Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • What's Next in Emerging Tech? [Emerging Tech Virtual Summit] What's Next in Emerging Tech? [Emerging Tech Virtual Summit] Eric Horvitz, Technical Fellow & Managing Director, Microsoft Research Recorded: Oct 21 2016 30 mins
    By the end of this event, you’ll be asking, “what’s next?” In this final session of our virtual summit, Technical Fellow & Managing Director at Microsoft Research, Eric Horvitz, will discuss the next generation of emerging technology, with a particular eye to artificial intelligence.
  • Emerging Tech in the Start-Up World [Emerging Tech Virtual Summit] Emerging Tech in the Start-Up World [Emerging Tech Virtual Summit] Tereza Nemessanyi, Microsoft, Kevin O’Brien, GreatHorn and Kristen Smith, littleBits Recorded: Oct 21 2016 27 mins
    In this session, you’ll hear about innovative ways start-ups are using emerging technologies. Microsoft’s own Entrepreneur-in-Residence will tell us what’s happening in the start-up world, and two start-up moguls, Kevin O’Brien of GreatHorn and Kristen Smith of littleBits, will tell us how their companies are using emerging tech.

    In a constantly-evolving world of technology, it's near impossible to stay up to date with all the new advancements in tech. Whether you're launching a start-up, working for one, or in the planning stages, join us to hear from entrepreneur experts in cyber security, cloud communication, infrastructure, inventions and more!
  • Data Center Colocation: Is it the Right Approach for the Enterprise? Data Center Colocation: Is it the Right Approach for the Enterprise? Kelly Morgan - 451 Research, Jim Leach- RagingWire, Bill VanCuren- NCR Recorded: Oct 21 2016 36 mins
    Is Data Center Colocation the Right Approach for the Enterprise? A 451 Conversation with the CIO of NCR.

    Large enterprises have traditionally owned and operated their own data centers. But the capital and personnel requirements of owning and operating your own data centers as well as the strategic distraction, are causing many enterprises to consider replacing their data centers with a mix of colocation and cloud computing.

    In this webinar, Kelly Morgan, Vice President at 451 Research and one of the leading authorities on the economics and finances of the data center and hosting industries, will present the key considerations for enterprises as they evaluate colocation. Then, William VanCuren, Chief Information Officer at NCR, will join Kelly for a discussion on NCR’s hybrid cloud strategy, including their convergence of public cloud and colocation to support the enterprise
  • Managing Cyber Risk In Your Supply Chain Managing Cyber Risk In Your Supply Chain Jake Olcott, VP at BitSight Recorded: Oct 21 2016 61 mins
    Large data breaches have caused executives to invest significant time and resources in improving cybersecurity within their own companies. But now the attackers are targeting an organization’s weakest links - business partners and contractors who have access to the most sensitive data. How should senior leaders develop a strategy to manage third party cyber risk? Who are the most critical business partners to be concerned about? How can contractual language reduce the risk? Is there a way to gain real-time visibility into the security posture of the supply chain? And what are the regulators saying about all of this?

    Join Jake Olcott, Vice President at BitSight Technologies as he talks about:

    - Assessing your organization’s maturity with respect to managing third party cyber risk
    ​- Building a third party cyber risk management program
    - Regulatory requirements for third and fourth-party cyber risk management
    - Incorporating real-time data into your vendor risk management program
  • Hacktivism Culture: DDoS 101 Hacktivism Culture: DDoS 101 Larry Collins, Product Manager at HOSTING and James Askham, Solutions Engineer at CloudFlare Recorded: Oct 20 2016 48 mins
    The threat of Distributed Denial of Service (DDoS) attacks is a growing problem for mission-critical websites, such as eCommerce shops, SaaS applications, gaming forums, and University portals; in addition, politically or artistically important organizations and journalists can be especially at risk of attack, due to the nature of their website content.

    The company CloudFlare delivers DDoS protection to over 4,000,000 websites globally, from personal blogs to large enterprises, while also offering a free protection program for respected free speech, public interest, and civil society organizations, called “Project Galileo”.

    Join Larry Collins, Product Manager at HOSTING, and special guest, James Askham, Solutions Engineer at CloudFlare, on October 20th at 3 PM EST for the webinar Hacktivism Culture: DDoS 101. During the live event, they will go over:

    •What a DDoS attack is from a technical perspective
    •The most common types of DDoS attacks
    •Best practices for mitigating against these attacks and how CloudFlare’s “Project Galileo” protects political and artistic organizations.
  • Ransomware in Healthcare Ransomware in Healthcare Matt Mellen - Security Architect & Healthcare Solution Lead - Palo Alto Networks Recorded: Oct 20 2016 46 mins
    The business model behind crimeware has changed. As the price of stolen records has plummeted, many attackers looking for new sources of income. Many attackers have turned to ransomware due to recent advances in attack distribution, anonymous payments, and the ability to reliably encrypt and decrypt data.

    Join this informative webinar where a former Information Security Lead at a hospital, will discuss practical steps healthcare organizations can take to stop ransomware. Drawing from his first-hand experience responding to ransomware, combined with recommendations from the FBI, Matt will cover practical steps healthcare organizations can take on systems and network devices to prevent exposure to this rampant attack.

    Register today to learn more about:

    • How the most current variants of ransomware work
    • How to prevent successful ransomware attacks in Healthcare

  • Gen 4 Attacks: Web Behavior Analytics to Protect Websites Gen 4 Attacks: Web Behavior Analytics to Protect Websites Eric Ogren, Senior Analyst at 451 Research, & Omri Iluz, CEO of PerimeterX Recorded: Oct 20 2016 58 mins
    Join Eric Ogren, Senior Security Analyst at 451 Research, and Omri Iluz, CEO of PerimeterX, as they discuss how your best defense against automated website attacks rests with an approach founded on analyzing the behavior of humans and bots. 451 Research has talked with organizations that have saved millions in fraudulent transactions after embracing a behavioral analysis approach to security.

    Sophisticated attackers are commercially motivated, using automated attacks to inflict damage. By abusing encoded business logic, they utilize real browsers to take over accounts, perform fraudulent purchases and scrape intellectual property, without triggering traditional security mechanisms. Through advanced techniques of cloaking from the world of malware, they disguise their nefarious intentions. Signature-based bot detection and WAFs are blind to these new threats, leaving your organization’s website defenseless.

    In this webinar you will learn:

    •How bots have evolved from simple scripts to sophisticated Man-in-the-Browser attacks
    •How to protect against advanced modern attacks utilizing real-user browsers
    •How to detect malicious behavior with Web Behavior Analytics (WBA) technologies
    •Real-world attacks and how organizations use behavioral analysis to prevent them
    •How to future-proof your business and your infrastructure
  • Threat Detection 101: Why Advanced Monitoring Is Key To Ensuring Cybersecurity Threat Detection 101: Why Advanced Monitoring Is Key To Ensuring Cybersecurity Matt Thurston, Chief Architect at Arctic Wolf Networks Recorded: Oct 20 2016 35 mins
    Advanced persistent threat detection is part art and part science. This presentation provides a simple, straightforward explanation for non-technical people to help them understand how threat detection works. Having the best firewall and antivirus in the world will not keep you safe from cyber attacks. Attend this webinar to see why advanced monitoring is the only way to ensure vigilant cybersecurity.
  • Vote Cyber! Modern Day Threats to Democracy Vote Cyber! Modern Day Threats to Democracy Simon Crosby, CTO of Bromium Recorded: Oct 20 2016 37 mins
    The US election and its voting infrastructure are under attack. The result is ugly and shows the extent to which we need to plan for and protect against the influence of cyber-related attacks on US elections in future. In this brief discussion, Simon Crosby, CTO of Bromium will review the underpinnings of Democracy, and how we might defend it when it is in everyone’s interest to subvert it.
  • Your Mobile Devices - Wi-Fi Attacks and Vulnerabilities Your Mobile Devices - Wi-Fi Attacks and Vulnerabilities David Jevans, VP Mobile Security, Proofpoint Recorded: Oct 20 2016 40 mins
    Mobile device users interact with numerous Wi-Fi networks at work, home, airports, coffee shops and more. Connecting to wifi networks is second nature, with users’ accepting terms and conditions without realizing the risk of data-loss from malwareless and softwareless wifi attacks. This webcast will help you understand the common attacks and vulnerabilities that users are exposed to when traveling, and what you can do about them.
  • Practical Recommendations To Make Smarter Security Decisions Practical Recommendations To Make Smarter Security Decisions Joseph Blankenship, Senior Analyst at Forrester Research, Venkat Rajaji, SVP of Marketing at Core Security Recorded: Oct 20 2016 55 mins
    Security teams are taking in more data – such as device telemetry, vulnerability data, and threat intelligence - than ever before as they try to keep pace with threats and compliance mandates. Unfortunately, more data doesn’t translate directly to better protection. In fact, too much data can overwhelm security teams and make it more difficult to recognize threats. Gaining useful insight and making security data operational is the only way to shorten time to detection and time to remediation. In this webinar, guest Forrester analyst Joseph Blankenship and Core Security will cover:

    •Enabling action with data
    •Gaining insights with intelligence
    •Increasing efficiency with workflow
  • Overcoming the Challenges of Scaling Agile Project Management - 1 PDU Overcoming the Challenges of Scaling Agile Project Management - 1 PDU Andy Jordan, ProjectManagement.com Recorded: Oct 20 2016 57 mins
    Organizations are increasingly looking to expand Agile to a greater number of projects and to increasingly diverse business areas.  The process and tools that served them well for just a handful of software development projects may well struggle to scale vertically and horizontally and organizations need solutions. Join Andy Jordan, ProjectManagement.com as he discusses the need to evolve Agile approaches in different areas and at different scales.

    This session is approved for 1 Project Management Institute (PMI) PMP Credit.
  • Phishing, Malware and Incidents – Why You Need Phishing Incident Response Phishing, Malware and Incidents – Why You Need Phishing Incident Response Brendan Griffin, Threat Intelligence Manager, William Galway, Director of Product Management, Adrian Davis, (ISC)² Recorded: Oct 20 2016 62 mins
    During the first half of 2016, encryption ransomware grew to become the most common type of malware used through soft-targeting and massively distributed attacks. Encryption ransomware now accounts for 50% of all malware delivery configurations, meaning that it is no longer considered simply a means for making a quick profit, but a permanent fixture on the threat landscape. Daily email-based attacks require an unattainable perfect response – every time. However, teams are constantly working within constraints and breaches continue to occur in record number. Technology has been introduced to help but has failed time and time again.
    Join PhishMe’s Brendan Griffin and Will Galway to hear why it’s not all doom and gloom. In this session, you’ll learn about:

    •Ransomware trends and monetization for the first half of 2016
    •How simple attacks can still inflict massive damage
    •How PhishMe Triage creates fast and effective phishing incident response process to combat email-based attacks
  • Symantec Advanced Threat Protection (ATP) Integration with SIEM/Workflow Symantec Advanced Threat Protection (ATP) Integration with SIEM/Workflow Alan Lee, Senior Manager, Product Management, Advanced Threat Protection, Symantec Recorded: Oct 20 2016 48 mins
    Symantec Advanced Threat Protection (ATP) – the industry’s leading network, email and endpoint protection solution – is upgrading its capabilities again this October. The new release of Symantec ATP adds Security Information and Event Management (SIEM) and workflow integration with Public API, Splunk, Service Now and more.

    This upcoming webinar explores how these new integrations can simplify threat management by giving you a better view of your security posture, enabling your security teams to quickly detect and respond to internal and external attacks, minimising the risk to safeguard your business.

    Join our upcoming webinar and learn about:
    •The importance of workflow for Incidence Response
    •How ATP uses data from Symantec Global Intelligence Network to detect potential targeted attacks
    •How integrating ATP with your SIEM solution allows for a unified view into your environment to help uncover attacks
    •The integrated incident response process that supports security incident investigation and remediation
    •The follow up actions required to close an incident
  • Protecting the ICS through Segmentation Protecting the ICS through Segmentation Lionel Jacobs - Sr. Architect, Industrial Controls Systems - Palo Alto Networks Recorded: Oct 19 2016 50 mins
    Segmentation is a crucial element to modern network design and accepted widely as a recommended best practice. It is believed that many of the current successful cyber-attacks against ICS/SCADA infrastructures could have been prevented or contained if proper segmentation had been in place.

    Unfortunately, many existing ICS/SCADA systems predate modern best practices. Owner-operators are challenged to face cybersecurity risks with outdated defense mechanisms. Implemented during an era where air gaps existed, the use of commercially available off-the-shelf products (COTS) have connected the serial based on brownfield systems into the industrial Internet of things (IIoT). In doing so exposing the ICS/SCADA to the same threats and perils as its enterprise counterpart. Come join us as we discuss ways and techniques that Palo Alto Networks NGFW can be used to achieve ideal network segmentation.
  • The Dark Side of HTTPS The Dark Side of HTTPS Ken Dang Recorded: Oct 19 2016 61 mins
    As SSL/TLS use surges, hackers are hiding in plain sight. Don’t let your outmoded security system leave you vulnerable to under-the-radar hacks.

    Register for the webcast and learn how to:
    •Prevent SSL-encrypted attacks
    •Implement a network-based model for scaling Next Generation Firewalls
    •Solve performance challenges of SSL inspection
  • 3 Critical Protections for your Microsoft Cloud Migration 3 Critical Protections for your Microsoft Cloud Migration Ruoting Sun, Product Marketing Manager, Duo Security Recorded: Oct 19 2016 59 mins
    As organizations migrate to cloud-based Microsoft services like Office 365, many are concerned that traditional on-premises security infrastructures are now inadequate. The most common workloads requiring this new security approach as they move to public cloud platforms are email, Windows Desktop, and directory services.

    In this webinar, you’ll learn 3 critical protections for securing your move to the Microsoft cloud:

    •Security for Exchange and Office 365 email environments, local and remote Windows desktop logon
    •Insight around endpoints and device health accessing your Microsoft apps and services
    •Integration with on-premises and Azure Active Directory for role-based access policies
  • Virtualization: The Key to Approachable Disaster Recovery Virtualization: The Key to Approachable Disaster Recovery Jim Hannan, Principal Architect & Chris Vacanti, Senior Consultant, House of Brick Technologies Recorded: Oct 19 2016 58 mins
    Come prepared to look at disaster recovery planning with a 360 degree view for the enterprise and SMB space, and walk away with technical ideas you can begin to implement immediately. During this presentation, we will discuss disaster recovery planning considerations and partnerships. We will also walk through technical solutions that provide a way to use virtualization and storage strategies for an approachable DR solution.
  • Spotlight Asia – Investing in India’s Growth Story Spotlight Asia – Investing in India’s Growth Story Reshmi Khurana, Kroll’s Managing Director and Head of South Asia, and Tarun Bhatia, Managing Director at Kroll Recorded: Oct 19 2016 69 mins
    India remains an attractive destination for foreign investors as its economic fundamentals and optimism about its prospects remain strong. From a macroeconomic perspective, India is one of the fastest growing major emerging markets, with recent projections from the International Monetary Fund (IMF) pointing to a fiscal growth of 7.4% versus a 6.6% expansion in China for 2016. Politically, it is more stable than in previous cycles, with the BJP led government initiating a number of reforms and regulatory measures that are instilling economic confidence and raising India’s attractiveness as a destination for FDI. The country’s demographics are equally promising: India is home to 18% of the world’s working-age population (ages 15-64), a growing middle class with increasing purchasing power and a corporate sector that is flexing its muscle domestically and globally.

    Join Kroll’s team as they share the shifting dynamics of investing in India, replete with both risks and rich rewards at every turn. It includes an in-depth commentary by Reshmi Khurana, Kroll’s Managing Director and Head of South Asia, and Tarun Bhatia, Managing Director at Kroll, who will discuss the most urgent risks of cross-border deal-making, offering insights on conducting pre-transactional due diligence on
  • The Secret to Making PPM Work (with Agile) The Secret to Making PPM Work (with Agile) James Chan, Director Agile Management, Technical Sales and Ian McGinnis, Advisor, Pre-sales Recorded: Oct 19 2016 44 mins
    You’re already using CA Project & Portfolio Management to manage your innovation lifecycle and make better strategic decisions. What if you could take that up a notch by adopting agile and connecting your development work to your company’s most important business initiatives?

    Join our experts on Wednesday, 19 October at 15:00 BST / 16:00 CEST for an insightful webinar, “The Secret to Making PPM Work (with Agile).” You’ll discover how to:

    - Prioritize and select the right investments
    - Coordinate agile teams to deliver on those investments
    - Provide visibility into a fast, predictable, high-quality delivery engine.
  • IT Security & Privacy Governance in the Cloud IT Security & Privacy Governance in the Cloud Moderated by Rebecca Herold, The Privacy Professor; Jacqueline Cooney, BAH, Daniel Catteddu, CSA, Chris Griffith from HPE Recorded: Oct 18 2016 61 mins
    After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.

    While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
  • Cloud agility and security: Misperceptions dispelled Cloud agility and security: Misperceptions dispelled Ross Kinder, Senior Security Researcher, SecureWorks Recorded: Oct 18 2016 61 mins
    Real world strategies for migrating to the cloud securely

    When companies move their IT assets to the cloud, they have an opportunity to realize cost savings, accelerate innovation and improve IT performance. Unfortunately, the utility of the cloud is constrained by perceptions and misperceptions about security and control. And even without appropriate controls in place, organizations are moving to the cloud at a very fast pace.

    For those of us responsible for security, this is a terrifying proposition--our most precious assets are seemingly moving outside of our control. However, perhaps, the cloud is more secure than you realize. Perhaps the cloud is a chance for a restart for how your organization looks at security of its data and applications. In this webcast, we’ll dispel some of the misperceptions that exist and jump right into both “lift and shift” and cloud native strategies for migrating to the cloud securely. Knowledge is power and this is an opportunity to advance your team’s understanding of the cloud and how to accelerate the transition.

    You will learn how to:
    - Develop an organization-wide cloud strategy
    - Assess your risk as you adopt cloud solutions
    - Identify common practices and frameworks for cloud migrations
    - Determine which cloud migration architecture meets your business objectives
  • The Holy Grail of Incident Response: A Single, Correlated Source of Intelligence The Holy Grail of Incident Response: A Single, Correlated Source of Intelligence Atheana Fulgencio & Jeremy Linden Recorded: Oct 18 2016 27 mins
    Time is of the essence when you’re investigating security incidents. While it’s critical to find out as much as you can about the incident from internal sources (logs, network activity, endpoint data, etc.), you also need context about what type of threat you’re facing.

    When you come across an domain, IP, or file hash during investigations, you need to answer dozens of questions ASAP.

    -Is this malicious? What’s known about it?
    -What other domains, IPs, or file hashes are related?
    -Is this a widespread threat or more targeted?

    And to answer these questions today, you probably need to go to multiple sources and manually piece the puzzle together. What if you had a single, correlated source of intelligence instead?

    OpenDNS Investigate now includes malware file data from Cisco AMP Threat Grid. Join our webcast to learn how Investigate provides the most complete view of the infrastructure used in attacks. With Investigate, you can:

    -Instantly validate malicious domains, IPs, and file hashes
    -Identify the Internet infrastructure and malware files related to attacks
    -Uncover infrastructure being staged for future attacks
    -Speed up investigations and stay ahead of threats
  • Anatomy of a Ransomware Attack Anatomy of a Ransomware Attack Dennis York, Lead Incident Response Investigator, Symantec and Darian Lewis, Senior Principal Security Analyst, Symantec Recorded: Oct 18 2016 62 mins
    Did you know that just opening a compromised web page could allow dangerous code to install on a PC or smartphone? You don’t have to click “accept” for a download or software update to install malware on your machines and trigger an infection and the consequences can be enormous.

    Why you need to build 24 X 7 threat monitoring into your environment
    Ransomware is an extremely profitable type of attack. It only takes one network-connected device to expand a malware infection and hold an entire organization hostage for profit. Last year, the use of encryption as a weapon to hold companies’ and individuals’ critical data hostage grew by 35 percent.

    - Learn from our cyber security experts about what can happen in a ransomware attack, based on real-life events.

    -Understand how the malware entered the IT infrastructure of two different companies, and find out how long it stayed and the impact to these businesses.

    -Will show you how attacks are identified and remediated, as well as some best practices for handling ransomware attacks, should one occur in your company.

    Improve your line of defense against ransomware and minimize the loss of key data, money and intellectual property from your organization.