Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Prevent Major Data Breaches with Threat Lifecycle Management
    Prevent Major Data Breaches with Threat Lifecycle Management Seth Goldhammer, Senior Director of Product Management Recorded: Jul 26 2017 62 mins
    Throughout 2017 organisations will continue to be confronted by increasingly frequent and complex cyber threats. It’s not a matter of if your organisation will be compromised, but when.

    A traditional prevention-centric strategy naively assumes all threats can be blocked at the perimeter, which leaves you blind to the threats that do get in. Many organisations are shifting to a more balanced strategy including detection and response. Enter Threat Lifecycle Management (TLM) - your playbook for rapidly detecting and responding to cyber-attacks.

    In this webcast, Seth Goldhammer, senior director of product management at LogRhythm, explains what TLM is, and demonstrates how the end-to-end security workflow helps reduce your mean time to detect and respond to cyber threats.
  • The Evolution of SSL/TLS and Browser Compliance Requirements in 2017
    The Evolution of SSL/TLS and Browser Compliance Requirements in 2017 Dathan Demone, Entrust Datacard Recorded: Jul 25 2017 57 mins
    SSL/TLS Industry requirements are changing at an unprecedented pace. Over the last couple of years, new requirements have been passed down by the CA and browser community to help further solidify the security practices around obtaining and using SSL/TLS and other types of publicly trusted certificates. Over the next 12 months, more important changes are being introduced to continue that trend. Join Dathan Demone, Product Manager at Entrust Datacard, who will discuss both past and future changes that will have a major impact on all certificate subscribers. In this Webinar, we will discuss topics such as:

    • New changes coming to browsers and how they notify end users about the proper use of SSL/TLS on all web pages
    • Changes to certificate lifetime policies and verification rules that are being introduced in 2017
    • New requirements around Certificate Transparency that are being introduced in October, 2017
    • Updates to recommended security best practices and new vulnerabilities in the world of SSL/TLS
    • Certificate Authority Authorization and how this can be used to protect your organization against fraud
  • [Breach Prevention] How does Credential Theft Affect Your Organization?
    [Breach Prevention] How does Credential Theft Affect Your Organization? Brian Tokuyoshi, Sr Product Marketing Manager, Palo Alto Networks Recorded: Jul 25 2017 52 mins
    The effects of a credential-based attack differs by organization and by job function. In this session, we will cover a look at how these attacks affect different types of organizations, along with the analysis and demonstration of how an attack is done.

    In this session, hear about:
    * Credential theft industry research coverage
    * Industry analysis of the problem space
    * Application of the credential theft lifecycle in light of recent attacks
  • Building Highly Scalable ADC Clusters with Equal-cost Multi-Path Routing
    Building Highly Scalable ADC Clusters with Equal-cost Multi-Path Routing Nenad Merdanovic, Product Manager, HAProxy Technologies Recorded: Jul 25 2017 52 mins
    Application delivery infrastructure resources are increasingly strained. The new features in modern Application Delivery Controllers along with the demands for SSL to comply with search engine ranking algorithms are major contributors to the problem. It means organizations have to find ways to scale their ADCs. But do they scale up? Or scale out? And how?.
    Join us for this live webinar to discover:
    oThe drivers for the requirement of scalable application delivery infrastructure like SSL adoption and expanding ADC feature sets
    oThe pitfalls and limits of vertically scaling your ADC
    oHow you can use equal-cost multi-path (ECMP) routing to horizontally (and nearly infinitely) scale your ADC
    oHow to use Route Health Injection (RHI) to ensure availability of your ADC cluster
    oExamples of organizations who have accomplished this with HAProxy
  • Workloads, Data Centers & Cloud Strategy: Market & Technology Trends
    Workloads, Data Centers & Cloud Strategy: Market & Technology Trends Carl Lehmann, Principal Analyst with 451 Research, and Don Davis, Technology Director for Iron Mountain’s Data Center busines Recorded: Jul 25 2017 58 mins
    IT planners have far more options as to where to run their workloads than ever before. On-premises data centers, co-location facilities and managed services providers are now joined by hybrid multi-clouds – a combination of Software-, Infrastructure- and Platform-as-a-Service (SaaS, IaaS, and PaaS) execution venues. All have unique operational, performance and economic characteristics that need to be considered when deploying workloads.

    In this Webinar Carl Lehmann, Principal Analyst with 451 Research, and Don Davis, Technology Director for Iron Mountain’s Data Center business will discuss how industry leading enterprises determine the best execution venues for their workloads by addressing:

    •The market and technology trends that influence workload, data center and cloud strategy
    •How to evaluate the characteristics of various workloads and execution venues
    •How to manage workloads across on-premises and off-premises ecosystems
    Attendees will learn how to formulate an IT strategy that can be used to guide the decision criteria needed for placing workloads on their best execution venues, and enable the migration and ongoing management of workloads across a hybrid multi-cloud enterprise architecture.
  • GDPR and Open Source: Best Practices for Security and Data Protection
    GDPR and Open Source: Best Practices for Security and Data Protection Daniel Hedley, Partner, Irwin Mitchell; Matt Jacobs, VP and General Counsel, Black Duck Software Recorded: Jul 25 2017 60 mins
    Legislators in Europe continue to expand the scope of the laws governing information security and personal data protection. As a result, organizations serving consumers and businesses in the region need to understand the implications these laws will have on their use of open source to build software applications.

    During this educational webinar led by Dan Hedley, Partner, IT and Commercial from Irwin Mitchell, we’ll provide guidance on the General Data Protection Regulation (GDPR) and why a comprehensive approach to open source security management is essential for GDPR observance. In addition, we’ll review open source management best practices in context of other industry-specific developments like the Network and Information Services Directive and the Electronic Identification Regulation.
  • Does your data security create more pain than it solves? 5 steps to get it right
    Does your data security create more pain than it solves? 5 steps to get it right Raju Verranna, Pre Sales Engineer Recorded: Jul 25 2017 36 mins
    Protecting sensitive client and corporate data is one of the most important responsibilities in any organization. So if your current solution isn’t working for all stakeholders, is it really working at all?

    Key learning:
    1. Increase security and compliance, while maintaining user-friendliness
    2. Deploy encryption without interrupting normal business processes
    3. Ease the daily burden of your data security administration
  • The Human Factor 2017
    The Human Factor 2017 Adenike Cosgrove, Cybersecurity Strategist at Proofpoint , Davide Canali - Senior Threat Analyst Proofpoint Recorded: Jul 25 2017 47 mins
    Ransomware. Business email compromise (BEC). Social media phishing. Counterfeit mobile apps. Today’s advanced attacks use different tactics and vectors, but they all have one thing in common: they target people, not just infrastructure.

    In this webinar, we use original research and data collected from real-world Proofpoint deployments around the world to explore who is being targeted, how attackers are getting people to click, and what you can do about it.

    Register now to learn about:
    •The latest social engineering targeting trends and techniques
    •Top email fraud tactics, including business email compromise (BEC) and social media account phishing
    •The rise of fraudulent mobile apps and how criminals target users on the go
  • Mega Breaches: How to mitigate your risks using Data-Centric Security?
    Mega Breaches: How to mitigate your risks using Data-Centric Security? Heidi Shey, Senior Analyst, Forrester and Nico Popp, Senior Vice President, Information Protection, Symantec Recorded: Jul 25 2017 57 mins
    What steps are you taking to minimise your risk of becoming a data breach victim? In this webinar, Symantec and a guest speaker from Forrester share best practices to proactively protect your critical data with data-centric security.

    Get advice on preventing data breaches from these industry experts:

    • Guest Speaker Heidi Shey, Senior Analyst, Forrester. Heidi serves Security & Risk Professionals with solutions for data security and privacy. She also researches sensitive data discovery, data loss prevention, cybersecurity, customer-facing breach response and more.

    • Nico Popp, Senior Vice President, Information Protection, Symantec. Nico is the former CTO of VeriSign Security Services where he led efforts to develop new products and services for Trust Services and Identity Protection.

    Join these authorities as they explain how a holistic approach to data security and identity puts you back in control.
  • CDL Launch Video
    CDL Launch Video Cloudwick CDL Recorded: Jul 24 2017 2 mins
    Learn how CDL Enhances, Extends & Enables new capabilities for your SIEM, EDR, IDS, IPS, NTA, EUBA and ML solutions at scale.
  • [Breach Prevention] Phishing & Credential Abuse 101: Exposing the Ecosystem
    [Breach Prevention] Phishing & Credential Abuse 101: Exposing the Ecosystem Jen Miller-Osborn, Unit 42 Threat Intelligence Analyst, Palo Alto Networks Recorded: Jul 24 2017 40 mins
    Even the most sophisticated adversaries know it’s far easier to steal credentials and use them for covert activities than it is to locate a zero-day vulnerability in an external-facing system. Plus, since attackers will take the easiest path, most breaches still rely on stolen credentials.

    Join our Unit 42 threat intelligence analyst for an insightful perspective on credential-based attacks and phishing. In addition to presenting its unique attack life-cycle, she will:

    • Identify trends and techniques in methods used for credential theft and abuse.
    • Review how cyber criminals have changed their tactics to compromise networks.
    • Examine who is being targeted, and why.
    • Discuss techniques to stop credential leakage.
  • Is The US Ready For EU GDPR? Practical Tips To Protect Your Critical Data
    Is The US Ready For EU GDPR? Practical Tips To Protect Your Critical Data Martin Sugden Recorded: Jul 24 2017 43 mins
    With the EU General Data Protection Regulation (GDPR) now agreed for implementation, now is the right time for organizations to review their data governance and protection requirements.

    During this webinar, Martin Sugden discussed and explored practical advice for US organizations about EU GDPR and how it affects organizations located outside of the EU which hold information on EU citizens.

    This webinar provides you with practical advice about how to identify the data that will be impacted by EU GDPR and how data classification can help improve your data governance measures and get data protection processes in shape in advance of EU GDPR
  • 5 Key Barriers to IT/OT Integration and How to Overcome Them
    5 Key Barriers to IT/OT Integration and How to Overcome Them Dan Ortega - VP Marketing at Blazent Recorded: Jul 21 2017 4 mins
    Operational Technology (OT) consists of hardware and software that are designed to detect or cause changes in physical processes through direct monitoring and control of devices. As companies increasingly embrace OT, they face a dilemma as to whether to keep these new systems independent or integrate them with their existing IT systems. As IT leaders evaluate the alternatives, there are 5 key barriers to IT/OT integration to consider.
    Business Process Knowledge
    Manageability & Support
    Dependency Risk – Two of the key challenges of enterprise IT environments are managing the complex web of dependencies and managing the risk of service impact when a dependent component fails or is unavailable. With traditional IT, the impact is typical to some human activity, and the user is able to mitigate impact through some type of manual activity. For OT, companies must be very careful managing the dependencies on IT components to avoid the risk of impacting physical processes when and where humans are not available to intervene and mitigate the situation.
    Management of OT Data – The data produced by OT devices can be large, diverse in content, time sensitive for consumption and geographically distributed (sometimes not even connected to the corporate network). In comparison, most IT systems have some level of tolerance for time delays, are relatively constrained in size and content and reliably connected to company networks, making them accessible to the IT staff for data management and support.
    Security – IT systems are a common target for malicious behavior by those wishing to harm the company. The integration of OT systems with IT creates additional vulnerability targets with the potential of impacting not just people and but also physical processes.
    Segmentation of IT
  • Ransomware Hostage Rescue Guide: Part 2 of 2
    Ransomware Hostage Rescue Guide: Part 2 of 2 Erich Kron CISSP, Security Awareness Advocate, KnowBe4 Recorded: Jul 21 2017 62 mins
    2016 was a “Ransomware Horror Show”. If you've been in the IT trenches over the past year, you've probably noticed that announcements of new ransomware strains are accelerating and there is no end in sight for 2017.

    In this webinar, we will cover the final 3 sections of the very popular KnowBe4 Ransomware Hostage Rescue Manual in depth.

    Join Erich Kron CISSP, Technical Evangelist at KnowBe4 for the webinar “Ransomware Hostage Rescue Guide, Part 2”. We will look at recent infections, give actionable info that you need to prevent infections, and cover what to do when you are hit with ransomware.
  • Data Classification Made Easy – Top Tips From A Ciso
    Data Classification Made Easy – Top Tips From A Ciso Bob Mann Recorded: Jul 21 2017 66 mins
    During this session, with his extensive experience delivering data classification projects for leading global brands, Bob Mann (CISO) will explore the common challenges with data classification projects and provide practical guidance for senior security, audit and risk professionals on how to simplify data classification to ensure successful implementation without it becoming overwhelming.
  • Amnon Bar-Lev - Check Point Executive Interview
    Amnon Bar-Lev - Check Point Executive Interview Amnon Bar Recorded: Jul 21 2017 10 mins
    We asked Amnon about the current key issues in data security and why having up-to-date threat information is becoming increasingly important, in what way malware attacks can be prevented, and how this intelligence can be harnessed and applied to the mobile and cloud environments.
    We also learn about Check Point Software’s new security architecture, Software Defined Protection, and how it can be used to control your security environment by combining intelligence with segmenting your network.
    View Amnon’s Executive Interview to learn how Check Point Software’s new architecture and other security solutions can be of benefit to your organisation.
  • Building Consensus Between Legal, Records and IT on What to Save and Not Save
    Building Consensus Between Legal, Records and IT on What to Save and Not Save Ed Rawson (PNC), Michele Hanrahan (Sound Transit), Shawn Cheadle (LMCO), Mark Diamond (Contoural) Recorded: Jul 20 2017 60 mins
    Business units want a policy that allows them to save everything. Legal wants the minimum saved. IT just wants something easy to execute. What should we do? A committee is formed, with legal, IT, records management, HR, and others. The committee meets. Discussions ensue: Which are business records? How long should we save them? Do we allow exceptions?

    The committee meets again. And again. We’re stuck.

    Join Ed Rawson , Michelle Hanrahan, Shawn Cheadle and Mark Diamond as they discuss strategies for building consensus across your organization and making sure your initiative doesn't get stuck!

    About the speakers:
    Ed Rawson is a strategic, results-oriented thought leader who has dedicated over 30 years of his career to helping organizations manage their paper and digital content lowering cost and increasing productivity. Ed has helped organizations to align information with business value and operational direction to maximize the return on investments, lowering risk and maintaining compliance.

    Michele Hanranhan is Records Manager at Sound Transit since January 2015 and is leading a RIM group to implement ECM solution organization wide. She previously worked at Federal Home Loan Bank of Seattle, PATH, and Washington State Department of Transportation and has over 16 years of experience in Records and Information (RIM) with a variety of business, government and non-profit organizations. 

    Shawn Cheadle is General Counsel to the Military Space line of business at Lockheed Martin Space Systems. He supports government and international contracts negotiations, drafting and dispute resolution. He also supports information governance, eDiscovery, records management, counterfeit parts investigations, and other functional organizations at Lockheed Martin. He is an ACC Global Board Member, current Information Governance Committee Chair and former Law Department Management Chair, and former Board member and President of ACC Colorado.
  • Challenges with Fintech Compliance, and Cybersecurity to the Rescue
    Challenges with Fintech Compliance, and Cybersecurity to the Rescue Angelo Purugganan, Chief Information Security Officer at Arctic Wolf Networks Recorded: Jul 20 2017 26 mins
    In this webinar we are going to:
    - explore top cyber threats that fintech companies face
    - identify the monitoring and detection compliance requirements common to Federal and State Regulations

    We will be talking to Angelo Purugganan, Chief Information Security Officer, at Arctic Wolf Networks, to get his perspective on the how security analytics and continuous monitoring can simplify compliance using a SOC-as-a-Service provider.

    Most fintech transactions today happen at a fast pace, served through web applications using a combination of mobile devices and legacy systems, with some level of protection. While beneficial to small and medium fintech companies, consumers and regulatory agencies are apprehensive about protecting customers personal data and detecting cyber attacks over the internet which impact the integrity of financial transactions.
  • Get Ready for DFARS - A CloudCheckr Workshop
    Get Ready for DFARS - A CloudCheckr Workshop Patrick Gartlan, CloudCheckr CTO Jeff Bennett, Allgress President/COO Tim Sandage, AWS Sr. Security Partner Strategist Recorded: Jul 20 2017 40 mins
    The clock is ticking on the latest cloud compliance mandate: NIST Special Publication 800-171, otherwise known as DFARS (Defense Federal Acquisition Regulation Supplement). Any organization or contractor that holds or processes unclassified Department of Defense (DoD) data must ensure that they comply with the new DFARS clause.

    December 31, 2017 is the ultimate deadline by which to prove compliance, so action is recommended as soon as possible.

    In this webinar, Patrick Gartlan (CloudCheckr CTO), Jeff Bennett (Allgress President/COO), and Tim Sandage (AWS Sr. Security Partner Strategist) will lead an interactive workshop on what DFARS regulation means for your business, specifically:

    ✔ Specific requirements of the DFARS regulation

    ✔ Key controls that CloudCheckr provides to help you meet DFARS requirements

    ✔ Tools from Allgress that map DFARS requirements to CloudCheckr features
  • Ensuring Data Protection with NIST Cybersecurity Framework
    Ensuring Data Protection with NIST Cybersecurity Framework Renault Ross, Chief Cybersecurity Business Strategist North America, Symantec Recorded: Jul 20 2017 32 mins
    When it comes to your data, regardless of your country or industry, you likely have compliance regulations to adhere to. We understand the challenges this can bring to your IT and compliance teams.

    Adopting the NIST Cybersecurity Framework (CSF) is one way that can help you achieve compliance with the many regulations you may be affected by. Developed in the United States, the CSF has been adopted by many organizations, including those in the international community with one example being the government of Italy, who has incorporated the Framework into its own National Framework for Cyber Security.

    Join us for a webcast hosted by Symantec Chief Cybersecurity Business Strategist, Renault Ross CISSP, MCSE, CHSS, CCSK, CISM as he dives into the CSF to:

    • Identify sensitive data, where it is and who is accessing it

    • Protect that data by establishing policies which prevent exposure

    • Detect threats to which could extrapolate data by several means

    • Respond to threats with automated actions

    • Recover after a threat to produce reports to prove compliance

    Register Today
  • How To Delete a Lot of Emails and Files Quickly and Defensibly
    How To Delete a Lot of Emails and Files Quickly and Defensibly Dan Elam, VP and Consultant, Contoural Recorded: Jul 20 2017 60 mins
    Sometimes there is a mandate to delete large quantities of emails and files very quickly, either after litigation or simply because senior management gets fed up with too much electronic junk. When needing to delete a lot quickly, traditional “manage and let expire over time” approaches don’t work. On the other hand, blanket, delete-everything approaches can run afoul of record retention and legal requirements. What’s an organization to do?

    About the Speaker:
    Dan Elam is one of the nation’s best known consultants for information governance. As an early industry pioneer, he created the first needs analysis methodology and early cost justification models. Dan’s involvement has been in the design and procurement of some of the largest systems in the world. Today Dan helps Contoural clients develop business cases and establish strategic road maps for information governance. He is the former US Technical Expert to ISO and an AIIM Fellow.
  • Securing Your Public Cloud Infrastructure
    Securing Your Public Cloud Infrastructure Mark Butler Chief Information Security Officer, Qualys and Hari Srinivasan Director, Product Management, Cloud and Virtualiza Recorded: Jul 20 2017 54 mins
    Public cloud providers operate on a shared responsibility model, which places the onus on the customer to define and secure the data and applications that are hosted within cloud infrastructure. To that end, it is critical that organizations accurately and selectively pinpoint which cloud workloads and virtual IT assets must be monitored, updated and patched based on developing threats to customer data and applications.

    In this webcast, Mark Butler, Chief Information Security Officer at Qualys, and Hari Srinivasan, Director of Product Management for Qualys Cloud and Virtualization Security will detail how you can gain complete visibility of your organization’s entire cloud asset inventory and security posture to help you keep up with shared security responsibility models across public cloud infrastructure.

    The presentation will cover:

    > Challenges surrounding increased migration to public clouds
    > Using automation for secure DevOps
    > How to ensure effective and efficient operations

    This webcast will include a Q&A session, as well as a live demonstration of how to deploy Qualys seamlessly and deeply into public cloud environments with new features.
  • A New Frontier in Cloud Security: The Secure Internet Gateway
    A New Frontier in Cloud Security: The Secure Internet Gateway Dan Cummins - 451 Research & Meghan Diaz - Cisco Umbrella Recorded: Jul 20 2017 56 mins
    Your employees are using more cloud apps than ever, and mobile workers frequently work without turning on their VPN. You need new ways to extend protection anywhere your employees work — and you need it to be simple, yet incredibly effective.

    Exciting innovations in network security-as-a-service offer distributed organizations the potential to extend and meaningfully increase security effectiveness. Join this 451 Research webinar with Cisco Security to hear a discussion about new cloud-delivered protection for mobile workers, lean branch offices, and cloud applications.

    In the webinar we will discuss:

    - The changing cloud security landscape
    - The emergence of the Secure Internet Gateway
    - Important buying considerations for companies looking to add these capabilities
  • Law Enforcement Data On the Move: Don’t make CJI a Crime
    Law Enforcement Data On the Move: Don’t make CJI a Crime Stan Mesceda, Encryption Expert at Gemalto Recorded: Jul 20 2017 57 mins
    Law enforcement and defense organizations need secure access to sensitive data, and to provide services and to collaborate with others, while protecting the public, and any confidential information. Faced with these challenges, meeting compliance regulations such as Criminal Justice Information Services Security Policy (CJIS-SP) , is a priority for most organizations, especially as audits draw near.
    Did you know that the Criminal Justice Information Services Security Policy (CJIS-SP) requires that data be encrypted when it is transmitted outside a secure facility, even within the same agency
    “When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via cryptographic mechanisms (encryption)”

    Join us for an informative webinar where you will learn how to secure your data in transit as it moves across your internal and external network, to help ensure compliance with the FBI mandate.
    Attendee takeaways:
    •Overview of CJIS-SP mandate
    Network vulnerabilities and how Ethernet encryption can help secure data in motion
    •Use cases – hear how various agencies have successfully deployed network encryption to secure their data and meet audit requirements
    •Mapping solutions to the needs of your organization

    For more information on dealing with multi-factor authentication in the CJIS audit, check our part one in the series: https://www.brighttalk.com/webcast/2037/258091
  • [Breach Prevention] Disrupting Credential-based Attacks
    [Breach Prevention] Disrupting Credential-based Attacks Martin Walter, Product Line Manager, Palo Alto Networks Jul 26 2017 5:00 pm UTC 60 mins
    Learn how to use the Palo Alto Networks next-generation security platform to disrupt the unique attack lifecycle used in credential-based attacks. In this session, get details about the strategies and key technologies for preventing both the theft and abuse of credentials.

    In this session, get details on:
    * Why the platform plays a critical role towards disrupting credential-based attacks
    * Preventing the theft of credentials, using new PAN-OS 8.0 technologies
    * Stopping the use of stolen credentials, through new multi-factor authentication capabilities in PAN-OS 8.0
  • Key eDiscovery Case Law Review for First Half of 2017
    Key eDiscovery Case Law Review for First Half of 2017 Doug Austin, Julia Romero Peter, Esq., and Karen DeSouza, Esq. Jul 26 2017 5:00 pm UTC 75 mins
    The best predictor of future behavior is relevant past behavior. Nowhere is that truer than with legal precedents set by past case law decisions, especially when it relates to eDiscovery best practices. This CLE-approved* webcast session will cover key case law covered by the eDiscovery Daily Blog during the first half of 2017. Key topics include:

    + How should objections to production requests be handled?
    + Are you required to produce subpoenaed data stored internationally?
    + Should there be a limit to fees assessed for discovery misconduct?
    + When is data stored by a third party considered to be within your control?
    + Should courts dictate search terms to parties?
    + How can you make an effective proportionality argument to address burdensome requests?
    + Can the requesting party dictate the form of production?
    + Does storing data on a file share site waive privilege?
    + If data is intentionally deleted, should Rule 37(e) apply?
    + Is circumstantial evidence of intentional spoliation good enough to warrant sanctions?
    + Should keyword search be performed before Technology-Assisted Review?

    Presenters Include:

Doug Austin: Doug is the VP of Operations and Professional Services for CloudNine. Doug manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing consulting, project management and software development services to commercial and government clients.

    Julia Romero Peter, Esq.: Julia is GC and VP of Sales with CloudNine. With 19 years of legal experience and 13 years focusing on eDiscovery, Julia received her J.D. from Rutgers Law School - Newark, and her B.A. in History with a minor in education from Columbia University - Barnard College.

    Karen DeSouza, Esq.: Karen is Director of Review Services and a Professional Services Consultant for CloudNine. A licensed attorney in Texas, Karen has over 15 years of legal experience.

    * MCLE Approved in Selected States
  • An Exciting Day in the Life of a Risk Manager! - Really!
    An Exciting Day in the Life of a Risk Manager! - Really! Amar Singh, Chris Payne, Dom Saunders Jul 27 2017 1:00 pm UTC 60 mins
    Policy? We have a policy? Have you read the policy? Thats right...who actually reads company policies?

    Risk and compliance managers globally have lost the fight against user policy acceptance leading to increasing organisational risk and the decreased ability to stand up and demonstrate effective compliance to regulatory bodies.

    Does it have to be this way? In this webinar, we

    * Demo what we use to transform and make mainstream what is often boring and ignored.

    * Show how you can effectively measure (yes measure and report) on how effective your policy implementation is.

    * Better engage and enforce your policies with third parties.
  • GDPR: Minimise the risk of non-compliance with an assessment strategy
    GDPR: Minimise the risk of non-compliance with an assessment strategy Amanda Maguire- Education Solution Architect SAP SuccessFactors Jul 27 2017 3:00 pm UTC 45 mins
    Preparing for GDPR? Are you wondering how you'll track and manage employee compliance?

    If your answer is yes, join Amanda and Chloe live on July 27th for this 45-minute FREE, educational webinar: 'Using Assessments for GDPR Compliance'.

    During this webinar, Amanda and Chloe will talk you through the basics of GDPR and show you how to achieve compliance by not only training your people but testing their knowledge so you can prove you’ve taken every step to fulfil the regulation and prevent data breaches.
    Amanda Maguire is a senior education architect with over 20 years' experience on business transformation programmes. With a career focused on the impacts on people – project team members, end users, suppliers and customers, Amanda has a passion for effective and engaging education, enabling people through innovative learning interventions. Her experience is wide ranging - from national to global programmes in a variety of industries.

    Chloe Mendonca is a Marketing Manager who leads a variety of digital communication campaigns and events across EMEIA. She is particularly fascinated by the way digital technology is changing the world and enjoys helping organisations worldwide realise the power of Questionmark's assessment management system. For the past 5 years, Chloe has worked with businesses across an array of verticals, sharing their stories.
  • Cyber-Threat Report 2017 - Selected Case Studies from Darktrace
    Cyber-Threat Report 2017 - Selected Case Studies from Darktrace Andrew Tsonchev, Director of Cyber Analysis and Bethany Edgoose, Lead Research Analyst Jul 27 2017 3:00 pm UTC 30 mins
    Over the course of the past year, cyber-attacks have frequently made headlines. In 2017 alone, global ransomware damage costs are expected to exceed $5 billion, with the total cost of cyber-crime expected to reach trillions of dollars.

    Darktrace has detected over 30,000 in-progress cyber-threats, and has firsthand experience with modern, never-before-seen attacks, including fast moving ransomware, new strains of malware, compromised IoT devices, malicious insiders, attacks on cloud environments, and more.

    Join our Director of Cyber Analysis, Andrew Tsonchev, and our Lead Research Analyst, Bethany Edgoose, as they present Darktrace's 2017 Threat Report, review novel cyber-attacks, and break down how they were detected by the Enterprise Immune System.
  • Secrets of the Superstar CISO
    Secrets of the Superstar CISO Jake Olcott, VP of Strategic Partnerships, BitSight; Chris McClean, Vice President, Research Director, Forrester (Guest) Jul 27 2017 3:00 pm UTC 60 mins
    As business success grows more reliant on data, technology, and third parties, CISOs and security leaders are finding themselves more often in the spotlight. They're being asked to brief board members, respond to third party requests, guide critical decisions, and make tough strategic calls. These increasing expectations are creating great opportunities for CISOs to shine, but to do so, they need to rise to the occasion. This webinar takes best practices and lessons learned from "superstar" CISOs, explaining what top security leaders are doing to lead their companies successfully through some of today's most complex business and technology challenges.
  • Time for Banks to Reassess Their Risk of DDoS Attacks
    Time for Banks to Reassess Their Risk of DDoS Attacks Tom Bienkowski, Director of DDoS Product Marketing, Arbor Networks Jul 27 2017 4:00 pm UTC 45 mins
    A study by McKinsey suggests the increased operational risk of digital innovation threatens 6% of the net profit for a retail bank. Renowned hactivist group Anonymous’ OpIcarus; a Distributed Denial of Service (DDoS) attack siege on the world’s banking infrastructure and other well publicized successful attacks have exposed just how vulnerable banks are to such threats. The reality is modern day DDoS attacks are getting more frequent, more sophisticated, and are commonly used as a distraction during the data exfiltration stage of advanced threat campaigns. The unfortunately reality is that in many cases, these attacks succeed because the targets were simply inadequately prepared to stop them.

    Join this webcast to learn:
    •The latest trends in DDoS attacks.
    •Commonly overlooked costs due to DDoS attacks.
    •And best practices in DDoS attack defense.
  • The Cost of Insecure Endpoints – New Findings from Ponemon Institute
    The Cost of Insecure Endpoints – New Findings from Ponemon Institute Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute & Richard Henderson, Global Security Strategist, Absolute Jul 27 2017 5:00 pm UTC 60 mins
    Just how dangerous, inefficient, and ineffective are the endpoint security solutions used in most organizations today? Ponemon Institute independently surveyed hundreds of IT security professionals to find out — and are ready to share the surprising results in this important webinar.

    On July 27th, join founder and chairman, Dr. Larry Ponemon, and Richard Henderson, global security strategist at Absolute, for an interactive webinar on the results, including:

    • Exposing the largest dangers and greatest inefficiencies with endpoint security management today
    • Average financial and productivity costs associated with insecure systems – and how to mitigate in your organization
    • Steps you can take now to prevent attacks and stay compliant
  • [Breach Prevention] Phishing & Credential Abuse 201 - Inside the Attack
    [Breach Prevention] Phishing & Credential Abuse 201 - Inside the Attack Brad Duncan, Unit 42 Threat Intelligence Analyst, Palo Alto Networks Jul 27 2017 5:00 pm UTC 60 mins
    This 201 level course builds on the introductory material of Phishing & Credential Theft 101 and takes it deeper. After this course, you’ll understand better how phishers and credential theft attackers ply their trade and how attacks actually work. The course will go into detail on two selected, publicly known breaches which involved credential theft and abuse.

    In this presentation, our Unit 42 Threat Intelligence team will show you:
    • How credential theft and abuse were used in real world attacks
    • Demonstration of tools attackers use to capture credentials.
    • How attackers buy and sell credentials on the dark web to further their criminal operations.
  • Not All Endpoint Protection Platforms Are Created Equal
    Not All Endpoint Protection Platforms Are Created Equal Torry Campbell, Senior Director Product Management, Symantec Jul 27 2017 5:00 pm UTC 60 mins
    Prevent, detect, respond and assess, all through a single agent

    Did you know McAfee is no longer a leader in industries Magic Quadrant? While your endpoint security is at risk, how many agents/modules do they require you to install? How many servers? And with all that, are you getting the right level of endpoint protection against advanced threats?

    Symantec provides the most complete endpoint security in the world - from threat prevention, detection, response and assessment with the highest efficacy and performance.

    In this webinar, you’ll learn how to:

    · Drastically improve your protection and security posture with various next-gen capabilities like Advanced Machine Learning and Exploit Prevention

    · Perform incident investigation and response using the same agent using the integrated Endpoint Detection and Response solution

    - Obtain automated security risk assessment and track effectiveness against security policy changes via a cloud console

    · Lower your IT burden and reduce complexity with everything built into a single agent

    · Facilitate a painless migration and get your IT staff up-to-speed

    Finally, see a demo that showcases how Symantec stops ransomware and unknown threats with Next-gen technologies built into a single light weight agent.

    Register Today!
  • Tech Demo - Addressing Data Across Borders for the GDPR
    Tech Demo - Addressing Data Across Borders for the GDPR Cheryl Tang, Director of Product Marketing and Sumit Bahl, Sr. Technical Product Manager Jul 27 2017 5:00 pm UTC 45 mins
    This is part 3 in our demo series focused on GDPR. One of the key requirements of GDPR relates to cross-border data transfers. Our security experts demonstrate how SecureSphere can help address this regulation with monitoring and access control of personal data.
  • Top U.S. Security Concerns Revealed - 2017 Unisys Security Index Survey Results
    Top U.S. Security Concerns Revealed - 2017 Unisys Security Index Survey Results Bill Searcy, Vice President for Global Justice, Law Enforcement, and Border Security Solutions, Unisys Jul 27 2017 5:30 pm UTC 60 mins
    U.S. consumers rate national security in relation to war or terrorism as their top security concern, though fears over viruses/malware and hacking are rising dramatically, according to the new Unisys Security Index™ that surveyed more than 13,000 consumers in April 2017 in 13 countries. This study, the only recurring snapshot of security concerns conducted globally, gauges the attitudes of consumers on a wide range of security-related issues.

    About the speaker:
    Bill Searcy is the Vice President for Global Justice, Law Enforcement, and Border Security Solutions. As a recognized law enforcement solutions expert, he is responsible for developing market strategies, overseeing delivery, ensuring customer satisfaction, and driving business performance to meet goals.​​
    During his 21-year career as a Special Agent with the Federal Bureau of Investigation, Bill was recognized as an innovator who regularly sought new ways to use technology to solve complex problems. He is credited with leading numerous award winning IT initiatives, among them the FBI’s Grid Computing Initiative (Attorney General’s Award for Innovation) and the Next Generation Workstation (FBI Director’s Award).
    Prior to joining Unisys, Bill served as the Deputy Assistant Director of the FBI’s IT Infrastructure Division, where he was responsible for the engineering, development, deployment, and support of the FBI’s worldwide IT enterprise.
    A graduate of the United States Military Academy at West Point, Bill was commissioned as an officer in the U.S. Army where he commanded a Field Artillery battery. He went on to earn a Master of Science in Information Assurance from Norwich University and he is a Certified Information Systems Security Professional (CISSP).
  • Beginner's Guide to Public Sector Cloud Infrastructure
    Beginner's Guide to Public Sector Cloud Infrastructure Todd Bernhard, CloudCheckr Product Marketing Manager & Jonathan Morse, State Local Higher Education Account Executive Jul 27 2017 6:00 pm UTC 60 mins
    Migrating to the cloud poses challenges for any organization, but there are particular concerns for the public sector. Government regulations like FedRAMP and the upcoming DFARS must be met, but security in the cloud is different than in the data center. Cloud providers use a Shared Responsibility Model, where they secure the physical infrastructure and the rest is up to the customer. In the public sector, budgets have to be justified... and used, at the risk of decreasing in the next year. Given the potential for Cloud Sprawl, without a Cloud Management Platform, expenses can get out of control.

    This webinar serves as a guide for public sector organizations looking to embrace the cloud. We will discuss the specific requirements of public sector organizations and explain the choices that will need to be made during such a migration. Topics covered include:

    - What terms do I need to know?
    - What questions do I need to ask?
    - What are some common pitfalls?
    - What tools are available to help?
  • How IoT and Predictive Analytics Transform Operations in the Digital Age
    How IoT and Predictive Analytics Transform Operations in the Digital Age Ray Wang, Constellation Research, David Bishop & Martin Boggess, Hitachi Solutions, & Rahul Garg, Microsoft Jul 28 2017 6:00 pm UTC 105 mins
    Today's manufacturers are operating in a world of uncertainty. Successful manufacturers are combating market volatility by focusing on productivity gains via new technology. The Internet of Things (IoT) and predictive analytics are likely to determine who wins and who loses in this age of uncertainty.

    Join this virtual event to hear from leading experts and analysts about technologies manufacturers need to adopt to stay competitive. Industry analyst, Ray Wang will outline the macroeconomics trends affecting the industry and lay a path forward. Experts from Hitachi Solutions will discuss the promise of IoT and the cloud for discovering new opportunities and achieving operational efficiencies. Microsoft’s IoT lead will share upcoming trends to watch.

    Hear leading experts and analysts discuss the state of manufacturing today—and a path to the future.
  • Automation, Machine Learning, and AI: Saving Security or Job Stealing Overlords?
    Automation, Machine Learning, and AI: Saving Security or Job Stealing Overlords? Michael Ball CISSP IT Security Consultant, Davi Ottenheimer President of flyingpenguin, Chris Pace, Recorded Future Jul 31 2017 3:00 pm UTC 60 mins
    Headlines as we left 2016 and predictions for 2017 suggest that the future of the IT department (including information security) looks to be increasingly reliant upon machines doing the work, courtesy of the adoption and explosion of automation technologies, artificial intelligence and machine learning. How capable can machines ultimately become in securing businesses from an increasing array of threats? What role does this leave for humans?

    In this webinar we will look at the rise in popularity of artificial intelligence generally, what it means for businesses and its potential to improve efficiency and security. Which areas of security strategy may have the most to gain and lose in this transformation?

    This webinar will:

    • Consider the power of AI in threat intelligence, security operations and incident response
    • Discuss how AI and predictive analytics can lower risk
    • Question whether automation will always require the human factor
  • Gain Visibility into Your Open Source Risk with Veracode Software Composition An
    Gain Visibility into Your Open Source Risk with Veracode Software Composition An Jacob Martel, Solution Architect, Veracode Jul 31 2017 4:00 pm UTC 30 mins
    Most development organizations don’t have the time or the resources to create every application from scratch, so they rely on third-party software and integrate open source components into their internally developed software. However, securing open source components is challenging for many security professionals because they lack visibility into what components are in use where in their organizations.

    At Veracode we know it can be difficult to pinpoint applications using vulnerable open source components. In this 30 minute webinar find out how Veracode Software Composition Analysis can help you:

    •Assess proprietary and open source code in a single scan
    •Build an inventory of your third-party components
    •Gain visibility into which applications have a vulnerable version of a component
    •Identify and remediate vulnerabilities to help comply with industry regulations
    RESILIA™ - HELPING BALANCE TRANSFORMATION AND RESILIENCE IN THE DIGITAL WORLD Nick Wilding - Manager, Cyber Resilience, AXELOS. Stuart Rance - Managing Director, Optimal Service Management Aug 1 2017 1:00 pm UTC 45 mins
    Our globally connected world delivers a wealth of opportunities for economic growth and innovation but it also brings with it the real risk of cyber-attack. Many organizations continue to invest in multiple layers of ‘intelligent’ technical controls to protect themselves from cyber attackers. However, security breaches continue to grow in their scale and impact. There’s something missing in our organisational response to the cyber risks we face.

    Effective cyber resilience need to focus on aligning strategic priorities, service management tools, operational systems and architectures with ongoing training and involvement of people across the organization. By applying these proven disciplines organizations can more effectively balance their business opportunities and risks, their people, processes and technology and their ability to prevent, detect and respond to cyber-attacks.

    This webinar will outline the cyber resilience challenges and the opportunities open to organizations and how RESILIA™ best practice can be used to build the critical collaboration between ITSM and InfoSec teams needed to effectively manage and respond to the cyber risks they face.


    Nick Wilding:
    General Manager of RESILIA at AXELOS where he’s responsible for leading the successful design, development and demand of the RESILIA portfolio that provides cyber resilience best practice, training, learning and insight for organisations from the boardroom down. Previous to AXELOS Nick spent 11 years at Detica (now BAE Systems Applied Intelligence) where he helped set up their Cyber Security business and led their cyber market engagement and thought leadership.

    Stuart Rance:
    An expert in information security management and IT service management. He works with IT organizations all over the world, helping them create value for their customers. Stuart is an author of ITIL® and RESILIA™ and blogs at optimalservicemanagement.com. He is chief examiner for RESILIA, and an examiner for ITIL.
  • Introducing Mobile Threat Defense for the Cloud Generation
    Introducing Mobile Threat Defense for the Cloud Generation Sri Sundaralingam, Head of Product Marketing, Enterprise Security Products, Symantec and Varun Kohli, VP Marketing, Skycure Aug 1 2017 3:00 pm UTC 60 mins
    Learn how you can protect both BYOD and corporate managed mobile devices from ransomware and advanced threats.

    Malware targeting mobile devices are growing at an alarming rate. According to Symantec ISTR 22 report, mobile malware detections doubled in 2016 to a total of 18.4 million and there were 606 new mobile vulnerabilities found in 2016 on both iOS and Android mobile operating systems.

    This has increased the risks to BYOD and corporate managed mobile devices to malware attacks, suspicious wireless networks and man-in-the-middle attacks.

    Existing management tools like Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) are not able to defend users against these types of threats. Enterprises need advanced mobile security with high efficacy with easier deployment options as they continue to expand Bring Your Own Device (BYOD) and corporate managed mobility initiatives.
  • Transforming K-12 Cybersecurity Through Visibility
    Transforming K-12 Cybersecurity Through Visibility Dr. Kecia Ray, Exec Director, Center for Digital Education & Erik Floden, K12 Education Strategist, ForeScout Technologies Aug 1 2017 4:00 pm UTC 60 mins
    As school districts continue to make technology adoption in the classroom a top priority, they face increasing network security risks, including persistent cyberattacks and the potential theft or manipulation of student data. Dr. Kecia Ray, Executive Director of the Center for Digital Education, will address these challenges and discuss how school districts can effectively manage the rapid expansion of the number of devices students, educators and administrators are adding to their IT networks. Webinar topics will include:
    • Cybersecurity and student data security trends in K-12
    • Top K-12 priorities to address these challenges
    • Recent funding and legislative developments at federal and state levels
  • Information Governance and the Cloud
    Information Governance and the Cloud Bill Tolson, Actiance & Jim Shook, Esq, EMC Corp. Aug 1 2017 5:00 pm UTC 60 mins
    With the cloud computing promise of faster, better and cheaper, everyone needs a cloud strategy. But the strategy needs to be informed because legal and regulatory obligations, including eDiscovery, remain the company’s responsibility even when a third party cloud provider has the data. Public, private and hybrid clouds all have different characteristics that impact access to, control of and remedies for issues related to your organization’s data. Changing regulations on data privacy and security alter the risk profile for maintaining data in different types of clouds, and even the location of the cloud can be important.

    In this webcast we have discussed some of the important differences between cloud models and how organizations can develop a strategy that best meets their requirements. In this webcast, we’ll address the following questions:

    • What are the basic cloud deployment models?
    • What are the key compliance benefits and risks of public and private clouds for email?
    • How can my organization determine which types of data are the best fit for the different cloud models?
    • What are some of the current and up-and-coming trends that may impact some of my cloud decisions?