learn:
    • Approaches to gathering incident data from Cloud Native applications
    • Examples of incidents and investigations
    • Details on Twistlock's brand-new Cloud Native Forensics Platform
  • How to Architect a Successful Data Lake
    How to Architect a Successful Data Lake Rajesh Nadipalli, Director of Product Support and Professional Services Aug 22 2018 6:00 pm UTC 120 mins
    Building a data lake is easy. Architecting a successful data lake that is flexible enough to accept multiple data sources, volumes, and types all while being able to scale with your business is harder.

    Do it wrong and you've created a data swamp. Do it right and you turn data into the most valuable asset in your business.

    Join us and learn from Rajesh Nadipalli, Zaloni’s Director of Product Support and Professional Services, how to:
    - Set your data lake up for success with the right architecture
    - Build guard rails to ensure the accuracy of data in your lake with proper data governance
    - Provide visibility into your lake with a robust data catalog (or tie in with your favorite BI tools)
  • Compliance...Implement and Operate the Right Security Controls
    Compliance...Implement and Operate the Right Security Controls Tom Cornelius and Mark Kedgley Aug 22 2018 7:00 pm UTC 60 mins
    Most organizations today run a ‘Build-a-Bear’ approach to Cyber Security, with products and practices they piece together.

    If you aren’t already subject to one or more specific GRC mandates, inevitably, one will soon be dropped on you. Regardless of the regulation, you will need to provide structured evidence proving you operate in compliance with a fit-for-purpose set of controls.

    Just in the last 12 months, GDPR and NIST 800-171 have been made mandatory. This, coupled with the stats telling us that security breaches are increasing despite year on year increases in security investment, tells us that the need to understand and implement security controls is inevitable.

    What is the most strategic, long-term and resource-effective way to reconcile increased demands for compliance and security? How do you bring together the aligned but segregated needs for ITSM and Security? How do you elevate traditional change management to the state of the art of change control, providing security-grade change visibility but without compromising your organizations’ IT agility?

    Join Tom Cornelius, Senior Partner at Compliance Forge and Founder of the Secure Controls Framework, and Mark Kedgley, Chief Technology Officer and Co-Founder of New Net Technologies in an interactive webinar where we will

    •Work out how to streamline and bring together overlapping or conflicting requirements for controls
    •Simplify the need for multiple compliance and privacy mandates
    •Examine what gives us the right mix of technology and automation to deliver the new hybrid SecureOps way for operating ITSM and security

    Get a free copy of the integrated Secure Controls Framework playbook and a fully-functional extended trial of NNT Change Tracker to see how easily you can embrace SecureOps in your environment.
  • 模仿電郵威脅 – 層出不窮的面具
    模仿電郵威脅 – 層出不窮的面具 洪文輝, Manfred Hung, FireEye 技術顧問 Aug 23 2018 2:00 am UTC 60 mins
    您始終無法相信電子郵件的發件人真正發送了它。 模仿威脅正變得越來越流行,用戶也難以發現。

    在此網路研討會中,Nicholas Hsiao 北亞技術顧問將會討論“模仿電郵威脅 – 層出不窮的面具”,深入探討模仿攻擊背後的細節:
    • 涉及什麼心理認證
    • 攻擊者如何捕捉接受者的想像力和情感
    • 模仿攻擊是如何演變的
    • 模仿的未來是什麼
    • 威脅情報和電郵安全的速度如何影響網絡風險
  • Solving Mobile Security: Peer-tested Strategies That Work
    Solving Mobile Security: Peer-tested Strategies That Work Brian Duckering, Mobile Security Specialist, Symantec and Brian Jacome, Director of Applications and Controls, RBC Aug 23 2018 5:00 am UTC 60 mins
    Businesses of all sizes are wary of the added risk that comes from the use of mobile devices and are struggling to figure out the best strategies to protect their sensitive information.

    Attend this webinar to hear the advice from experienced security professionals who have successfully navigated the path to protect their businesses from mobile threats.

    Hear from Brian Jacome, Director of Applications and Controls from Royal Bank of Canada and learn about his journey and get answers to the following questions and more:

    - Why is it important to secure mobile devices?

    - What is your advice to your peers who are starting their mobile security journey?

    - What are the most important requirements of a mobile security solution?

    By the end of this webinar, you will have gained important advice and perspective from those who have gone before you and are able to sleep better at night.

    Register Today
  • Intelligent Data Governance in the era of Digital and GDPR
    Intelligent Data Governance in the era of Digital and GDPR Hitachi Vantara - Sanjay Agrawal Director-Presales; Sumeet Tandure-Technical Expert; Manuj Duggal-Head, Presales NxtGen Aug 23 2018 6:00 am UTC 90 mins
    While everyone agrees data is the new currency, it can quickly turn to an unforeseen liability if not managed well. Complexity of data silos, intense pressure from digital disruptors, business reliance on reaping digital dividends, and increasingly rigid regulatory environment mandates a well governed data strategy.

    Today’s data governance frameworks leaves a lot to be desired. Intelligent Data Governance ensures that data management is automated as per appropriate organizational policies, business standards, and global regulations while allowing business to extract in-time insights for agile decision making.

    Join us to learn how can you tame the increasing amount of data diversity, meet with the emerging data privacy regulations & compliance standards, automate the key governance policies, and modernize data protection.
  • Medical Grade Security for your Unpatchable Medical Devices
    Medical Grade Security for your Unpatchable Medical Devices Mick Coady, PwC, and Matt Mellen, Palo Alto Networks Aug 23 2018 12:00 pm UTC 60 mins
    Because security is often an afterthought when medical devices are designed and maintained by the manufacturer, they are the most vulnerable devices in a hospital’s network.

    The medical device community is beginning to improve the security of their products, but it will take years for legacy devices to be upgraded or replaced. Until then, healthcare organizations need to develop strategies for mitigating the cybersecurity risks these unpatchable devices pose to their patients and the organizations themselves.

    Join Matt Mellen, a healthcare security architect and former security lead for a hospital network, and Mick Coady, a partner in the Health Information Privacy and Security Practice at PricewaterhouseCoopers, as they discuss how to approach and mitigate the challenges associated with securing medical devices in hospital environments.

    In this webinar, you will discover:
    •The cybersecurity risks posed by unpatchable and hard-to-patch medical devices
    •How to successfully mitigate medical device security risks
    •Strategies you can implement today to secure medical devices
  • Scared of data security in SaaS applications? Don’t worry, we have your back
    Scared of data security in SaaS applications? Don’t worry, we have your back Akhilesh Dhawan, Dir. Product Marketing, Networking/Security; Praveen Raghuraman, Dir. Product Management, Networking, Citrix Aug 23 2018 1:00 pm UTC 60 mins
    Most organizations have some data stored in SaaS applications or are thinking of moving to SaaS. Some of this migration to SaaS is controlled by IT (sanctioned SaaS apps), while most of this migration is undertaken by individual business units (unsanctioned SaaS apps) in order to achieve better productivity or to get some tasks done. While IT has deployed methods like single sign-on to sanctioned applications, they cannot control access to any unsanctioned SaaS applications using the same SSO solution. And traditional single sign-on solutions don’t provide any control on what actions a user can take after they login to SaaS applications, nor do they provide security policies for IT to control user access to the Internet.

    In this session, you will learn about a single solution that helps:

    • Improve user experience with single sign-on to SaaS, web and virtual apps
    • Implement enhanced security policies for SaaS apps to control user actions after login
    • Enable Web filtering to control what users cannot access on the Internet
    • Securely browse the internet
    • Provide end to end visibility and user behavior analytics with Citrix Analytics
  • NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
    NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018 Hardik Modi, Sr Director – Threat Intelligence and Richard Hummel, Threat Intelligence Manager, NETSCOUT Aug 23 2018 3:00 pm UTC 60 mins
    The symbiotic nature of the digitally transformed world also adds vulnerability, as malicious actors, nation states, criminal organizations, or even individuals can capitalize on the interdependencies that wind through our pervasively connected world.

    The availability of innovative DDoS attack tools and techniques has lowered the barrier of entry, which means an increase in the number of attackers launching DDoS attacks. Attack targets have also diversified. It used to be that finance, gaming, and e-commerce verticals were likely targets. Today, any organization, for any real or perceived offense or affiliation, can become a target of a DDoS attack. This while APT group and crimeware activity continues to grow, as actors in this space develop and unleash increasingly sophisticated attacks worldwide.

    Attend this webcast to learn:

    •Understand what is happening on the DDoS Landscape – the largest attacks and what is driving them
    •How Nation-State activity is going ‘internet-scale’
    •Botnets, crimeware, intrusions – how these facets of the threat landscape tie in together
  • La criptomoneda está en el aire: Descubre la nueva economía digital.
    La criptomoneda está en el aire: Descubre la nueva economía digital. Pablo González Co-founder, CDO & Chairman en BITSO, Jorge Alegría Sr. Advisor to the President of CME Clearing Aug 23 2018 3:00 pm UTC 60 mins
    Adéntrate en el mundo de la economía digital escuchando las experiencias y opiniones de dos ponentes expertos. KIOllege trae para ti un panel de información donde podrás descubrir más sobre uno de los temas más polémicos de la actualidad.
  • Securing AWS Environment - Practical Tips (Part 1)
    Securing AWS Environment - Practical Tips (Part 1) Ashish, Cloud Security Architect Aug 23 2018 4:00 pm UTC 30 mins
    AWS Cloud components such as EC2, VPC, Security Groups, RDS are part of enterprise compute fabric. To keep corporate information from spilling over in public domain, it is imperative to secure & continuously monitor AWS accounts.

    In this AWS series, we will discuss practical how-to tips on securing AWS account. Participants will learn about

    - Various ways AWS account can be compromised

    - How to keep yourself secure

    - How to continuously monitor security
  • Protect APIs and Secure Data with Anypoint Platform
    Protect APIs and Secure Data with Anypoint Platform Bala Narasimhan, Sr. Director, Product Management at MuleSoft Mahesh and Naik, Solutions Architect at MuleSoft Aug 23 2018 4:00 pm UTC 60 mins
    API abuses are set to become the most frequent attack route for data breaches by 2022. Watch this webinar to learn how your company can stay ahead of threats by delivering advanced data and API security with MuleSoft’s new security offerings.

    Key Takeaways:
    * How to tokenize, encrypt, or mask sensitive data in transit with API policies
    * Why format-preserving tokenization minimizes impact to downstream systems
    * When to use layers of defense with rapidly configured, policy-driven perimeter gateways
    * How to set up logical perimeters around applications, groups of APIs, or integrations
  • Best Practices for Reducing Your Attack Surface with Vulnerability Management
    Best Practices for Reducing Your Attack Surface with Vulnerability Management Narayan Makaram, Senior Director of Product Marketing, Arctic Wolf Networks Aug 23 2018 6:00 pm UTC 60 mins
    Attack surfaces are rapidly changing by the minute, as IT organizations are provisioning new types of endpoints, IoT devices, servers, web-applications and cloud-based services to increase business efficiencies. Due to this dynamically changing asset landscape, it has become increasiingly difficult for IT security teams to maintain visibility to which ones need to be patched to reduce the risk from being exploited by hackers.

    Narayan Makaram, Sr. Director of Product Marketing, Arctic Wolf Networks, will explore the following, to emphasize the need for regularly running external vulnerability scans to boost your visibility and reduce business risks.

    •Trends affecting your attack surface
    •Need for vulnerability management program
    •What should you look for in an external vulnerability scan report

    Register today to hear from this expert!
  • Scared of data security in SaaS applications? Don’t worry, we have your back
    Scared of data security in SaaS applications? Don’t worry, we have your back Akhilesh Dhawan, Dir. Product Marketing, Networking/Security; Praveen Raghuraman, Dir. Product Management, Networking, Citrix Aug 23 2018 6:00 pm UTC 60 mins
    Most organizations have some data stored in SaaS applications or are thinking of moving to SaaS. Some of this migration to SaaS is controlled by IT (sanctioned SaaS apps), while most of this migration is undertaken by individual business units (unsanctioned SaaS apps) in order to achieve better productivity or to get some tasks done. While IT has deployed methods like single sign-on to sanctioned applications, they cannot control access to any unsanctioned SaaS applications using the same SSO solution. And traditional single sign-on solutions don’t provide any control on what actions a user can take after they login to SaaS applications, nor do they provide security policies for IT to control user access to the Internet.

    In this session, you will learn about a single solution that helps:

    • Improve user experience with single sign-on to SaaS, web and virtual apps
    • Implement enhanced security policies for SaaS apps to control user actions after login
    • Enable Web filtering to control what users cannot access on the Internet
    • Securely browse the internet
    • Provide end to end visibility and user behavior analytics with Citrix Analytics
  • Career Conversations w/ Cyberjutsu Girls Academy Leadership Team
    Career Conversations w/ Cyberjutsu Girls Academy Leadership Team Jessica Gulick, MBA | PMP | CISSP Aug 23 2018 11:00 pm UTC 60 mins
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!

    Guest:
    Katie Nickels - MITRE
    Kandis Weiler - MBA Candidate, Marymount University
  • CISSP Exam Prep Clinic #1: How to pass your CISSP the 1st Time, New Exam Format
    CISSP Exam Prep Clinic #1: How to pass your CISSP the 1st Time, New Exam Format Alan Belshaw, M.S., MBA, Senior Cybersecurity Solutions Architect| Booz Allen and Hamilton Aug 25 2018 3:00 pm UTC 30 mins
    Learn how the new exam format works and how to handle it

    In Clinic #1, you will learn how the new CISSP exam format works. Then, you will learn tactics on how best to respond to this “adaptive exam format”.

    If you want to pass your CISSP Exam the first time, you’ll want to attend and then review this series of five live online CISSP Exam Prep Clinics taught by a leading (ISC)2 instructor. In these five valuable CISSP exam clinics you will learn about:

    • The new CISSP exam format, the “adaptive exam format”
    • How hands-on labs will help you prepare for your exam
    • Tactics to select the best answer for each question
    • How to get your employment endorsement and what happens if you need more experience

    These five clinics include tips for all 8 CISSP domains covered in the exam.

    Register today and move closer to your goal!

    SPONSORED BY: Mission Critical Institute

    Presenter
    Alan Belshaw,| M.S., MBA | Senior Cybersecurity Solutions Architect| Booz Allen and Hamilton
    Certifications: CISSP, CAP, CSSLP, CEH, CIWSA, CWNA
    Authorized instructor for CEH, CAP, CSSLP and CISSP