Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
2016 was a “Ransomware Horror Show”. If you've been in the IT trenches over the past year, you've probably noticed that announcements of new ransomware strains are accelerating and there is no end in sight for 2017.
In this webinar, we will cover the final 3 sections of the very popular KnowBe4 Ransomware Hostage Rescue Manual in depth.
Join Erich Kron CISSP, Technical Evangelist at KnowBe4 for the webinar “Ransomware Hostage Rescue Guide, Part 2”. We will look at recent infections, give actionable info that you need to prevent infections, and cover what to do when you are hit with ransomware.
We asked Amnon about the current key issues in data security and why having up-to-date threat information is becoming increasingly important, in what way malware attacks can be prevented, and how this intelligence can be harnessed and applied to the mobile and cloud environments.
We also learn about Check Point Software’s new security architecture, Software Defined Protection, and how it can be used to control your security environment by combining intelligence with segmenting your network.
View Amnon’s Executive Interview to learn how Check Point Software’s new architecture and other security solutions can be of benefit to your organisation.
Business units want a policy that allows them to save everything. Legal wants the minimum saved. IT just wants something easy to execute. What should we do? A committee is formed, with legal, IT, records management, HR, and others. The committee meets. Discussions ensue: Which are business records? How long should we save them? Do we allow exceptions?
The committee meets again. And again. We’re stuck.
Join Ed Rawson , Michelle Hanrahan, Shawn Cheadle and Mark Diamond as they discuss strategies for building consensus across your organization and making sure your initiative doesn't get stuck!
About the speakers:
Ed Rawson is a strategic, results-oriented thought leader who has dedicated over 30 years of his career to helping organizations manage their paper and digital content lowering cost and increasing productivity. Ed has helped organizations to align information with business value and operational direction to maximize the return on investments, lowering risk and maintaining compliance.
Michele Hanranhan is Records Manager at Sound Transit since January 2015 and is leading a RIM group to implement ECM solution organization wide. She previously worked at Federal Home Loan Bank of Seattle, PATH, and Washington State Department of Transportation and has over 16 years of experience in Records and Information (RIM) with a variety of business, government and non-profit organizations.
Shawn Cheadle is General Counsel to the Military Space line of business at Lockheed Martin Space Systems. He supports government and international contracts negotiations, drafting and dispute resolution. He also supports information governance, eDiscovery, records management, counterfeit parts investigations, and other functional organizations at Lockheed Martin. He is an ACC Global Board Member, current Information Governance Committee Chair and former Law Department Management Chair, and former Board member and President of ACC Colorado.
In this webinar we are going to:
- explore top cyber threats that fintech companies face
- identify the monitoring and detection compliance requirements common to Federal and State Regulations
We will be talking to Angelo Purugganan, Chief Information Security Officer, at Arctic Wolf Networks, to get his perspective on the how security analytics and continuous monitoring can simplify compliance using a SOC-as-a-Service provider.
Most fintech transactions today happen at a fast pace, served through web applications using a combination of mobile devices and legacy systems, with some level of protection. While beneficial to small and medium fintech companies, consumers and regulatory agencies are apprehensive about protecting customers personal data and detecting cyber attacks over the internet which impact the integrity of financial transactions.
The clock is ticking on the latest cloud compliance mandate: NIST Special Publication 800-171, otherwise known as DFARS (Defense Federal Acquisition Regulation Supplement). Any organization or contractor that holds or processes unclassified Department of Defense (DoD) data must ensure that they comply with the new DFARS clause.
December 31, 2017 is the ultimate deadline by which to prove compliance, so action is recommended as soon as possible.
In this webinar, Patrick Gartlan (CloudCheckr CTO), Jeff Bennett (Allgress President/COO), and Tim Sandage (AWS Sr. Security Partner Strategist) will lead an interactive workshop on what DFARS regulation means for your business, specifically:
✔ Specific requirements of the DFARS regulation
✔ Key controls that CloudCheckr provides to help you meet DFARS requirements
✔ Tools from Allgress that map DFARS requirements to CloudCheckr features
When it comes to your data, regardless of your country or industry, you likely have compliance regulations to adhere to. We understand the challenges this can bring to your IT and compliance teams.
Adopting the NIST Cybersecurity Framework (CSF) is one way that can help you achieve compliance with the many regulations you may be affected by. Developed in the United States, the CSF has been adopted by many organizations, including those in the international community with one example being the government of Italy, who has incorporated the Framework into its own National Framework for Cyber Security.
Join us for a webcast hosted by Symantec Chief Cybersecurity Business Strategist, Renault Ross CISSP, MCSE, CHSS, CCSK, CISM as he dives into the CSF to:
• Identify sensitive data, where it is and who is accessing it
• Protect that data by establishing policies which prevent exposure
• Detect threats to which could extrapolate data by several means
• Respond to threats with automated actions
• Recover after a threat to produce reports to prove compliance
Your employees are using more cloud apps than ever, and mobile workers frequently work without turning on their VPN. You need new ways to extend protection anywhere your employees work — and you need it to be simple, yet incredibly effective.
Exciting innovations in network security-as-a-service offer distributed organizations the potential to extend and meaningfully increase security effectiveness. Join this 451 Research webinar with Cisco Security to hear a discussion about new cloud-delivered protection for mobile workers, lean branch offices, and cloud applications.
In the webinar we will discuss:
- The changing cloud security landscape
- The emergence of the Secure Internet Gateway
- Important buying considerations for companies looking to add these capabilities
Public cloud providers operate on a shared responsibility model, which places the onus on the customer to define and secure the data and applications that are hosted within cloud infrastructure. To that end, it is critical that organizations accurately and selectively pinpoint which cloud workloads and virtual IT assets must be monitored, updated and patched based on developing threats to customer data and applications.
In this webcast, Mark Butler, Chief Information Security Officer at Qualys, and Hari Srinivasan, Director of Product Management for Qualys Cloud and Virtualization Security will detail how you can gain complete visibility of your organization’s entire cloud asset inventory and security posture to help you keep up with shared security responsibility models across public cloud infrastructure.
The presentation will cover:
> Challenges surrounding increased migration to public clouds
> Using automation for secure DevOps
> How to ensure effective and efficient operations
This webcast will include a Q&A session, as well as a live demonstration of how to deploy Qualys seamlessly and deeply into public cloud environments with new features.
Sometimes there is a mandate to delete large quantities of emails and files very quickly, either after litigation or simply because senior management gets fed up with too much electronic junk. When needing to delete a lot quickly, traditional “manage and let expire over time” approaches don’t work. On the other hand, blanket, delete-everything approaches can run afoul of record retention and legal requirements. What’s an organization to do?
About the Speaker:
Dan Elam is one of the nation’s best known consultants for information governance. As an early industry pioneer, he created the first needs analysis methodology and early cost justification models. Dan’s involvement has been in the design and procurement of some of the largest systems in the world. Today Dan helps Contoural clients develop business cases and establish strategic road maps for information governance. He is the former US Technical Expert to ISO and an AIIM Fellow.
“In our current state of cyber security, security breaches are inevitable.” -- Kevin Mandia, CEO, FireEye
In 2016 there were 1,093 publicized cyber security breaches. That’s a 40% increase from 2015. Given this era’s up surge in breach activity, it’s no longer about whether you’ll be breached. It’s how you’ll respond when you are breached. Organizations with a well-designed response capability are better off.
Join Troy Scavella, FireEye Principal Consultant and Ahmet Rifki, Sr. Consultant, for our webinar on July 20. They will cover several topics including:
•Six primary areas of focus for an effective response plan
•Best practices for each of those areas
•Examples of how deficiencies in any area reduce an organization’s ability to effectively detect and respond to a cyber security incident, whether targeted or opportunistic
Law enforcement and defense organizations need secure access to sensitive data, and to provide services and to collaborate with others, while protecting the public, and any confidential information. Faced with these challenges, meeting compliance regulations such as Criminal Justice Information Services Security Policy (CJIS-SP) , is a priority for most organizations, especially as audits draw near.
Did you know that the Criminal Justice Information Services Security Policy (CJIS-SP) requires that data be encrypted when it is transmitted outside a secure facility, even within the same agency
“When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via cryptographic mechanisms (encryption)”
Join us for an informative webinar where you will learn how to secure your data in transit as it moves across your internal and external network, to help ensure compliance with the FBI mandate.
•Overview of CJIS-SP mandate
Network vulnerabilities and how Ethernet encryption can help secure data in motion
•Use cases – hear how various agencies have successfully deployed network encryption to secure their data and meet audit requirements
•Mapping solutions to the needs of your organization
For more information on dealing with multi-factor authentication in the CJIS audit, check our part one in the series: https://www.brighttalk.com/webcast/2037/258091
Taking a “save everything forever” approach and employee hoarding of e-mails, files and other types of electronic documents are burying organizations under mountains of data, exposing them to privacy risks, increasing costs and risks of eDiscovery, as well as sapping productivity from employees who spend hours every week looking for information. Yet many company’s efforts at aggressively deleting electronic documents are either ineffective or worse, they have the unintended effect of driving “underground archiving” whereby employees save information in insecure locations.
Join us as we explore smart approaches to preventing employees from hoarding documents.
About the Speaker:
Kathryn Hilton, Vice President of Consulting for Contoural, has more than 20 years experience in records and information management, strategy consulting, and data storage technology. As a Contoural consultant and practice manager, Kathryn has developed methodologies for Records and Information Management organization design and for Change Management strategy, process, and content. In addition to leading Contoural teams in these areas, Kathryn assists clients with the globalization of their programs, and has visited client sites around the world for a detailed understanding of business and legal information management requirements.
The move to digital business is exposing the limits of existing trust infrastructures. Rapid growth in the number of deployed certificate authorities (CAs). Increased burden on multiple PKI point solutions deployed to address specific problems. And while IT grapples to support tactical implementations of PKI, the demands of digital business overwhelmingly require a more strategic and holistic approach.
What's required is a centralized yet agile overarching trust framework that can easily accommodate multiple use cases today and in the future.
This webinar looks at the steps you can take to build an agile trust infrastructure with a centralized PKI deployment.
* Digital Trust at Scale Learn how to build a PKI that supports endpoint diversity, evolving and multiple use cases and integration with complimentary solutions.
* Streamline PKI Deployment Discover how a trust infrastructure can be deployed and managed across your organization to mete the requirements of today's dynamic and distributed business models
* Simplify 3rd Party CA Key Migration Find out how you can migrate certificates from other vendor systems without having to distribute a new trust anchor and without the need to generate new keys and certificates.
Quali’s Cloud Sandbox Software allows you to create and publish sandboxes that are replicas of infrastructure and application configurations and use them for development, testing, demos, training and support. Model, orchestrate, and deploy on-prem, cloud, and hybrid environments and accelerate DevOps Automation.
Information Governance (IG) programs are full of both promise and pitfalls. Many organizations are asking what they can and should do to incorporate IG programs that help their employees be more productive while also reducing risk and costs. Join expert practitioners Jo Goldstein (Whirlpool), Patricia Oliveira (MUFG Americas), and Mark Diamond (Contoural) as they discuss:
-How they got their organization to care about Information Governance
-Lessons learned while executing their Information Governance programs
-Why it's important to obtain consensus from across different groups
-Building the right-sized program for your organization
Join us for a lively discussion!
About the Speakers:
Jo Kathryn Goldstein, CRM is currently Senior Manager, Information Governance for Whirlpool. Her career in Information Management has included the pharmaceutical and banking industry. In the past Jo has served as Vice-Chair for PRIMO- the Pharmaceutical Records and Information Management Organization, President of the Indianapolis ARMA Chapter, and the former ARMA Standards Development Committee.
Patricia Oliveira leads the Records & Information Management program for MUFG Americas, part of a global financial institution. As such, her focus is to support and develop an enterprise-wide, compliance based RIM program focused on risk mitigation. She has over two decades of experience in planning, designing, and executing complex integrated programs, building strategic organizations, and leading change in multiple disciplines and diverse industries.
Mark Diamond is founder & CEO of Contoural. He is an industry thought leader in proactive records & information management, litigation readiness and risk & compliance strategies. As a trusted adviser he and his company help bridge legal, compliance, security and business needs and policies with effective processes, technology and change management.
With all the news surrounding data breaches and information leaks, it’s often forgotten that the number one way sensitive/confidential information illegally enters the public domain is when employees leave their organization.
In this webcast, learn about how technology can help prevent data from walking out your front door and proactively safeguard employee data required for e‑discovery/compliance.
Register for this webcast and learn how:
- Data archiving software can automatically lock down and ensure data is not removed from the org
- E-Discovery technology can automatically track employee movements and notify legal teams when key custodians leave the org
- Leading organizations are leveraging these types of technology to be more efficient and strengthen data protection efforts
It’s been a busy year in the Money Transfer industry, and even though some light has been shed over the regulatory landscape; banks and money service businesses are still facing challenges in terms of regulations, examiner’s expectations, compliance and risk management obligations, and bridging the gap between brick-and-mortar and the digital environment.
But the board is set, so it’s time for action.
With a setting such as this, we are looking to industry experts for guidance to navigate these unchartered waters, to understand how to go about some of these challenges, and to prepare our organizations to make the best of the opportunities that will arise from them.
Join Kathy Tomasofsky, Director at Money Service Businesses Association, David Landsman, Executive Director at National Money Transmitters Association, and David Schwartz, CEO at Florida International Bankers Association, in discussing:
1. Compliance with FinCEN’s CDD Rule
2. KYC Challenges in online environments
This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.
What do we mean by “business technical approach’ to Threat Intelligence?
Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.
A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.
With Part 2, we introduced the overall vision of a successful TI Program. In this webinar, we dig into the key elements of the TI program with concrete examples, and key components of the program that must exist including the right team, process, tools, metrics and connections.
Most enterprise organizations have set up a security model that includes a first layer of security event management, responsible for capturing of logs, notification, filtering and some level of correlation. However, with the escalating number of users and logs from more and more devices, making sense of the noise and translating them into incidents that matter can be a daunting task.
In this webcast, Tony Merritt, SecureWorks Managing Principal, will cover how to leverage logs and tactics to integrate the proper incident response. Topics covered include:
• Sensing: The challenge of ever increasing in-bound noise and priorities
• Improving Sensing: What logs and events matter? How do you ensure you have visibility?
• Sense Making: Not all logs are created equal. The importance of correlation, business context, rules and use cases to determine if the incident matters.
• Decisions Making: An event has passed a threshold of incident viability. How do you connect logs and tactics into actionable response?
Data security and the challenge of data protection is increasing in scope and difficulty. The massive volume of data that businesses are collecting is growing exponentially, and managing compliance delivery is a daunting task with huge negative consequences for getting it wrong. While organizations have long needed to safeguard intellectual property and confidential information, changes in information technology and business models introduce new threats, and new regulations. Governments and industry bodies are imposing new regulations to motivate organizations to protect the privacy and confidentiality of information. Responsibilities can vary widely by region and by industry, and staying on top of an ever-shifting regulatory landscape is complex and challenging, but it isn't impossible.
Successful organizations coordinate enterprise-wide regulatory compliance activities with tools to identify and address new and changing regulations, and are able to map the impact of these regulations across the entire infrastructure, and prioritize compliance activities according to business impact. By deploying a consistent, sustainable, scalable and measurable process for managing regulatory change, they are able to eliminate manual, non-scalable and non-strategic activities to reduce the cost and improve the speed of regulatory compliance programs.
Even the most sophisticated adversaries know it’s far easier to steal credentials and use them for covert activities than it is to locate a zero-day vulnerability in an external-facing system. Plus, since attackers will take the easiest path, most breaches still rely on stolen credentials.
Join our Unit 42 threat intelligence analyst for an insightful perspective on credential-based attacks and phishing. In addition to presenting its unique attack life-cycle, she will:
• Identify trends and techniques in methods used for credential theft and abuse.
• Review how cyber criminals have changed their tactics to compromise networks.
• Examine who is being targeted, and why.
• Discuss techniques to stop credential leakage.
What steps are you taking to minimise your risk of becoming a data breach victim? In this webinar, Symantec and a guest speaker from Forrester share best practices to proactively protect your critical data with data-centric security.
Get advice on preventing data breaches from these industry experts:
• Guest Speaker Heidi Shey, Senior Analyst, Forrester. Heidi serves Security & Risk Professionals with solutions for data security and privacy. She also researches sensitive data discovery, data loss prevention, cybersecurity, customer-facing breach response and more.
• Nico Popp, Senior Vice President, Information Protection, Symantec. Nico is the former CTO of VeriSign Security Services where he led efforts to develop new products and services for Trust Services and Identity Protection.
Join these authorities as they explain how a holistic approach to data security and identity puts you back in control.
Ransomware. Business email compromise (BEC). Social media phishing. Counterfeit mobile apps. Today’s advanced attacks use different tactics and vectors, but they all have one thing in common: they target people, not just infrastructure.
In this webinar, we use original research and data collected from real-world Proofpoint deployments around the world to explore who is being targeted, how attackers are getting people to click, and what you can do about it.
Register now to learn about:
•The latest social engineering targeting trends and techniques
•Top email fraud tactics, including business email compromise (BEC) and social media account phishing
•The rise of fraudulent mobile apps and how criminals target users on the go
Protecting sensitive client and corporate data is one of the most important responsibilities in any organization. So if your current solution isn’t working for all stakeholders, is it really working at all?
1. Increase security and compliance, while maintaining user-friendliness
2. Deploy encryption without interrupting normal business processes
3. Ease the daily burden of your data security administration
Legislators in Europe continue to expand the scope of the laws governing information security and personal data protection. As a result, organizations serving consumers and businesses in the region need to understand the implications these laws will have on their use of open source to build software applications.
During this educational webinar led by Dan Hedley, Partner, IT and Commercial from Irwin Mitchell, we’ll provide guidance on the General Data Protection Regulation (GDPR) and why a comprehensive approach to open source security management is essential for GDPR observance. In addition, we’ll review open source management best practices in context of other industry-specific developments like the Network and Information Services Directive and the Electronic Identification Regulation.
IT planners have far more options as to where to run their workloads than ever before. On-premises data centers, co-location facilities and managed services providers are now joined by hybrid multi-clouds – a combination of Software-, Infrastructure- and Platform-as-a-Service (SaaS, IaaS, and PaaS) execution venues. All have unique operational, performance and economic characteristics that need to be considered when deploying workloads.
In this Webinar Carl Lehmann, Principal Analyst with 451 Research, and Don Davis, Technology Director for Iron Mountain’s Data Center business will discuss how industry leading enterprises determine the best execution venues for their workloads by addressing:
•The market and technology trends that influence workload, data center and cloud strategy
•How to evaluate the characteristics of various workloads and execution venues
•How to manage workloads across on-premises and off-premises ecosystems
Attendees will learn how to formulate an IT strategy that can be used to guide the decision criteria needed for placing workloads on their best execution venues, and enable the migration and ongoing management of workloads across a hybrid multi-cloud enterprise architecture.
Application delivery infrastructure resources are increasingly strained. The new features in modern Application Delivery Controllers along with the demands for SSL to comply with search engine ranking algorithms are major contributors to the problem. It means organizations have to find ways to scale their ADCs. But do they scale up? Or scale out? And how?.
Join us for this live webinar to discover:
oThe drivers for the requirement of scalable application delivery infrastructure like SSL adoption and expanding ADC feature sets
oThe pitfalls and limits of vertically scaling your ADC
oHow you can use equal-cost multi-path (ECMP) routing to horizontally (and nearly infinitely) scale your ADC
oHow to use Route Health Injection (RHI) to ensure availability of your ADC cluster
oExamples of organizations who have accomplished this with HAProxy
The effects of a credential-based attack differs by organization and by job function. In this session, we will cover a look at how these attacks affect different types of organizations, along with the analysis and demonstration of how an attack is done.
In this session, hear about:
* Credential theft industry research coverage
* Industry analysis of the problem space
* Application of the credential theft lifecycle in light of recent attacks
SSL/TLS Industry requirements are changing at an unprecedented pace. Over the last couple of years, new requirements have been passed down by the CA and browser community to help further solidify the security practices around obtaining and using SSL/TLS and other types of publicly trusted certificates. Over the next 12 months, more important changes are being introduced to continue that trend. Join Dathan Demone, Product Manager at Entrust Datacard, who will discuss both past and future changes that will have a major impact on all certificate subscribers. In this Webinar, we will discuss topics such as:
• New changes coming to browsers and how they notify end users about the proper use of SSL/TLS on all web pages
• Changes to certificate lifetime policies and verification rules that are being introduced in 2017
• New requirements around Certificate Transparency that are being introduced in October, 2017
• Updates to recommended security best practices and new vulnerabilities in the world of SSL/TLS
• Certificate Authority Authorization and how this can be used to protect your organization against fraud
Throughout 2017 organisations will continue to be confronted by increasingly frequent and complex cyber threats. It’s not a matter of if your organisation will be compromised, but when.
A traditional prevention-centric strategy naively assumes all threats can be blocked at the perimeter, which leaves you blind to the threats that do get in. Many organisations are shifting to a more balanced strategy including detection and response. Enter Threat Lifecycle Management (TLM) - your playbook for rapidly detecting and responding to cyber-attacks.
In this webcast, Seth Goldhammer, senior director of product management at LogRhythm, explains what TLM is, and demonstrates how the end-to-end security workflow helps reduce your mean time to detect and respond to cyber threats.
The best predictor of future behavior is relevant past behavior. Nowhere is that truer than with legal precedents set by past case law decisions, especially when it relates to eDiscovery best practices. This CLE-approved* webcast session will cover key case law covered by the eDiscovery Daily Blog during the first half of 2017. Key topics include:
+ How should objections to production requests be handled?
+ Are you required to produce subpoenaed data stored internationally?
+ Should there be a limit to fees assessed for discovery misconduct?
+ When is data stored by a third party considered to be within your control?
+ Should courts dictate search terms to parties?
+ How can you make an effective proportionality argument to address burdensome requests?
+ Can the requesting party dictate the form of production?
+ Does storing data on a file share site waive privilege?
+ If data is intentionally deleted, should Rule 37(e) apply?
+ Is circumstantial evidence of intentional spoliation good enough to warrant sanctions?
+ Should keyword search be performed before Technology-Assisted Review?
Doug Austin: Doug is the VP of Operations and Professional Services for CloudNine. Doug manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing consulting, project management and software development services to commercial and government clients.
Julia Romero Peter, Esq.: Julia is GC and VP of Sales with CloudNine. With 19 years of legal experience and 13 years focusing on eDiscovery, Julia received her J.D. from Rutgers Law School - Newark, and her B.A. in History with a minor in education from Columbia University - Barnard College.
Karen DeSouza, Esq.: Karen is Director of Review Services and a Professional Services Consultant for CloudNine. A licensed attorney in Texas, Karen has over 15 years of legal experience.
Learn how to use the Palo Alto Networks next-generation security platform to disrupt the unique attack lifecycle used in credential-based attacks. In this session, get details about the strategies and key technologies for preventing both the theft and abuse of credentials.
In this session, get details on:
* Why the platform plays a critical role towards disrupting credential-based attacks
* Preventing the theft of credentials, using new PAN-OS 8.0 technologies
* Stopping the use of stolen credentials, through new multi-factor authentication capabilities in PAN-OS 8.0
Policy? We have a policy? Have you read the policy? Thats right...who actually reads company policies?
Risk and compliance managers globally have lost the fight against user policy acceptance leading to increasing organisational risk and the decreased ability to stand up and demonstrate effective compliance to regulatory bodies.
Does it have to be this way? In this webinar, we
* Demo what we use to transform and make mainstream what is often boring and ignored.
* Show how you can effectively measure (yes measure and report) on how effective your policy implementation is.
* Better engage and enforce your policies with third parties.
As business success grows more reliant on data, technology, and third parties, CISOs and security leaders are finding themselves more often in the spotlight. They're being asked to brief board members, respond to third party requests, guide critical decisions, and make tough strategic calls. These increasing expectations are creating great opportunities for CISOs to shine, but to do so, they need to rise to the occasion. This webinar takes best practices and lessons learned from "superstar" CISOs, explaining what top security leaders are doing to lead their companies successfully through some of today's most complex business and technology challenges.
Over the course of the past year, cyber-attacks have frequently made headlines. In 2017 alone, global ransomware damage costs are expected to exceed $5 billion, with the total cost of cyber-crime expected to reach trillions of dollars.
Darktrace has detected over 30,000 in-progress cyber-threats, and has firsthand experience with modern, never-before-seen attacks, including fast moving ransomware, new strains of malware, compromised IoT devices, malicious insiders, attacks on cloud environments, and more.
Join our Director of Cyber Analysis, Andrew Tsonchev, and our Lead Research Analyst, Bethany Edgoose, as they present Darktrace's 2017 Threat Report, review novel cyber-attacks, and break down how they were detected by the Enterprise Immune System.
Preparing for GDPR? Are you wondering how you'll track and manage employee compliance?
If your answer is yes, join Amanda and Chloe live on July 27th for this 45-minute FREE, educational webinar: 'Using Assessments for GDPR Compliance'.
During this webinar, Amanda and Chloe will talk you through the basics of GDPR and show you how to achieve compliance by not only training your people but testing their knowledge so you can prove you’ve taken every step to fulfil the regulation and prevent data breaches.
Amanda Maguire is a senior education architect with over 20 years' experience on business transformation programmes. With a career focused on the impacts on people – project team members, end users, suppliers and customers, Amanda has a passion for effective and engaging education, enabling people through innovative learning interventions. Her experience is wide ranging - from national to global programmes in a variety of industries.
Chloe Mendonca is a Marketing Manager who leads a variety of digital communication campaigns and events across EMEIA. She is particularly fascinated by the way digital technology is changing the world and enjoys helping organisations worldwide realise the power of Questionmark's assessment management system. For the past 5 years, Chloe has worked with businesses across an array of verticals, sharing their stories.
A study by McKinsey suggests the increased operational risk of digital innovation threatens 6% of the net profit for a retail bank. Renowned hactivist group Anonymous’ OpIcarus; a Distributed Denial of Service (DDoS) attack siege on the world’s banking infrastructure and other well publicized successful attacks have exposed just how vulnerable banks are to such threats. The reality is modern day DDoS attacks are getting more frequent, more sophisticated, and are commonly used as a distraction during the data exfiltration stage of advanced threat campaigns. The unfortunately reality is that in many cases, these attacks succeed because the targets were simply inadequately prepared to stop them.
Join this webcast to learn:
•The latest trends in DDoS attacks.
•Commonly overlooked costs due to DDoS attacks.
•And best practices in DDoS attack defense.
This 201 level course builds on the introductory material of Phishing & Credential Theft 101 and takes it deeper. After this course, you’ll understand better how phishers and credential theft attackers ply their trade and how attacks actually work. The course will go into detail on two selected, publicly known breaches which involved credential theft and abuse.
In this presentation, our Unit 42 Threat Intelligence team will show you:
• How credential theft and abuse were used in real world attacks
• Demonstration of tools attackers use to capture credentials.
• How attackers buy and sell credentials on the dark web to further their criminal operations.
Just how dangerous, inefficient, and ineffective are the endpoint security solutions used in most organizations today? Ponemon Institute independently surveyed hundreds of IT security professionals to find out — and are ready to share the surprising results in this important webinar.
On July 27th, join founder and chairman, Dr. Larry Ponemon, and Richard Henderson, global security strategist at Absolute, for an interactive webinar on the results, including:
• Exposing the largest dangers and greatest inefficiencies with endpoint security management today
• Average financial and productivity costs associated with insecure systems – and how to mitigate in your organization
• Steps you can take now to prevent attacks and stay compliant
Prevent, detect, respond and assess, all through a single agent
Did you know McAfee is no longer a leader in industries Magic Quadrant? While your endpoint security is at risk, how many agents/modules do they require you to install? How many servers? And with all that, are you getting the right level of endpoint protection against advanced threats?
Symantec provides the most complete endpoint security in the world - from threat prevention, detection, response and assessment with the highest efficacy and performance.
In this webinar, you’ll learn how to:
· Drastically improve your protection and security posture with various next-gen capabilities like Advanced Machine Learning and Exploit Prevention
· Perform incident investigation and response using the same agent using the integrated Endpoint Detection and Response solution
- Obtain automated security risk assessment and track effectiveness against security policy changes via a cloud console
· Lower your IT burden and reduce complexity with everything built into a single agent
· Facilitate a painless migration and get your IT staff up-to-speed
Finally, see a demo that showcases how Symantec stops ransomware and unknown threats with Next-gen technologies built into a single light weight agent.