Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Understanding the cybersecurity posture of vendors, suppliers, and third-parties is now a necessity for businesses in all industries. Yet, many businesses do not have a formalized vendor risk management program. There are multiple components needed to create a comprehensive vendor risk management program. These span governance and control, as well as security controls and technology.

    Join Jake Olcott, VP at BitSight on February 9 as he highlights best practices and industry standards for vendor risk management programs. Attendees will learn:

    - Which frameworks and methodologies can help get you started
    - Vital questions you should be asking your vendors
    - Why continuous monitoring and verifying vendor security is crucial to mitigate cyber risk
  • Do you want to learn about new disaster recovery options from Microsoft experts? Have you been putting off trying new technology due to time pressures or not knowing where to start? Do you think your disaster recovery strategy would benefit from a refresh?

    If you answered yes to any of these questions, you need to register for this webcast. You will learn:
    •How to replicate any workloads to Microsoft's global datacenters
    •How to back up data and protect workloads with nearly infinite scalability
    •How to implement a hybrid replication using both cloud and on-premises solutions
    •How to create a backup without needing to buy more tape
    •How to back up your Windows clients (including Windows 10) to remote storage

    Register now to watch live or receive notification when this program is available on-demand.
  • In this webinar we will explain how DevOps, powered by Chef automation, makes it possible to deliver infrastructure and new features at velocity within the highly regulated world of the UK Government sector.

    Using Chef in conjunction with a platform such as Skyscape Cloud Services, which provides assured cloud services, enables the government sector to deliver software at speed without fear of compromising Official and Official Sensitive data. With a correctly provisioned and tested infrastructure, plus rules that automate rigorous security testing and policy assurance, you can reduce risk, provide a faster route to delivery and help enable DevOps within your organisation.

    Hear from Seth Thomas, DevOps Evangelist at Chef Software and Peter Rossi, Head of Automation at Skyscape Cloud Services on how to automate your infrastructure in a secure cloud environment.

    In addition, Viewdeck Consulting and Synyega will discuss their successes within this market sector, and offer tips on how you too can adopt DevOps practices.
  • Inherent risks in web, mobile and cloud applications are keeping security practitioners up at night, according to the 2015 SANS survey on application security.

    In this webcast, learn about the growing threats against applications, why applications are so risky, why you need to include application security in your enterprise security program, and how to get started.

    Attend this webcast and be among the first to receive the associated whitepaper written by SANS Dean of Research, Johannes B. Ullrich, Ph.D.
  • Arbor Networks' 11th Annual Worldwide Infrastructure Security Report (WISR) offers a rare view into the most critical security challenges facing today’s network operators. This session will review the highlights from the report to help network operators understand the breadth of the threats that they face, gain insight into what their peers are doing to address these threats, and comprehend both new and continuing trends.

    This year reveal a 60x increase in DDoS attack size, a marked increase in cyber extortion attempts and an influx of advanced threats, all of which is driving an increased focus on DDoS mitigation best practices and rapid adoption of incident response plans.

    Join this presentation to:

    · Hear about the mounting challenges ahead for those involved in day-to-day security operations

    · Understand how your network infrastructure may be affected by the rapidly changing threat landscape
  • The rise of the Internet of Things (IoT) has resulted in an increase of data sharing and exchange largely through wearables and devices. However this largely unmanaged data exchange can result in potentially devastating consequences for businesses and consumers, particularly where business decisions based on big data analytics are inaccurate.

    Organizations who store corporate or customers’ Personally Identifiable Information (PII) in the cloud have little or no control over the movement of their information and increasingly are more susceptible to data breaches.

    In this webinar, Steve Durbin will provide guidance on how to protect sensitive data and prepare for stricter breach laws to avoid reputational and financial damage.
  • Hear the latest on the most recent data breaches, web threats, and cyber security topics in the news.
    The recent attacks on Ukrainian Power Utility are highlighting a recent shift in destructive attacks against Critical Infrastructure. In this webinar Ed Cabrera, VP Cybersecurity Strategy and former CISO of the US Secret Service, will be joining us to cover this latest trend we’re seeing in the use of destructive malware against both critical infrastructure and commercial organizations. Learn the latest in destructive malware and why this technique is being used by threat actors today.
  • Are you in the market to purchase a new security product? Or have you recently purchased one? If you answered yes, NSS Labs can help.
  • We all know that security gaps are widening due to technology shifts and advanced threats. Whether you are in finance, energy, tech, or manufacturing, the infosec challenges are much the same.

    Chart Industries — a global manufacturer with 5,000 employees and 45 locations — was facing a huge volume of malicious activity every day resulting in excessive break-fix work for their small security team. They had thousands of unmanaged mobile and guest devices connecting to their networks. And neither web proxies nor endpoint security could fully protect them. They needed a new layer of malware and breach protection. But it also had to be a painless deployment and it needed to be a transparent experience for their employees and guests.

    Hear directly from Jack Nichelson, Chart’s Director of IT Infrastructure and Security to learn:
    -Why they use a layered approach to security and how OpenDNS complements their security stack
    -How long it took to deploy OpenDNS Umbrella globally
    -How his security analyst, Kevin Merolla, quickly responds to incidents or false positives using OpenDNS Investigate
  • Healthcare privacy and data protection regulations are among the most stringent of any industry. Join this Webcast to learn how healthcare organizations can securely share health data across different cloud services. Hear experts explore how Encrypted Objects and Delegated Access Control Extensions to the Cloud Data Management Interface (CDMI) standard permits objects to freely and securely move between clouds and clients with enhanced security and auditability.
    You’ll learn:
    •Protecting health data from alteration or disclosure
    •How Cloud Encrypted Objects work
    •How Delegated Access Control works
    •CDMI for Electronic Medical Records (EMR) applications
    •Healthcare use cases for implementing securely sharing data in the cloud
  • In this session we will discuss how state and local government organizations can create modern cloud applications in Microsoft Azure. Learn how you can help modernize your agency and the services you deliver to citizens using:
    •Devices that are sensors, sensor gateways or IoT devices that are publishing events to Event Hub either directly or using Microsoft IoT Hub SDK
    •Gateways - a logical component that groups processing, management of event processors
    •Event processor routes and device actors - Device Actors are chained with various other actor types that are responsible for aggregating, storing, analysis and reporting on device events

    Key takeaways:
    •Initiate a project using Visual Studio Online
    •How an IoT pattern can be used in Azure IoT Hub using a presentation and references to real tenants.
  • Tableau’s stunning success has empowered individuals across the enterprise to create powerful data visualization and analysis on-demand.
    However, the challenge lies in the time and effort it takes to prep data for visualization. According to James Haight of Blue Hill Research, on average data analysts spend between 50 to 60% of their time just preparing the data. In today’s data-driven environment, organizations can’t afford insight bottlenecks when it comes to getting the answers they need.
  • Corporations increasingly rely on their enterprise services bus (ESB) as the communication center to link multiple IT systems, applications and data. Unfortunately, when something goes wrong in the ESB it can have a cascading affect, impacting critical applications. Determining the root cause of the problem is a challenge for most IT organizations, since ESBs serve as a ‘black box’, offering little insight into the issue.

    Now, you can assess and resolve performance issues for applications that communicate across your ESB, before they affect your users. Join Richard Nikula, Vice President, Product Development and Support at Nastel, to learn how Nastel AutoPilot for CA Cross-Enterprise APM lets you analyze application behavior in real-time in production, test and development environments.
  • Many recent data breaches have exploited security weaknesses in third-party vendors to attack businesses. As supply chains grow and business functions increasingly get outsourced, the amount of data given to third parties has increased.

    In this webinar, Benjamin Fagan, Product Marketing Specialist, will discuss why vendor risk management should be a top priority for your business. Additionally, he will discuss how BitSight can help manage the cyber risk of your vendors.
  • Arbor Cloud is a layered DDoS protection solution that combines the comprehensive network threat detection of Arbor’s Peakflow technology and Arbor’s Pravail, an always-on application layer attack solution. Arbor Cloud signaling offers additional mitigation capacity and expertise that allows you to fully control your network, applications, and services in the event of a DDoS attack.

    While Peakflow and Pravail services can be implemented separately, the Arbor Cloud DDoS Protection Service unites both platforms to ensure utmost network security against application-layer and volumetric attacks. Using a combination of on-premise hardware and cloud-based protection, Arbor Cloud quickly detects and mitigates malicious traffic.

    Arbor Cloud is an ideal service to deliver comprehensive DDoS protection to your customers as well as your own organization, and is supported by Arbor’s Security Engineering and Response Team (ASERT) and Atlas.
  • Identity and access management (IAM) initiatives with a focus on users can enable your business, while still supporting their traditional role in the important areas of security, compliance, and reliability.

    In the research report "IAM for Everyone: How A Broader Strategic Focus on Users Pays Off," Aberdeen Group’s Derek Brink describes four high-level attributes that can help you quickly assess whether your organization’s IAM initiatives are on a path to achieve similar results:

    - IAM is viewed not only as the technical means for control, compliance, and cost efficiencies, but also as an essential strategic business enabler
    - Both rewarded risks (eg. enablement) and unrewarded risks (eg, protection) are among the top drivers of your IAM investment
    - There is a strong focus on a convenient, streamlined, and personalized user experience
    - The performance of your IAM investments are being measured and are helping to produce the desired business value

    Join CA Technologies and Aberdeen Group for this highly informative on-demand webinar on IAM as a strategic enabler.
  • Find out how to secure the data on your school’s network and protect students from inappropriate web content.

    During the session, you’ll:
    •Understand the security technologies that are essential to protecting your network
    •Find out if your current network security solution is up to par
    •Learn about E-Rate approved solutions that are within your budget
  • Microsoft’s Enterprise Mobility Suite (EMS) allows you to manage devices, applications, and access simply and securely. In this webinar, we will dive deeper into this industry-leading solution and discuss some of the newest features.

    Register for this webcast to learn about:
    •New EMS features, including Advanced Threat Analytics (ATA) and Mobile Application Management (MAM)
    •How to provide remote access and single sign-on to on-premises web applications with Application Proxy
    •Azure AD auditing capabilities, and how you can easily report on security events for any Azure-AD protected application or service

    Register now to watch live or receive notification when this program is available on-demand.
  • APIs have become a strategic necessity for your business because they facilitate agility and innovation. However, the financial incentive associated with this agility is often tempered with the fear of undue exposure of the valuable information that these APIs expose. We will explore in depth the main security concerns API providers and consumers need to consider and how to mitigate them.
  • We’ve lined up an insider’s perspective into why companies and developers still flock to PHP, with firsthand accounts of use cases and advice on your current or future PHP applications.

    Join us as principal analyst and co-founder of RedMonk, Stephen O'Grady, leads a streaming video panel discussion among Federico Lara, CTO of FedEx CrossBorder, and Andi Gutmans, Zend co-founder and Rogue Wave Software executive vice president.

    Along with discussing the wide appeal of PHP, the panel will talk about:
    - Why enterprise developers should use PHP

    - What should be considered when developing applications

    - Where DevOps fits into the bigger picture of development

    - What enterprise requirements should be considered (from compliance to performance)
  • Informatica PowerCenter is designed to deliver end-to-end data integration agility. A big part of agility is about delivering data integration testing, rapidly, reliably and securely.

    Testing is a crucial, often overlooked, element of your development lifecycle. Today, data integration testing is often time-consuming, manual, script driven, painful and error-prone. Validating your data as part of Unit and Regression Testing may be manual, unreliable and lacking reusability and auditablity. Provisioning the right test data sets in dev/test environment may delay the process and result in inaccurate test outcomes. Sensitive data may not be protected during testing.

    In this webinar we will discuss capabilities that will automate your data integration testing so you can quickly, reliably and securely move your applications into production:
    •PowerCenter Data Validation testing to validate your logic in unit and regression testing
    •Automated management, provisioning and generation of the optimal test data sets in non-production environments
    •Consistent masking to ensure sensitive data is protected in dev/test environments, while ensuring high quality, realistic test data is maintained

    Join us to learn how you can improve your data integration testing to accelerate your development lifecycle, deliver better quality data in production and protect sensitive data during testing.
  • Identifying social compliance issues, particularly forced labor and human trafficking in supply chains, continues to be a significant problem for business, particularly when sourcing from opaque and non-transparent emerging markets. Civil society is playing a large part in increasing awareness and pressuring politicians to introduce and enforce legislation, and is gradually highlighting the issue as a problem which needs to be addressed both by governments and the business community.

    Kroll has been researching and working on this issue for a number of years and believes that businesses should be taking the issue as seriously as other forms of compliance.
  • The future for women in Cyber Security is NOW.

    Despite the growing demand and tremendous opportunities in the job market, cyber security remains an area where there is a significant shortage of skilled professionals regionally, nationally and internationally.

    At EC-Council University we want to empower and recognize women who are results-driven and able to manage multiple disparate tasks while leading groups to achieve positive outcomes and astonishing professional successes.

    Even worse, women’s representation in this male-dominated field of security is alarmingly low. Women are detail oriented with an analytical mind that quickly assess and achieve solutions to the most difficult problems, prioritizing and executing in a rapid, dynamic environment.

    “At EC-Council University we wish to highlight these prestigious women and set examples for others to follow suit.”
  • Join the Informatica Cloud product team to see the new Informatica Cloud platform in action and find out what's new in the Winter Release of Informatica Cloud and explore all the key capabilities.
    The Winter release of the Informatica Cloud is packed with many rich functionalities, with a continued focus on self-service and ease of use. Updates include:
    •Enhanced Cloud Mapping Designer
    •Greater Data Masking transformation capabilities
    •Platform enhancements for REST API, Cloud Test Data Management, secure agent and Real-time processes
    •New connector capabilities for Salesforce Marketing Cloud, Microsoft Azure Data Lake, Microsoft DocumentDB, SAP Concur V2, JD Edwards, Zendesk and more!
    •Enhanced connectors for Tableau, NetSuite, Amazon, Oracle, Microsoft, Marketo, Workday, Zuora and others
    •And so much more!
  • Despite the rapid enterprise adoption of SaaS, many organizations still rely on a hybrid mix of on-premise and SaaS apps to run their business, creating administrative challenges and inefficiencies.

    Identity-as-a-service (IDaaS) solutions have evolved to provide business and security professionals with a viable and compelling alternative to traditional IAM options. Besides delivering all the great cloud benefits, cloud-based IAM offerings can integrate with on-premise environments to increase business agility, reduce operational inefficiencies, mitigate identity risks, and improve real-time visibility for today's hybrid enterprise.

    Join featured speaker Merritt Maxim, Senior Analyst at Forrester Research, as he discusses the state of IDaaS in the context of new architectures and real world use-cases, including:

    – Current IDaaS Market Trends
    – Critical considerations for building an IDaaS architecture & strategy
    – Challenges in extending on-premises
    – IAM approaches to the cloud
    – Key benefits from deploying IDaaS in hybrid environment
    – Quick Demo of OneLogin IDaaS solution for hybrid environment
  • Cloud adoption in higher education is greater than in any other industry, with 83% using Google Apps or Office 365. As universities move from on-premise to public cloud apps to meet the need for modern collaboration tools and the increasing demand for BYOD, IT leaders are increasingly aware of the security risk to sensitive research data and student personal information.

    In this webinar will discuss the unique security issues of higher education including faculty file sharing and employee BYOD.
  • Whether you are building an incident response program from scratch or expanding an existing security operations centre you need to ensure it is aligned to helping you build a better cyber defence centre. The services team at Mandiant have gained experience responding to hundreds of computer security incidents every year and with this knowledge we would like to take a few minutes to discuss how you can develop your organisation’s full portfolio of technical, organizational and administrative capabilities to effectively protect themselves against advanced threat actors.
  • A discussion on the current state of advanced threat protection and incident response preparedness that will include both highlights from Arbor's Worldwide Infrastructure Security Report (WISR) as well as original research by Arbor's Security Engineering & Response Team (ASERT). The WISR is a global survey of security professionals, highlighting the key trends in the threat landscape along with the strategies network operators adopt to address and mitigate them. We’ll also provide a deep understanding of two attack campaigns discovered by ASERT. One multi-stage attack campaign was focused on government organizations and a second was focused on financial services organizations.

    This session will cover:

    • The primary challenges facing security teams with emphasis on the balance between technology, people and process.

    • Insight into attack campaigns happening on the broader Internet and an understanding of why it is critical to connect that activity to conversations on internal networks.

    • How businesses are adapting and changing their threat detection and incident response to reduce risk posture
  • The Pentagon reports 10 million cyberattacks daily. Federal, state and local government agencies need to safeguard information and maintain control when addressing internal mandates for cloud migration. Do you know how many attacks you are experiencing on a daily basis? Do you know where those attacks are coming from? How long they have been in your environment?

    While there is no silver bullet to combating either external or internal cyberattacks, there are steps you can take to build a defense strategy to protect your agency. Beyond just detecting attacks, you need to build up your defenses and take the necessary steps to protect your data and applications.

    In this session, we will discuss how you can leverage the Microsoft Enterprise Mobility Suite to help:
    1. Monitor behavior on your internal network and detect abnormal behavior
    2. Identify authentication irregularities from your users
    3. Protect applications using two-factor authentication
    4. Restrict access to confidential data
  • What is the essence of information security governance, risk & compliance? How do you meet your governance, risk and compliance requirements and prevent a data breach? The key is to understand the spirit of risk management and create a customised information security management system (ISMS) for your business. This presentation details a practical, step-by-step guide for designing and implementing a cost-effective ISMS to minimise your risk of a breach and meet your Association’s legislative (Data Protection Act), regulatory (Payment Card Industry), or industry standard (ISO-27001) compliance requirements to include:

    · Practical ISMS documentation structure

    · Scope, objectives & risk strategy examples

    · Risk treatment plan, asset register & classification guide examples

    · Policy frameworks

    · Control objectives, evidence & policy examples

    · Audit & testing documentation examples
  • The success of cyber threat intelligence is measured by its effectiveness in reducing the impact of malicious actors. It is therefore important to understand the economy of malware in order to break the chains of success of such economy. Such success needs to be materialised by a change in attitude, policies and configurations.

    Whilst applicable to most organisations, most examples used during this seminar will feature the financial sector and aim to:


    · Analyse the core components of the economy of malware

    · Analyse how to gather intelligence to reduce the impact of malicious actors

    · Show how to use the intelligence gathered to improve the security posture of the organisation
  • As the shape of the workforce is changing, we look at the importance of managing your applications and systems to ensure maximum end user productivity. During our webinar, we will explore how there is more to consider than just delivering your applications seamlessly and securely to your end users. There are many other factors to take into consideration too; such as user experience, user adoption and collaboration.

    Join our webinar to learn how often over-looked factors such as platform design can be the key to ensuring a better experience to your end users, and a more productive use of your business critical applications.
  • Growing concern over climate change, increasing utility prices and the availability of sustainable energy like solar are driving increased demand for conservation, pricing transparency and cost savings. Smart energy solutions provide real time visibility into consumption and billing data helping consumers to conserve resources, while energy and utility companies are better able to balance production to meet actual demand reducing brown outs and other potential issues. At a time when energy utilities play an increasingly important part of our everyday lives, smart grid technologies introduce new security challenges that must be addressed.
    In this webinar we will discuss:
    •The threat landscape
    •Addressing security challenges in critical infrastructure with cryptography and strong authentication
    •Compliance with NERC CIP Version 5
    •The road ahead
  • Security demands countless decisions to determine whether or not log data or other surveillance data are positive indicators of adverse activity or merely false positives. Knowing when, and how, to make and document those decisions can be critical to how legal and compliance sanctions may be imposed. Designing your security controls to do so effectively can make all of the difference. Learn how rules-based design can transform your design frameworks and keep lawyers and regulators away.
  • Windows 10 opens up innovative device experiences and enables your business to take advantage of new hardware enabled security features.

    Every business has potential. Given the right tools, it's the people within that can take big ideas from brainstorms to results.

    Buying a Windows 10 device means you'll have the tools for transforming ideas, and your business, into something greater. When you accelerate a PC refresh* from Windows 7 to Windows 10 you are getting extra hardware enabled security features giving you the most secure Windows platform yet.

    Plus, newer devices and form factors light up new user experiences like Cortana, Inking, Touch and Continuum**.

    With enhanced security, productivity, performance and mobility you really can’t do better than accelerating to Windows 10 today.

    Watch this webcast to:
    •Discover new features that are enabled in the latest devices with Windows 10
    •Understand why the 6th generation Intel processor helps deliver better security and manageability
    •Learn more about the latest Intel Skylake devices announced in January 2016
    •Get additional resources to evaluate what device is right for you
  • One in three Americans' healthcare records were leaked as a result of hacking and IT-related breaches in 2015, a massive year-over-year increase. Why are hackers now targeting healthcare data? How did they go about conducting the large-scale Anthem and Premera attacks that affected millions?

    Learn the answer to those questions and detail how healthcare organizations can use a Cloud Access Security Broker to protect data in the cloud, enable secure BYOD and remain HIPAA compliant.
  • Secure@Source V2 marks Informatica’s continued innovation of Data Security Intelligence. Data security intelligence reveals the risks and vulnerabilities of today’s complex data and threat environments. V2 features user activity tied to sensitive data, sensitive-data analytics for Big Data, Cloud and customer driven integrations to provide an unparalleled analysis of sensitive data risks. Organizations can understand their data risks on-demand and prioritize security investments as customers, partners and regulators demand and expect. Removing the guess work and inefficiency of manual processes and forced-fit tools, Secure@Source gives organizations the power they need to control and manage their sensitive and confidential information.
  • Ensuring your CIRP is a plan for disaster – not a disaster waiting to happen.

    Most organizations establish Cybersecurity Incident Response Plans (CIRP) with great intentions of leveraging them during security breaches. The reality is, many times once a CIRP is established it gets filed away to collect dust on a shelf until a breach occurs, leaving it out of date and out of mind. If a breach occurred tomorrow, would your organization know the proper steps and procedures to eradicate the threat... who the key stake holders are and the communications flow... when and how to reach out to a third-party for support?

    All of these are included as a part of your CIRP, but using a dusty CIRP as a guide for the first time during a breach is not a plan – it’s a disaster waiting to happen. Testing your plan prior to an incident is the key to minimize the duration, impact and cost of a breach to your organization.

    During this interactive webinar, Tony Kirtley, Senior Incident Response Consultant at Dell SecureWorks, will share the importance of testing your CIRP plan through regular tabletop exercises to help identify your organization's strengths and weaknesses, and further the development of your proactive security capabilities.

    In addition you will learn:

    - What makes an effective tabletop exercise?
    - Real stories of how organizations benefited from tabletop exercises.
    - The benefit of bringing in an objective third party to facilitate your table top exercise.
  • wir möchten Unternehmen auf der ganzen Welt beim Bewältigen der Herausforderungen helfen, die sich durch eine zunehmend agile Belegschaft für die Datensicherheit ergeben.

    Bei unserem zweiten Webcast geht es darum, wie man intelligente und strategische, datenbasierte Entscheidungen trifft. Er wird am 17. Februar um 12:00 Uhr MEZ gesendet. Wir helfen Ihnen, Ihre Informationsschutz-Strategie besser zu managen, und wir werden auch beleuchten, was dies für den CIO in Zukunft bedeutet.
  • Il nostro secondo webcast su come prendere decisioni intelligenti, strategiche e basate sui dati verrà trasmesso il 17 febbraio alle 11:00 (GMT). Ti aiuteremo a gestire meglio la strategia di protezione dei dati, e a capirne le implicazioni future per il CIO.
  • Adoption of data-driven security is set to rise threefold in 2016. Benefits include advanced security automation, accuracy and intelligence that enable mitigation capabilities to adapt in real time as threats change. However, solutions will only be as effective as the age, quality and quantity of the data available, meaning access to vast amounts of live attack traffic will be vital. Join us for this webinar to learn more about data-driven security and how it’s being deployed to bolster web defences.
  • On this webcast you will learn how to manage your information protection strategy better and we’ll also look at what this means for the CIO in the future.

    Join your fellow professionals and sign up for the second in the series - discussing threat analysis, information sharing and providing tips for how to build an intelligent and responsive data-driven security strategy.