IT Governance, Risk and Compliance

Community information
Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
  • When it comes to realizing the lofty goals of agile IT service delivery, non-stop data is a prerequisite. Non-stop data is stored both for fast access and for long term preservation, protection and analysis. It is evidenced by uncompromising application performance and continuous and compliant data availability. Non-stop data is the heart of always-on business processes.

    Learn about the challenges to non-stop data:

    - New storage models like software-defined storage and hyper-converged infrastructure
    - Private, public and hybrid cloud services
    - Changing knowledge and skills sets among IT staff
    - Mobile commerce as a core business model

    This webcast will identify what non-stop data is all about and what are the best practices for enabling data for optimal usage by contemporary businesses.
  • Organizations across industries face an ongoing challenge to meet the stringent data-related regulatory compliance requirements. The major pain points boil down to accessing quality data that provides the necessary auditability and transparency required by auditors and regulators, and the ability to prove that sensitive data is being protected. Those data related problems present a daunting obstacle for your company to meet current as well as future compliance requirements.

    A holistic, agile data governance program can help companies address the above data challenges and become regulation–ready. A well-designed data governance program delivers the following:

    •Guaranteed access to clean, relevant, trusted and auditable data to create accurate and auditable reports to meet compliance mandates.
    •Improved operational efficiency by enabling a collaborative and repeatable process across key stakeholders
    •Enabling a true data-driven business environment for your organization to drive continued innovations and growth

    Please join us to hear David Loshin, established industry expert in data governance and data quality, and Rob Karel, VP of Strategy and Product Marketing at Informatica to discuss best practices for data governance, how organizations can leverage data governance programs to address existing and future compliance requirements, and how to turn your data governance program into a strategic initiative that drives significant business benefits for your organization.
  • Source code management systems contain the crown jewels of a software company's intellectual property. Effective auditing gives you a picture of who's accessing that IP and when changes are being made. This information can satisfy compliance and security requirements and give you new insights into your development practices. In this webinar we'll explore standard and extended audit reports available for Subversion and Git administrators.
  • The Top Five Best Practices for Controlling Third-Party Vendor Risks.

    Target, Home Depot, eBay — look at almost any of the seemingly never-ending string of mega-data breaches, and you’ll find a common thread. Stolen or compromised user credentials, belonging to a privileged user with wide-ranging access to sensitive systems, served as the initial attack path. Often — in as many as two-thirds of cases — those credentials belonged to a third-party; a vendor or business partner who’s been granted internal access to your network. With those credentials in hand, attackers are free to roam about your IT infrastructure, seeking out and exploiting their ultimate goals. It’s a frustrating — and dangerous — challenge. You have to provide access to vendors, contractors, and business partners — but doing so often introduces unacceptable security risks.
    But these risks are manageable. Join us to learn the top five best practices for regaining control of third-party access, and the processes and technology necessary to stop unauthorized access and damaging breaches. In this webcast, we’ll discuss:
    • The identity, access, and security governance processes needed to protect your network
    • How to ensure positive user identification to prevent credential theft and misuse
    • Techniques to limit access to only those resources required to satisfy work or business requirements
    • Preventing the unauthorized commands — and inadvertent mistakes — threatening your network
    • Establishing monitoring procedures that flag violations and speed forensic investigations
  • The need to share content -- securely, collaboratively, immediately -- is critical to your job. You’re working with outside agencies and business partners, sharing documents that contain sensitive data like product designs, ad campaigns and customer data, to name just a few.

    According to research from the Ponemon Institute, more than six out of ten people report having accidentally forwarded files to individuals not authorized to see them. It’s time to create some good habits that will allow you to collaborate with internal and external resources and be 100% compliant with the regulations that govern your industry.

    Please join us for an interactive presentation about how new habits and tools can make it easy for you to be efficient and compliant, without sacrificing speed or creativity.
  • Cloud and data center security can be dauntingly complex, and selecting the right vendor to engage with is a critical decision for any enterprise. However, cloud and data center security can be a difficult market to navigate. Are vendors backing up their marketing claims? How do different approaches stack up next to each other? What factors need to be taken into consideration when comparing products? Trend Micro has teamed with analyst firm ESG to sort these questions out, and encourage organizations to think differently when it comes to cloud and data center security.

    ESG conducted an independent economic evaluation to investigate the differences between Trend Micro and traditional security approaches, and are conducting a live webinar to present their findings. ESG and Trend Micro will give insight into the cloud and data center security market, ESG’s Economic Value Validation methodology, and the conclusions that were reached about the value Trend Micro is providing to their customers. Join us to learn more!
  • Disruptive forces are accelerating a change in workplace technology, leaving organizational data at risk. In the past, IT was able to create a ‘walled garden’ with clearly set protocols for how data came in and out of the organization. This is no longer the case.
    As a response, Workshare recently hosted a series of roundtables and polls, where we asked CIOs and senior IT professionals how trends in the workplace are affecting their IT strategy.

    Join us as we discuss how these trends are influencing IT strategies today, as well as the best practice for reducing risk.
  • According to Gartner, “through 2019, more than 50% of data migration projects will exceed budget and/or result in some form of business disruption due to flawed execution."(1) Furthermore, 1 in 6 large IT projects go over budget by 200%, according to a Harvard Business Review article. It is widely recognized that application migration and consolidation projects are “risky business” – high-ticket items for the corporation, with a scary chance of failing. If you are undertaking any IT modernization or rationalization project, such as consolidating applications or migrating applications to the cloud or ‘on-prem’ application, such as SAP, this webinar is a must-see.

    The webinar is going to shine the light on the critical role that data plays in the success or failure of these projects. Application data consolidation and migration is typically 30% to 40% of the application go-live effort. There is a multitude of data issues that can plague a project like this and lead to its doom, and these are not always recognized and understood early on, which is the biggest problem.

    In this webinar, Philip Russom of TDWI will walk us through the potential data pitfalls a corporation should consider when undertaking an application consolidation or migration project. Philip will share best practices for managing data in order to minimize risks and ensure on-time and on-budget delivery of these projects. Rob will discuss Informatica’s unique methodology and solution to support these best practices. Rob will also share real-life examples on how Informatica is helping customers reduce risks and complete application consolidation and migration projects on budget and on schedule.

    1) Gartner report titled "Best Practices Mitigate Data Migration Risks and Challenges" published on December 9, 2014
  • Die Inhalte sind migriert, technische Hürden gemeistert und SharePoint erfolgreich implementiert. Was viele Unternehmen jedoch unterschätzen – Mit der alleinigen Bereitstellung von SharePoint ist es in der Regel nicht getan. Das Zauberwort: User Adoption. Was nützt das modernste Deployment und die beste Software, wenn es den eigentlichen Usern an Vertrauen und Wissen im Umgang mit der Plattform fehlt und sie eine Verwendung der selbigen lieber umgehen?
    Patrick Lamber, SharePoint MVP, und Robert Mulsow, Senior Technical Solutions Professional bei AvePoint, haben es sich in diesem Webinar zur Aufgabe gemacht, Ihnen gemeinsam Best Practices für eine erfolgreiche Einführung und ressourcenschonende, richtlinienkonforme Verwaltung von SharePoint an die Hand zu geben, damit Ihre Endanwender SharePoint in vollem Umfang nutzen können und auch wollen.

    Anhand eines konkreten Beispielprojekts erfahren Sie:

    • Wie die Einführung von SharePoint nicht nur theoretisch zum Erfolg wird, sondern Endanwender sich ihren Arbeitsalltag gar nicht mehr ohne vorstellen können.
    • Welche Hindernisse, Vorurteile und Probleme es hierbei zu bewältigen gibt
    • Wie man es schafft, die Anwendung erfolgreich bei den unterschiedlichen Mitarbeitern im Unternehmen zu etablieren, damit SharePoint zum durchschlagenden Erfolg wird.
  • Willbros, a leading infrastructure contractor serving the oil and gas industry, leverages Amazon Web Services (AWS) and Trend Micro Deep Security to quickly design and deploy agile, secure cloud solutions to protect their vital data. Moving to AWS allows organizations to leave their infrastructure behind and start fresh – architecting for flexibility and scalability. However, bottlenecks are created when traditional on-premises security approaches and tools are used. Learn how Willbros unleashed innovation in the energy industry by taking a greenfield approach to security in AWS. Attend this practical webinar by AWS, Trend Micro and Willbros to learn how you can design a flexible, agile architecture that meets compliance requirements and protects your most valuable asset – your data. Jason Cradit from Willbros will share their experience on how they achieved building robust and secure pipeline management systems in the cloud.

    In this webinar you’ll learn how to:
    - Architect a secure application using a combination of AWS services, Trend Micro services, and configurations
    - Understand how host-based protection improves application security, as well as agility and flexibility
    - How to protect workloads from attack, without hampering performance
  • In the last few years, security breaches have occurred in various shapes and forms and have shaken up many organizations, especially those in the retail industry. Approaches for auditing and assessment vary from one governance, risk, compliance (GRC) company to the next. Simply checking a box for each regulatory requirement is not sufficient. An approach to meet the challenges that go beyond compliance and address an appropriate security posture should be adopted by organizations.

    This webinar, presented by Dan Fritsche, Managing Director, Application Security at Coalfire Labs, will help you understand the potential costs of failing an audit or getting breached even after having passed a Payment Card Industry Data Security Standard.

    Topics covered include:

    Brand Damage
    Loss of Revenue
    Downtime
    Privacy Penalties
    Forensics Investigations
    Cyber Insurance Coverage

    The presentation will also highlight the steps that organizations can take to address cyber-security risks.
  • Information technology brings many benefits to a business, but it also brings risks. Knowing how to assess and manage those cyber risks is essential for success, a powerful hedge against many of the threats that your business faces, whether you are an established firm or pioneering startup. ESET security researcher Stephen Cobb explains how cyber risk assessment and management can work for you.
  • The importance of protecting sensitive data is gaining visibility at the C-level and the Boardroom. It’s a difficult task, made even more so by the shortage of security experts. One option that more and more companies are pursuing is the use of managed security services. This can enable them to employ sophisticated technologies and processes to detect security incidents in a cost-effective manner. Should managed security be a component of your security mix?

    In this webinar, Ed Ferrara of Forrester and Mark Stevens of Digital Guardian will discuss:

     When does it make sense to utilize managed security services

     How to the scope the services your company contracts out

     Questions to ask when evaluating managed security services providers

     The key criteria for selecting managed security providers
  • Increasing data and network complexity give hackers more to steal and more ways to steal it. Most organizations cannot hire enough skilled IT security personnel to keep up.

    Join us for this informative and timely webinar, in which our experts will offer you seven golden strategies to mitigate IT risk and help you:

    • Reduce the greatest risks first
    • Stretch your team for optimal results
    • Creatively augment budget, skills and headcount.
  • Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.

    Attendees will learn:
    - SIEM architecture changes for visibility
    - Increasing complexity of data analytics to explore
    - SIEM taxonomy and trade-offs between generations
    - Analyst recommendations & best practices
    - Why resources are key to SIEM success
  • View from the CISO Chair - Security as Business Risk with Tom Bowers, Principle Security Strategist, ePlus
  • Like “green” initiatives for reducing carbon emissions, software supply chain security has significant benefits to an organization, but is routinely avoided in pursuit of revenue-driving projects. But “green” managed to gain traction, and so can your program to secure your third-party suppliers.

    Join this webinar to learn how to apply principles taken from “green” initiatives to your software supply chain security program. You will learn how to:

    -Choose the right suppliers
    -Use suppliers as force multipliers.
    -Drive compliance via “WIIFM”
  • With the increased regulation and scrutiny of the past decade, it is important for organizations to implement best practices in order to maintain control and achieve compliance with evolving regulatory requirements.

    Compliance teams of the brave new world are set up to discuss risks with the key business leaders, and have sufficient resources to ensure company compliance programs are implemented effectively. Their software applications for managing enterprise governance, risk management, and compliance (eGRC) continue to mature with impressive features and functions, and they are making notable strategic advances by linking these three business functions for more informed decision-making, to reduce risk exposure, lower audit costs, and demonstrate compliance.

    To replicate similar success in your eGRC program, you will need to focus on selling GRC value, practicing good GRC project management, and embedding GRC into corporate culture. Join this educational panel webinar as our experts delve deeper into this, and identify the best practices for implementing an eGRC program in 2015.
  • With companies adopting SaaS applications more rapidly than ever before, the risk of cloud data loss has also risen. As many as 40% of companies that use cloud based applications have reported data loss since 2013, according to reports from the Aberdeen group and Symantec – but until cloud data disasters hit home, businesses tend not to prioritize cloud data backup.

    In this BrightTALK-exclusive webinar, you’ll learn about the biggest cloud data losses of the year, and how to make sure they don’t happen in your organization.
  • 2014 was a year pack with hacker attacks on payment card infrastructures but we’re not out of the woods yet. Dell’s threat research team have regularly observed new active pieces of advanced Point-of-Sales (POS) malware in 2015. Why so many retailers still soft targets? For cyber criminals, retail is where the money is. The possibility of spiriting away and selling thousands or millions of credit card details and chunks of consumer information is powerful incentive.
  • Join The Wall Street Journal's Dan Keeler, and industry experts, including Dow Jones Risk & Compliance Data Strategist Nicholas Grimaldi, to discuss conducting comprehensive due diligence to mitigate risk when entering into frontier markets.
  • This short video shows how distributed cryptography technology from CertiVox provides strong authentication and a simple user experience without compromising security. M-Pin eliminates the password database and therefore, risk of breach. It offers low cost of ownership and helps satisfy security compliance and policy requirements. M-Pin provides federated authentication to SAML and RADIUS enabled applications to help you take back control of unsanctioned shadow IT deployments.
  • ISO 31000 was published as a standard on the 13th of November 2009, and provides a standard on the implementation of risk management. A revised and harmonised ISO/IEC Guide 73 was published at the same time. The purpose of ISO 31000:2009 is to be applicable and adaptable for "any public, private or community enterprise, association, group or individual."[3] Accordingly, the general scope of ISO 31000 - as a family of risk management standards - is not developed for a particular industry group, management system or subject matter field in mind, rather to provide best practice structure and guidance to all operations concerned with risk management.
  • If there is one thing that can be said about the threat landscape, and cybersecurity as a whole, it is that the only constant is change. This can clearly be seen in 2014: a year with far-reaching vulnerabilities, faster attacks, files held for ransom, and far more malicious code than in previous years.
    Join us on 26th May, at 10:00 - 10:45 to understand the growing threat landscape and how this affects your business.
    On this webcast we will cover;
    •The main security challenges and trends in 2014
    •Highlight how threats operate to allow you to better informed
    •Key takeaways for executive / functional leaders
  • Problem Management is one of the most useful processes within ITIL as it allows an organisation to identify the underlying issues that generate incidents over and over again and removes them. It supports the change from reactive to proactive and makes customers happy by providing information and a process on those annoying issues that keep coming back to haunt them, and when they can expect to see them gone forever. However, with all this to offer many organisations still struggle to get the funding to implement this process as its seen as a duplication of effort with incident management.

    Join Peter Hubbard, Pink Elephant, as he shows you how to set up this process on a part time, unfunded, but effective way. The point is not to say that Problem Management does not need a budget, its to show you how to build up support by doing the basics anyway and showing how much better it could be if the organisation DID fund it properly!
  • •¿Sabía que el 14 de julio finalizará el soporte del producto Windows Server 2003?
    oDespués de esta fecha , Microsoft dejará de emitir parches de seguridad , dejando a estos sistemas en un estado de vulnerabilidad alto frente a los ataques de día cero y otras formas de código malicioso.

    •Conozca a que riesgos se expone si no hace frente a esta situación y como Symantec le ayuda a proteger sus sistemas ante la finalización del soporte para estos sistemas.
  • Seit Edward Snowden ist bekannt, wie systematisch Informationen ausgespäht und manipuliert werden. Was hat sich seither wirklich verändert und was ist die konsequente Schlussfolgerung? Wir zeigen Ihnen, wie sie auf Basis einer angepassten Sicherheitsstrategie die richtigen Lösungen für Ihre Sicherheitsanforderungen finden.
  • End-point data protection is fundamentally changing. End-points have moved from desktop to mobile with BYOD, and the data protection envelope is extending beyond simple backup and recovery solutions to include continuous data availability, security, and compliance.

    During this webinar to learn how Syncplicity’s enterprise file sync and share solution helps extend the data protection envelope across your enterprise.
  • The End of Support (EOS) of Microsoft Windows Server 2003 in July 2015 will put millions of enterprise servers at risk. And according to a recent study by leading analyst firm Enterprise Strategy Group (ESG), “More than 80% of enterprise and midmarket organizations still support Windows Server 2003 to some extent.” Newly discovered vulnerabilities will not be patched or documented by Microsoft. Hackers know this and will be targeting new exploits at the considerable number of Windows Server 2003 servers still in use. In this webinar, ESG will share the significant findings from its recent survey of Microsoft Windows Server 2003 customers. Also, Trend Micro will discuss how to protect your legacy Windows 2003 server environment while you plan your move to newer platforms. Join us and learn how to:
    * Protect and secure your Windows 2003 Servers after EOS
    * Build a comprehensive security strategy with virtual patching (IPS), file integrity monitoring, and anti-malware
    * Ensure your organization is protected across physical, virtual, and cloud environments as you migrate to newer platforms such as Windows Server 2012 and Azure
  • As a security professional, information sharing with other organizations is big part of your job. However, when it comes to information about attacks and vulnerabilities, there are limited accepted resources—leaving knowledge sharing to an informal process with only a few select contacts.

    Now you can get better information about the top vulnerabilities that need your attention and what to do about them. Learn more about the US-CERT Top 30, a publication that provides guidance in the vulnerability field.

    Join this webcast for a closer look, so you can:

    > Learn about the top 30 vulnerabilities — that comprise most of targeted attacks against critical infrastructure

    > Understand how the US-CERT condenses — security data into a single report

    > Apply and implement recommendations — against your infrastructure

    > Share this new data point with your colleagues — at other companies
  • Do you run mission critical applications in the cloud? If the answer is yes, then you already know how important it is to have visibility into all aspects of your infrastructure. An alert telling you your application is down is no longer sufficient. Today’s IT managers need to be made aware of potential problems before they arise.

    Join me, Dan Waymire, Sr. Account Manager at HOSTING, for a webinar on May 28th at 3 p.m. EST to learn how Hosting can provide unprecedented visibility into your infrastructure, allowing you to be one step ahead of service impacting events. Leveraging the industry leading ScienceLogic platform, I will cover the following:
    •A demonstration of how you can build real-time dashboards showing availability, utilization, and performance of your entire IT infrastructure
    •A walk-through of an Executive dashboard showing your leadership team the application availability in real time
    •IT manager dashboards capable of showing utilization & performance of web servers, database servers, switches, and firewalls all in a single pane of glass
  • For many organizations, adherence to regulatory guidelines is the ruler by which to measure their security posture. While compliance is an important part of overall risk management, studies have shown that security education in areas like secure application development and security awareness can help in preventing attacks and deterring cybercriminal activity.

    In this interactive, online session, you will learn how course-based eLearning empowers employees to recognize potential security risks throughout their daily workflow. Hear examples of how organizations can implement effective, scalable training - enabling the business to protect its assets and software developers, testers and security leads to build secure applications from inception to deployment.
  • James Hanlon, Security Strategist at Symantec, looks at both the current cyber poisons and potential antidotes to the cyber security challenge. The discussion will focus current threat landscape and the changes we are seeing in regard to hacking and cyber attacks. It will pose the questions to whether global intelligence & data analytics is an approach that can be used counter the most advanced threats.
  • Attackers are getting smarter, while repurposing what we thought were outdated techniques. So, how can your organisation stay safe?

    In the past decade we’ve seen the emergence of the world’s youngest profession – the Cyber-Intruders. These actors, often working normal 9 to 5 hours, Monday to Friday, are paid to break into systems and steal sensitive information or scope out a target for their employer.

    Crime-as-a-service has become a reality in cyber-space, with specialisms emerging which make it akin to a mini-industrial revolution. The techniques they use are often novel, though not always. Out-dated technology as well as lessons unlearned by organisations mean that persistent attackers can breach networks with relative ease.

    This talk aims to present the current state of the cyber threat landscape, what are the latest tricks attackers are using, and what should organisations focus on to keep data and systems secure.
  • Knowing that your company has been compromised is just the first step in a long road to erase the threat.

    Many companies take weeks and sometimes months to address compromised machines due to a lack of real-time notifications or, in many cases, a deep understanding of the malware profile.

    Tiago Pereira, Threat Intel at AnubisNetworks will share the methodology used by AnubisNetworks which comprises the combination of Cyberfeed threat intelligence capabilities with the expertise of the security team to dissect and understand the botnet behaviour, destroying capabilities and threat risk for organizations. The first part of the webinar will be dedicated to explaining the methodology and the second how it was applied in a real case study.

    In this webinar you will learn:
    - AnubisNetworks’ sinkhole techniques and botnet research methodology
    - Case study: understand a botnet:

    o DGA mechanisms

    o Decipher the network protocol

    o Uncover the malware capabilities
  • Organisations around the globe are struggling to cope with the quantum speed and sophistication of attacks by organised cyber criminal syndicates and going forward will need to prepare to be targeted 24x7 by multiple assailants. Criminal organisations have become more sophisticated, mature and are migrating their activities online at greater pace. They have begun to develop complex hierarchies, partnerships and collaborations that mimic large private sector organisations and are taking their activities global. Organisations that wish to keep pace with these developments and remain financially viable will need to take action now.

    This webcast will share guidance and tips on how organisations can identify and protect the areas of their business that could be impacted by cybercrime activity.
  • Learn how to prevent the inevitable intrusions from compromising sensitive data! There is no silver bullet, but there is a solution.

    It’s widely accepted that perimeter breaches are inevitable – the bad guys are getting in. There is no silver bullet and there aren’t enough dollars in any IT security budget to address every vulnerability. But the loss of sensitive data from a breach is NOT inevitable.

    Data Loss Prevention (DLP) is a proven solution that stops the theft of sensitive data. The problem is, DLP is not widely deployed. Why? Put simply, DLP is hard. But just because it’s hard, doesn’t make it a less necessary component of your security strategy.

    In this webinar, Dan Geer and featured speaker Heidi Shey of Forrester will discuss:

    • Why and how CISOs need to get past the DLP horror stories and limited usage to prevent the inevitable intrusions from compromising sensitive data

    • What’s required for DLP to be a success

    • New DLP solution deployment options that get you all the data protection, without the deployment and management headaches.
  • DevOps is now over 5 years old and many advancements have been made.

    In this talk, we will review what's going on in the space, and discuss current trends and where we envision DevOps is going over the next few years. Specifically, we will cover the rise of containers, the "move to the donkeys", the greater incorporation of security into the development pipeline, the movement on network and databases as code, cultural backlash and trends.

    This will be a panel style talk with Karthik Gaekwad (@iteration1) , Ernest Mueller (@ernestmueller), James Wickett (@wickett) with plenty of time with questions at the end of the talk.
  • From their first cup of coffee, to meetings in the field and late night conference calls – today’s workers expect a seamless continuum of access to enterprise resources. And while remote network access, virtual desktops and cloud applications are invaluable assets for these employees, the increasingly splintered data ecosystem is wreaking havoc among the unprepared – be they IT, security or compliance professionals. So how can IT administrators service 100s, 1000s or even 10,000s of users while keeping management overhead low? Can security staff support mobility and remain unruffled in the face of a data breach? And exactly how can compliance stewards ensure they have the visibility they need to smoothly undergo audits? This webinar will provide the answers.
  • Organisations of all sizes and types unwittingly, but actively, assist both Social Engineering and more technical attacks on their businesses through their own corporate culture, habits and management style.

    Whether it be through a management style of arrogance or bullying, through poor supplier management or through the naiveté that comes with having plentiful resources & being a household name, firms are encouraging external attacks and growing their own risk of internal threats, primarily through having the wrong attitude and organisational behavioural traits.

    In this webinar, Social Engineer and People Hacker, Jenny Radcliffe explains why this is the case and discusses what organisations can do to adapt their culture in order to repel, rather than attract, the attackers.
  • The End of Support (EOS) of Microsoft Windows Server 2003 in July 2015 will put millions of enterprise servers at risk. And according to a recent study by leading analyst firm Enterprise Strategy Group (ESG), “More than 80% of enterprise and midmarket organizations still support Windows Server 2003 to some extent.” Newly discovered vulnerabilities will not be patched or documented by Microsoft. Hackers know this and will be targeting new exploits at the considerable number of Windows Server 2003 servers still in use. In this webinar, ESG will share the significant findings from its recent survey of Microsoft Windows Server 2003 customers. Also, Trend Micro will discuss how to protect your legacy Windows 2003 server environment while you plan your move to newer platforms. Join us and learn how to:
    * Protect and secure your Windows 2003 Servers after EOS
    * Build a comprehensive security strategy with virtual patching (IPS), file integrity monitoring, and anti-malware
    * Ensure your organization is protected across physical, virtual, and cloud environments as you migrate to newer platforms such as Windows Server 2012 and Azure
  • As businesses and people increasingly engage with new forms of online communication so their digital footprints are expanding. While much of this information is positive and benign, some of it directly relates to enterprise security and potential threats. However, businesses remain ignorant of the trails that they, and those who threaten them, leave behind because they lack the resources to both discover and manage them. In this seminar we will show how businesses can lift the lid on their digital shadows and explore what lurks within. By learning about their weaknesses and the threats they face, they can then make smarter investment decisions about their defences.
  • Driven by customer behavior and technological disruption, banking and financial services will change more in the next 10 years than it did in the last 100. Mobility is shifting from being an option to being a basic of customer acquisition and a cornerstone of customer relationships.

    Brett King, Author of "Bank 3.0" and radio host of "Breaking Banks", discusses the new rules of engagement: Advocacy, Behavior, and Context; and why burgeoning FinTech should be considered both the consumers and the banks biggest ally.
  • Architecting for Identity & Access Management (IAM) in the Cloud

    In today’s SaaS-centric world, managing passwords to hundreds of cloud apps is a major problem for users and IT administrators. The password issues increase risks, drain user’s productivity and burn up valuable administrator time.

    Fortunately, new standards and cloud architectures have emerged that allow organizations to take passwords out of the equation, improve the user experience, and deliver the right security to any user, in any location, for any app, from any device, at any time. Today, Identity and Access Management (IAM) from the cloud is maturing and offers capabilities beyond just single sign-on (SSO), making Identity as a Service (IDaaS) a viable replacement for traditional on-premises IAM implementations. In this new market reality, organizations of all sizes need to be prepared to transition to an IDaaS offering.

    Join guest Merritt Maxim, Senior Analyst at Forrester Research, and David Meyer, VP Product at OneLogin, as they discuss the state of IDaaS in the context of new architectures and real world use-cases, including:

    - Challenges in extending on-premises IAM approaches to the cloud
    - Implications of new standards and authentication methods in the cloud and mobile environment
    - Practices to reconcile systems of record against a cloud directory, and requirements to control access to thousands of SaaS applications
    - Workflows and user account management when automating user provisioning and deprovisioning activities whether for cloud or on-premises applications
  • Stress testing is a useful method for determining how a portfolio will fare during a period of financial crisis...
  • Information Governance has long been regarded as a key element of SharePoint Governance, but in large enterprises and global organisations it’s not as easy or as well understood as we may think and that’s just from the business perspective, technology solutions to information governance are even more complex than we think!
    This session focuses on what Information Governance really means to large organisations, where the mismatch between information governance theory, organisational compliance and our SharePoint technology platform is and approaches to delivering a pragmatic IG solution across your organisation

    Take-aways:
    •What is information governance?
    •Why information governance is so hard for large or global organization’s
    •The mismatch between theory and practice
    •Business complexity working against the SharePoint information governance features
    •Approaches to managing information governance complexity
    •Tips and tricks to delivering SharePoint in complex information governance scenarios.
  • Multi-national businesses must have an endpoint backup strategy that goes beyond simple laptop backup and restore capabilities. Organizations with employees in different regions, under different legal jurisdictions, face more complex and complicated challenges to manage and secure data while enabling user productivity. Policies for privacy, security and governance and flexible assignment of regional data storage access are but a couple of unique needs of enterprises that span borders. Join Druva to learn best practices around rolling out a global endpoint backup strategy. Uncover critical points to consider as well as hints and tips to successfully protect laptop and mobile device data using global policy.