Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Grid Cyber Lockdown: Ransomware in Critical Infrastructure Grid Cyber Lockdown: Ransomware in Critical Infrastructure Panel of experts as originally presented with EnergySec Recorded: Aug 29 2016 59 mins
    Hear from your industry peers and other security experts on this very important topic of Ransomware in Critical Infrastructure:

    •A brief history of ransomware and its current state in terms of technology and methods utilized by attackers.
    •A roundtable discussion on security and compliance risks associated with ransomware at different points of integrated IT-OT infrastructure.
    •Best practices and technologies for protecting your organization against ransomware.

    Billy Glenn, Pacific Gas & Electric, Principal Security Solution Architect
    Gavin Worden, Sempra Energy Utilities, Manager, Information Security Operations Center
    Christopher Ellefsen, BKK Group, Senior Network Engineer
    Bryan Lee, Palo Alto Networks - Unit 42, Threat Intelligence Researcher
    Jack Whitsitt, EnergySec, Senior Security Strategist
    Del Rodillas, Palo Alto Networks, Solution Lead for ICS/SCADA Security
  • Thunderstorm in the Cloud Thunderstorm in the Cloud Mathias Fuchs, Senior Incident Response Consultant, Mandiant Recorded: Aug 26 2016 37 mins
    Immer größer wird die Anzahl der Unternehmen die ihre IT-Services teilweise oder ganz an Clouddienstleister abgeben. Dies führt zu einem erhöhten Aufwand und einigen Komplikationen wenn es zu Sicherheitsvorfällen kommt.
    In diesem Webinar präsentiert Mathias Fuchs Strategien wie Unternehmen trotzdem effizient Sicherheitsvorfälle untersuchen und eindämmen können. Anhand einer Fallstudie wir gezeigt wie sich cloudbasierte Untersuchungen von herkömmlichen unterscheiden.
  • Breach Detection Systems The final protection? Breach Detection Systems The final protection? Thomas Skybakmoen Recorded: Aug 25 2016 45 mins
    Find out how a breach detection system, which is designed to detect the activity of malware inside your network after a breach has occurred, can strengthen your defense.
  • The GRC Evolution of Digital Enterprises with Convergence of ERM & Cybersecurity The GRC Evolution of Digital Enterprises with Convergence of ERM & Cybersecurity Colin Whittaker, Informed Risk Decisions; Yo Delmar, MetricStream; Chris McClean, Forrester; Sanjay Agrawal, CIMCON Software Recorded: Aug 25 2016 62 mins
    Cybersecurity has jumped to the top of companies’ risk agenda after a number of high profile data breaches, and other hacks. In an increasingly digitized world, where data resides in the cloud, on mobiles and Internet of Things enabling multitude of connected devices, the threat vectors are multiplying, threatening the firms’ operations and future financial stability.

    Organizations with the ability to view cybersecurity breaches as a risk, with associated probabilities and impacts, can strike the right balance between resilience and protection. By bringing together leadership and capabilities across fraud, IT, cybersecurity and operational risk, organizations can connect the dots and manage their GRC program more effectively. Organizations need to employ a proactive approach to review their existing risk management processes, roles and responsibilities with respect to cybersecurity to re-align them into an overall ERM strategy with boardroom backing.

    Attend this panel webinar, as we discuss these issues and address ways to develop an evolving GRC program to cope with the growing threat landscape.
  • Metric and Measurement Mistakes that Destroy Agile - 1 PMI PMP PDU Credit Metric and Measurement Mistakes that Destroy Agile - 1 PMI PMP PDU Credit Andy Jordan, ProjectManagement.com Recorded: Aug 25 2016 58 mins
    To be a high performing business, you require effective metrics and measurements that will help you gain valuable performance insights which will help drive informed and strategic decisions for your organization. Join Andy Jordan, ProjectManagement.com as he discusses what people are doing wrong when it comes to Agile metrics and provide guidance on how to get it right – the first time. Andy will also discuss the risks of using common metrics between Agile and waterfall approaches as well as why organizations need to focus on value-based metrics rather than arbitrary metrics of progress.

    This session is approved for 1 Project Management Institute (PMI) PMP PDU Credit.
  • How to Defend Against Email Fraud - in partnership with CSO How to Defend Against Email Fraud - in partnership with CSO Scott Brown, CERT Australia & Mark Guntrip, Email Protection, Proofpoint Recorded: Aug 25 2016 55 mins
    Online criminals used to favor scattershot campaigns that relied on emailing hundreds of people in the hopes of tricking even a few of them into clicking on malicious attachments. These days, however, businesses face a new threat as ever more-calculating attackers conduct extensive research to craft carefully worded emails designed to emulate the CEO, CFO or other key executive.

    These emails, known as email fraud or business email compromise (BEC), are fast exploiting perceptual weak spots by adopting executives' identities in emails pressuring employees into sending sensitive files or wiring large sums of money to a bank account.

    Recent FBI figures suggest the attacks are costing victims an average of $US130,000 per incident and cost more than $US2.3 billion worldwide. Furthermore, it is difficult if not impossible to get the money back.

    Please join the Australian Federal Police, CERT Australia and Proofpoint for a webinar to discuss the emerging threat and strategies for defending against it. Over the course of the session, you will learn:

    · How cybercriminals craft Email Fraud messages and where they get their information
    · How to help executives hide the information that cybercriminals may be using to shape Email Fraud
    · Why your current email filtering solution may struggle to keep up, and what technologies can help in the fight against Email Fraud campaigns
    · What kind of business controls can be put in place to protect against Email Fraud manipulations
  • Top 3 Cybersecurity Challenges Facing Healthcare with Real Life Lessons Learned Top 3 Cybersecurity Challenges Facing Healthcare with Real Life Lessons Learned Sam McLane, Head of Security of Engineering at Arctic Wolf Networks Recorded: Aug 24 2016 42 mins
    Healthcare organizations have become prime targets for cyber criminals. In this webcast, security experts identify three key areas that are critical to improving your organization’s cybersecurity and provide effective strategies to combat cyber attacks using real-life examples.
  • Managed Detection and Response Answers the Question, “Am I Safe?” Managed Detection and Response Answers the Question, “Am I Safe?” Young-Sae Song, VP of Marketing at Arctic Wolf Networks Recorded: Aug 24 2016 31 mins
    Cyber attacks are becoming more complex, and it is becoming harder to determine what the best strategy is for vigilant cybersecurity. Companies feel like they are playing catchup, and there always seems to be another security hole to fill. Join this 30-min webcast to hear about the emerging security service segment, managed detection and response (MDR).
  • Using Container Technologies for Agile, Scalable Application Releases Using Container Technologies for Agile, Scalable Application Releases Ian Philpot, Sr. Technical Evangelist, Microsoft Corporation and John Willis, Director of Ecosystems Development, Docker Recorded: Aug 24 2016 39 mins
    Want faster time to deployment? Need to quickly scale your applications? Microsoft can help.

    Microsoft offers a comprehensive set of container technologies for scalable, high availability, and agile release cadence. Join us for an overview of how containers can improve your organization's application development lifecycle. The session will leverage real world examples and highlight Docker.

    Watch this webcast to understand:
    •The beneficial impact of adopting container technology
    •Installation, security, design considerations and deployment operations followed by a quick tour of the Docker platform
    •How container technology positively impacts operations

    Sign up now to save your space for the live event, or to receive notification when this webcast is available on-demand.
  • Security in the Boardroom Series: Keeping Your Seat at the Table Security in the Boardroom Series: Keeping Your Seat at the Table Ashley Ferguson, Director, SecureWorks Governance, Risk & Compliance Recorded: Aug 24 2016 49 mins
    This webinar will explore another aspect of the CISO’s role as an essential business leader: guiding the organization through the crisis of a breach.

    Featuring insights from CISOs and C-suite leaders who have been there and done that, the program will address incident response planning, setting C-suite and board expectations, and tips for providing the right information in a breach crisis situation to aid decision-making and public disclosures. Learn how to establish your role as part of the solution team, and how to avoid a reactionary response that too often leads to finger-pointing at the security team. You’ll take away actionable insights to apply to your own journey as an essential business leader.
  • ClearCase to Git ClearCase to Git Doug Robinson Recorded: Aug 24 2016 61 mins
    On the surface, ClearCase and Git seem like polar opposites, yet setting architecture aside, they have interesting similarities. A deeper understanding of ClearCase and Git will ease the migration planning process.

    Register for this webinar to learn:
    - How Git and ClearCase differ and how they support some of the same development models
    - Options for moving data into Git with low technical risk
    - How ClearCase MultiSite, ClearCase UCM, and ClearQuest fit into the picture
    - ...and more!
  • BrightTALK Network Security & Hacking Preview BrightTALK Network Security & Hacking Preview Various Recorded: Aug 24 2016 3 mins
    This September BrightTALK will be hosting some of the industry's leading cyber speakers as they discuss Network Security & Hacking.

    Click below to register for the Summit:

  • Efficiency & Scale in Middle Office Financial Services Efficiency & Scale in Middle Office Financial Services William Fearnley, IDC Financial Insights & Scott Jeschonek, Avere Systems Recorded: Aug 24 2016 59 mins
    Within the financial services industry, middle office analytics and simulations continue to grow in volume and complexity. Massive compute and storage demands cause strain on IT resources. While new technologies promise speed and scalability, evaluating this unique middle office environment requires a look at compliance, risk, and pricing analytics to determine potential gains and losses. In this webinar, IDC – Financial Insights Research Director, Bill Fearnley, looks at current middle office IT workflows supporting analytics, backtesting and financial modeling and evaluates a hybrid cloud infrastructure to support growing demands.

    In this webinar, you’ll:

    · Hear an IDC Analyst’s view on the current financial services IT environment
    · Learn of common challenges and approaches to combat growing strain on compute and storage infrastructure
    · Join in a discussion about the viability of enabling cloud services to expand compute and storage capacity
    · Gain guidance on how large hedge funds and investment banks are overcoming inherent cloud challenges like latency, data accessibility, and cost management
  • It’s a Global Market. Address it! It’s a Global Market. Address it! Thomas Brence, Dir Product Marketing, Informatica - Sheila Donovan, President, Global DM Solutions Recorded: Aug 24 2016 48 mins
    Many corporations are looking overseas for continued business growth in both consumer and business markets. Now more than ever, customer contact data is a vital corporate asset.

    If you are responsible for managing global address data, this webinar is for you. You will learn how to optimize performance from Informatica’s Address Verification product by developing best practices for global address data management.

    During this webinar, viewers will learn:
    •Developing quality acceptance standards for multiple data sources
    •Identifying and troubleshooting poor quality incoming data
    •Creating business rules for exception processing
    •Understanding language and cultural idiosyncrasies that affect address data
    •Educating your team about the Do’s and Don’ts of global address management
    •Developing core best practices for your organization
    •Selecting the best parameters in Address Verification for your specific business needs
    Join industry veteran and thought leader, Sheila Donovan, President and Founder of Global DM Solutions, as she walks through this exciting content.
  • Executive Webinar Series: Cut Audit Prep with Continuous Compliance Executive Webinar Series: Cut Audit Prep with Continuous Compliance John Parmley, Area VP, Tufin Recorded: Aug 24 2016 32 mins
    Today's expectations of security executives is to do more with less: provide tighter security with less resources for a dynamic, hybrid, complex IT environment.
    As an existing Tufin customer, you can turn the Tufin Orchestration Suite from a management tool into a strategic infrastructure.

    Join us for the second webinar in our Executive Webinar Series: "Cut Audit Prep and Tighten Security with Continuous Compliance" and learn how you can maximize your Tufin investment to:
    •Cut audit preparations by enforcing continuous compliance across the hybrid network
    •Tighten security posture with a unified zone-based security policy
    •Maximize agility AND policy compliance with proactive risk analysis
    Reserve your seat now!
    We look forward to you joining us.
  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Michael Suby, Vice President of Research at Frost & Sullivan Recorded: Aug 24 2016 36 mins
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralising business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • 利用大数据实现积极且具有高度关联性的安全防御Using Big Data For Active And Contextual Security 利用大数据实现积极且具有高度关联性的安全防御Using Big Data For Active And Contextual Security 周德振(Adam), 高级解决方案顾问, Akamai Technologies Recorded: Aug 24 2016 59 mins
    *This webinar will be conducted in Mandarin
    Organizations are turning to leverage big data and analytics to ‘look’ for indicators of intent or indicators of compromise, thus helping organizations focus their security resources on the threats at hand. The challenge though is how to process the vast amount of data, and furthermore, keep it relevant, timely, actionable – contextual. The challenge becomes harder when threat actors utilize a variety of techniques to maintain anonymity, reduce their ‘fingerprint’ and mask their intent.

    In this webinar, Adam will share how Akamai leverages the vast amount of data that it sees daily to help its customers improve their security decisions, when the threat would otherwise be unclear. John will showcase how Akamai’s big data and analytics platform, Cloud Security Intelligence, powers its Client Reputation service. A service that provides the ability to forecast intent and protect applications against Distributed Denial of Service (DDoS) and application layer attacks, and how active defence can be applied to a variety of response mechanisms, delivering an intelligent contextually aware defence.


    在本次的网络研讨会中,Akamai 高级解决方案顾问-周德振先生(Adam),将会向您展示Akamai是如何在威胁尙不明确的情况下,使用每日承载的海量数据来帮助客户做出更加明智的网络安全决策的。Adam将会展示Akamai的大数据及分析平台、云安全智能是如何强化其客户端信誉(Client Reputation)服务。这种服务能够提前预告各种行为的迹象,并保护应用程序不会受到DDoS和应用层攻击。此外,您还将看到这种积极的安全防御是如何帮助各种响应机制,是如何交付智能化、高度关联的防御。

    8月24日(周三)| 时长60分钟 | 北京时间 14:00
    演讲人: 周德振(Adam), 高级解决方案顾问, Akamai Technologies
    主持人: 毛宇, CISSP, AMBCI, CCNP, PRINCE2, (ISC)²官方授权讲师


    *This webinar will be conducted in Mandarin
  • New Legal Requirements for Mobile Security – EMM is not Optional New Legal Requirements for Mobile Security – EMM is not Optional Ojas Rege, MobileIron VP Strategy, and Carl Spataro, MobileIron Chief Privacy Officer Recorded: Aug 23 2016 36 mins
    As of 2016, California requires all companies, no matter where they are based, to implement a minimum set of mobile security controls if they process sensitive personal information about California residents. Spend 30 minutes with us on how to comply with these new requirements. Review the California Data Breach Report for the new requirements.

    This webcast is for Mobile IT and information security professionals and their legal and compliance teams. This webcast will cover:

    The foundational security controls now required by law
    How these controls are applied to mobile
    Best practices to achieve compliance
    The central role of Enterprise Mobility Management (EMM)
  • Screen Sharing Worth 1000 Chats Screen Sharing Worth 1000 Chats Donald Hasson Recorded: Aug 23 2016 38 mins
    Chat is an excellent channel to improve service desk productivity, but when dealing with complex issues, it’s sometimes not enough. If your chat solution is implemented in a standalone silo, then customers may have to transfer to phone support when their issues go beyond the point of text, resulting in a disjointed customer experience. But if the chat transitions directly into a screen-sharing session, the support agent can instantly see and resolve the issue while maintaining a seamless conversation. This session will outline how to increase the value and power of chat through integrating it with other solutions such as remote support, knowledge bases, CRM and more. Turn your service desk into a one-stop-shop with a modern, integrated approach to support.
  • Hunting for Threats: tips and tricks for SOC experts Hunting for Threats: tips and tricks for SOC experts Matias Bevilacqua, Mandiant Principal Consultant Recorded: Aug 23 2016 49 mins
    Many Security Operation Centers operate in a reactive mode. They primarily respond to alerts that are being presented to them by implemented detection technologies. And we all know alerts are generated in overwhelming volumes, severely crippling SOC’s effectiveness and efficiency. Today’s threat landscape requires SOCs to operate ever more proactively to keep up with the threat actors. More and more SOCs therefor are actively ‘hunting’ for threats that may be residing in the environment they are to defend. ‘Hunting' however requires a different approach from the traditional, reactive mode, not least for the SOC experts themselves.

    Join Matias Bevilacqua, Mandiant Principal Incident Response Consultant, as he discusses tips and tricks for hunting for those lurking threats: what to look for, what tools to use, etc.? You will leave the session with some hands-on material to start turning over stones and uncover threats you never knew were there.
  • eSummit Session 3: Under the Shadow of the Cloud eSummit Session 3: Under the Shadow of the Cloud Rik Ferguson, Vice President Security Research, Trend Micro, Adrian Davis, Managing Director, (ISC)² EMEA Recorded: Aug 23 2016 49 mins
    This presentation will enumerate some of the risks, old and new, of migrating to a cloud infrastructure as well as the risks posed by consumer and employee “cloud creep”. I will detail how your business could impacted and illustrate some architectural and procedural changes that can help to mitigate these risks.
  • eSummit Session 2: Cloud Breach – Detection and Response eSummit Session 2: Cloud Breach – Detection and Response Matthias Maier, Product Manager EMEA, Splunk, Adrian Davis, Managing Director (ISC)² Recorded: Aug 23 2016 47 mins
    Your next breach or insider attack will most likely have you digging for evidence in the cloud. Are you prepared? The old styles of imaging disks and tapping networks won't work. They will not scale. Join this webinar to discover response scenarios for cloud enabled and cloud dependent enterprises, a model for preparing for cloud response and examples of cloud breach investigations.
  • eSummit Session 1: Protecting Cardholder Data in the Cloud – A PCI Perspective eSummit Session 1: Protecting Cardholder Data in the Cloud – A PCI Perspective Jeremy King, International Director PCI Security Standards Council, Adrian Davis, Managing Director (ISC)² Recorded: Aug 23 2016 46 mins
    With more and more organisations using the services of a cloud provider, what impact does this have on securing Cardholder Data. This presentation will give an general overview of the PCI SSC, and then focus specifically on the issues relating to storing data in the cloud. Especially it will look at the key issues of “Who is responsible?” and “What happens when there is a data breach”. In addition the presentation will look briefly at the impact of the recent GDPR on cloud storage and cloud providers.
  • Social Engineering - Are you the weakest link? Social Engineering - Are you the weakest link? Greg Iddon, Technologist, Sophos Aug 30 2016 1:00 pm UTC 60 mins
    Social Engineering has been around for as long as the crooks have but in a modern online world, running a con game has never been easier. And that’s why we need to be savvy.

    A social engineer can research you on Facebook and LinkedIn; read up about your company on its website; and then target you via email, instant messaging, online surveys…and even by phone, for that personal touch. Worse still, many of the aspects of a so-called “targeted attack” like this can be automated, and repeated on colleague after colleague until someone crumbles.

    Greg Iddon will take you into the murky world of targeted attacks, and show you how to build defences that will prevent one well-meaning employee from giving away the keys to the castle.
  • Managing Cyber Risk From Third Party Contractors Managing Cyber Risk From Third Party Contractors Jake Olcott Aug 30 2016 3:00 pm UTC 60 mins
    Many recent data breaches have exploited security weaknesses in the networks of third parties to attack businesses. With supply chains growing and business functions increasingly outsourced, the number of third party organizations with access to your company’s most sensitive data has increased dramatically. How should organizations assess and manage the cyber risk by their vendors and suppliers? What kinds of policies and controls should organizations put in place in order to mitigate third party cyber risk? How can organizations continuously monitor the cybersecurity performance of their critical vendors in real time?

    Getting familiar with third party cyber risk management best practices and industry standards is a good start towards mitigating cyber risk for your organization. Join Jake Olcott, VP of Business Development as he discusses these topics and more.
  • Entendiendo los Cambios de PCI DSS 3.2 Entendiendo los Cambios de PCI DSS 3.2 Miguel Arévalo, Managing Consultant y Diana Elizabeth Rodriguez Sanchez, LAC Sales Manager Aug 30 2016 4:00 pm UTC 60 mins
    La versión 3.2 del PCI DSS (Payment Card Industry Data Security Standard) ha sido anunciada - las organizaciones que deben cumplir precisan entender los cambios y sus implicaciones. Participe de nuestro webinar para entender más sobre por qué fue lanzado tan rápido y cómo puedes parar mejor a tu organización.

    Aprenda sobre:
    • El alcance de la nueva versión PCI DSS 3.2
    • ¿Qué significa para su negocio?
    • ¿Por qué deberías implementar los cambios, aunque no sean mandatorios?
    • ¿Qué puede venir en el futuro próximo?
  • RANSOMWARE SURVIVAL GUIDE RANSOMWARE SURVIVAL GUIDE Jennifer Cheng Director, Product Marketing, Proofpoint Aug 30 2016 5:00 pm UTC 60 mins
    What every organization needs to know before, during, and after a ransomware attack.

    Ransomware has one goal: to get your money. It locks away files until payment is made. Ransomware attackers collected more than $US 209 million from victims during the first three months of 2016 alone, with the volume of attacks 10 times higher than all of 2015.

    Ransomware makes headlines when hospitals are taken offline or police departments pay cybercriminals to decrypt their files. Proofpoint has unparalleled visibility into the advanced threats, including ransomware, that are aimed at organizations today. Proofpoint can dynamically analyze and block in real-time the malicious URLs and attachments that can evade antivirus and reputation filters to deliver ransomware.

    Join Jennifer Cheng, Director, Product Marketing, Proofpoint for this webinar to learn how to defend against ransomware with our anti-evasion technology.

    •Why ransomware is surging.
    •Where it comes from.
    •What to do before, during, and after an attack.
    •Should you pay or not? What to consider.

    Exploit kits don’t stop. Neither should your business.
  • Breach Detection Systems – Product Selection Guide Breach Detection Systems – Product Selection Guide Jason Pappalexis Aug 30 2016 6:00 pm UTC 45 mins
    Understand Breach Detection System selection criteria and what enterprises should consider prior to purchase.
  • Ask the Experts: Realizing the Value of Microsoft Azure  Ask the Experts: Realizing the Value of Microsoft Azure  Evelyn Padrino, Group Product Marketing Manager, Microsoft Aug 30 2016 6:00 pm UTC 60 mins
    Tune in for the latest in our Ask the Experts Series! This session is all-about-Azure: cloud computing and PaaS for the enterprise. During this session we will show you how and why to use the benefit/credit that comes with your Visual Studio Subscription.

    In this webcast, you will learn:

     about other available Azure programs
     application development tests on Azure
     what other customers are doing on Azure and how it is paying large dividends
  • Wise-Up: Exclusive Session on SAP Hybris Learning Maps Wise-Up: Exclusive Session on SAP Hybris Learning Maps Colin Bailey Aug 31 2016 10:00 am UTC 30 mins
    In this 30 min webcast you will get an overview of how SAP Hybris enriches the digital transformation plus a detailed walk through of how you can get enabled. Join us to see how simple it is through our personalised learning maps.
  • Emerging Issues and Trends in FCPA and Global Anti-Corruption Programs Emerging Issues and Trends in FCPA and Global Anti-Corruption Programs Steven Parker, Managing Director-Experis Hong Kong/AsiaPac; Ed Williams, Sr. Manager-Experis Finance Risk Advisory Services Aug 31 2016 3:00 pm UTC 60 mins
    The Foreign Corrupt Practice Act (FCPA) is here to stay. So, too, is the expanding landscape of anti-corruption regulations, enforcement and media scrutiny around the world. Today, more than ever, companies operating domestically and internationally should understand their corruption risks and have effective programs in place to mitigate those risks. This webinar goes beyond an overview of the FCPA to a practice discussion of what your organization can do to help provide senior leadership, the Board, investors, customers and other stakeholders assurance your company is operating ethically and corruption-free across the globe.

    After attending this webinar, you will be able to:
    •Describe the ever changing landscape of anti-corruption legislation and enforcement around the globe
    •Help your organization assess the design and effectiveness of your existing FCPA and global anti-corruption programs against regulatory requirements and leading compliance practices
    •Develop a comprehensive global anti-corruption risk assessment model tailored and scaled to fit your organization
    •Learn of various tools and resources available to assist in your global anti-corruption compliance efforts
    •Understand the specific and unique risk landscape of doing business in China
  • Ransomware is Here: Fundamentals Everyone Needs to Know Ransomware is Here: Fundamentals Everyone Needs to Know Jeremiah Grossman, Chief of Security Strategy Aug 31 2016 3:00 pm UTC 45 mins
    If you’re an IT professional, you probably know at least the basics of ransomware. Instead of using malware or an exploit to exfiltrate PII from an enterprise, bad actors instead find valuable data and encrypt it. Unless you happen to have an NSA-caliber data center at your disposal to break the encryption, you must pay your attacker in cold, hard bitcoins—or else wave goodbye to your PII.

    Those assumptions aren’t wrong, but they also don’t tell the whole picture. Hear from Jeremiah Grossman, SentinelOne’s Chief of Security Strategy and a 20-year cybersecurity veteran, in this on-demand webinar that will explore the foundations of ransomware, and why you truly need to worry.
  • Webcast: Do More with ESET Remote Administrator Webcast: Do More with ESET Remote Administrator Ben Reed, Sr. Technical Content Strategist and Sales Engineer Aug 31 2016 5:00 pm UTC 60 mins
    5 ways to do more than JUST manage your AV

    IT Asset Management
    Track Hardware, OS info, Serial Numbers, and Logged-in users across your entire organization

    Software Management
    Applications installed in last 7 days
    Applications versions installed across organization to maintain a good security policy

    Remotely install and uninstall any software
    Automate Software Install and Uninstall based off pre-defined rules

    Update Management
    Manage Windows/Mac and Linux Updates

    User Notification/Communication
    Notify users when downtime will occur
    Notify users when they do something against company policy

    Troubleshoot Users Computers
    Utilize SysInspector to troubleshoot what might be going wrong with a computer.
  • Office 365 Security: How to safeguard your data Office 365 Security: How to safeguard your data Greg Schaffer, CISO for FirstBank & Rich Campagna, VP of Products for Bitglass Aug 31 2016 5:00 pm UTC 60 mins
    Public cloud apps like Office 365 are being widely adopted in every major industry, with security & compliance at the top of the list of concerns. In this webinar, Greg Schaffer, CISO at FirstBank and Rich Campagna, VP of Products at Bitglass, will provide practical cloud security advice that you can apply immediately in your organization. Focusing on O365 but offering a broad view, Greg and Rich will cover top concerns, mitigating controls and will give examples of how your peers have responded to the cloud security challenge.
  • Roundtable:Threats, Vulnerabilities & Actors: (ISC)² Security Congress EMEA 2016 Roundtable:Threats, Vulnerabilities & Actors: (ISC)² Security Congress EMEA 2016 Aviram Zrahia, Juniper Networks, Dominique Brack, Swisscom, Alexander Haynes, CDL, Adrian Davis, (ISC)2 EMEA Sep 1 2016 11:00 am UTC 60 mins
    Offering a preview of what to expect from Track 2 of Security Congress EMEA, this session brings together speakers that examine varied developments in the threat landscape. Tackling trends from the role of social engineering in Industry 4.0 to the latest Tactics and Drivers behind DDoS Attacks and the Casino-style tactics deployed by hackers, delegates will gain both an overarching view of current concerns from the front- lines of defence, and an opportunity to examine a few questions that are rattling the security industry today:
    Is it time to accept breach as inevitable?
    Are we prepared for the aftermath?
    Should we welcome vulnerability disclosure?
    Can we do a good job of sharing and warning each other?
  • Drive ITSM improvements with SAM intelligence Drive ITSM improvements with SAM intelligence Guests Elinor Klavens & Robert Stroud Forrester Research and Snow Software Experts Per Skanne and Barry Friedman Sep 1 2016 3:00 pm UTC 60 mins
    You’ve got the service desk, you’ve got the team, you’re managing the calls. But is your ITSM function efficient and effective?

    Join Snow, along with guest speakers Elinor Klavens and Robert Stroud from Forrester who present in our webinar “Drive ITSM improvements with SAM intelligence” as they explain the best practices in integrating SAM and ITSM tools and why Software Asset Management (SAM) solutions are pivotal to the smooth running of today’s enterprises.

    This webinar will highlight how ITSM leaders can benefit from advanced SAM technologies, including:
    •Multi-platform audit data
    •Cleansed & normalized software inventory.
    •Self-service technologies for software requests & deployments
  • How Software Eats Hardware in the Datacenter: Reducing Cost and Complexity How Software Eats Hardware in the Datacenter: Reducing Cost and Complexity Andy Ryan, Cloud Solutions Architect at vArmour Sep 1 2016 5:00 pm UTC 45 mins

    As organizations move to virtual data centers and multi-cloud environments in a dangerous threat climate, they are faced with new security challenges they must overcome. But, they must do this without exponentially increasing the manpower, products, or resources they need, so they still get the most of their valuable security budgets. These challenges include:

    -Improving visibility inside data centers and cloud
    -Reducing the attack surface
    -Maintaining regulatory compliance standards.


    vArmour will explore trends in data center security that include the rise of software to replace firewalls inside the data center, segmentation and micro-segmentation as security techniques, and shifting ideas about software defined networking that:

    -Eliminate under-utilized zones and choke points
    -Avoid costly hardware refresh cycles and on-going maintenance
    -Lower the time it takes to see and stop threats
    -Reduce the time and complexity to process security changes
    -Increase speed of secure application delivery


    Andy Ryan, Cloud Solutions Architect at vArmour
  • Enterprise Knowledge & Unified Communications Drives Impact Enterprise Knowledge & Unified Communications Drives Impact Microsoft Sep 1 2016 6:00 pm UTC 60 mins
    Get your employees in the loop with easily accessible knowledge!

    Some of the biggest drains on employee productivity and engagement come from one thing: a lack of available knowledge. Whether its an IT, HR, or customer service question, having to search multiple places for the answer, or contact another employee for it, wastes valuable time and effort. Having the right knowledge in the right place at the right time empowers people to work better, and the latest advancements in cloud applications and collaboration tools can help.

    In this webcast, you will learn how to:

     Increase employee engagement, productivity, and satisfaction by providing easy access to a consistent, authoritative, and searchable knowledge base.

     Reduce service cost and effort by deflecting questions from high cost channels (assisted-service) to more cost effective channels (self-service) for “help desk” functions enterprise–wide, including HR, IT, Compliance, Finance, Customer Service, and more.

     Reinforce adherence to policies and procedures by making corporate compliance guidelines easily available to all employees.
  • S'entraîner, se préparer, se juger, réagir face aux attaques ciblées S'entraîner, se préparer, se juger, réagir face aux attaques ciblées David Grout, Technical Director, Southern Europe, FireEye Sep 2 2016 9:00 am UTC 45 mins
    Aujourd’hui la question n’est plus “vais-je être victime d’une attaque ou d’une tentative d’attaque ? » mais plutôt « quand vais-je l’être ? ». Comme pour le sport de haut niveau, la gestion de la sécurité d’une infrastructure nécessite de la préparation, de l’entrainement et de la compétition. Fort de notre expérience en victimologie avec nos équipes Mandiant et de notre vision des groupes d’attaquants à travers Isight Partners, nous avons mis en place différents programmes qui vous permettent d’être prêt le jour J et de régir le cas échéant. Venez découvrir comment nous pouvons vous accompagner dans toutes les phases amont et aval à travers nos prestations de consulting.
  • Manage any device, anywhere from a single console with HEAT LANrev Manage any device, anywhere from a single console with HEAT LANrev Margreet Fortune Sep 6 2016 9:45 am UTC 60 mins
    HEAT LANrev was Highly Commended in the recent Computing Vendor Excellence Awards in London - Mobile Management category.
    With the fragmentation of technology platforms and proliferation of mobile devices organisations today need a unified management approach for smart connected devices. Join this session to learn how HEAT LANrev can provide end to end multi-platform support for Windows, Mac, Linux, iOS and Android.
  • The FCA Says the Cloud is OK The FCA Says the Cloud is OK Greg Hanson, CTO & VP Cloud EMEA, Informatica & Andrew Joss, Head of Industry consulting – Financial Services, Informatica Sep 6 2016 1:00 pm UTC 60 mins
    The Financial Conduct Authority (FCA) has released guidance for all Financial Services Institutions considering outsourcing to the Cloud, advising a Hybrid or Cloud deployment fosters innovation which can be a driver for effective competition.

    Using a third party provider to integrate with cloud software can open a new world of opportunities including cost efficiencies, increased security and a more flexible infrastructure capacity. These benefits support effective competition.

    Join this webinar and learn:

    1.Trends and drivers of change in Financial Services
    2.The latest guidance, from the FCA, for firms outsourcing to the ‘cloud’ and what it means
    3.Cloud, Hybrid and on-Premise – why no one size fits all and why that’s ok
    4.The benefits and the opportunity available to Financial Services Organisations
  • 2016 Threat Analysis: Learning from Real-World Attacks 2016 Threat Analysis: Learning from Real-World Attacks Matt Webster, CTU Security Researcher, SecureWorks Sep 6 2016 1:00 pm UTC 45 mins
    SecureWorks® incident responders assist hundreds of organisations annually with the containment and remediation of threats during suspected security incidents.

    Visibility of these incidents provides the SecureWorks Counter Threat Unit™ (CTU) research team with a unique view of emerging threats and developing trends. This Threat Intelligence is then continuously provided to clients, arming them with the information they need to stay one step ahead of adversaries trying to compromise their networks.

    In this webcast Matt Webster, CTU Security Researcher, will discuss developments in the threat landscape observed through SecureWorks’ Incident Response engagements from April to June of 2016, including;

    - Key developments of the APT threat
    - Criminal cyber threat trends
    - Developments in Ransomware

    Matt will also discuss observations of how the affected organisations could have better prepared for the threats they encountered.
  • Risk in the Boardroom Risk in the Boardroom Ian Beale, Carolyn Saint and Louis Cooper Sep 6 2016 2:00 pm UTC 75 mins
    CEB's Ian Beale presents a 60 minute webinar on 'Risk in the Boardroom' with guest speakers: Carolyn Saint, CAE, University of Virginia and Louis Cooper, IRM approved trainer and Chief Executive of the Non-Executive Directors' Association
  • Experts show how hackers perform web attacks which kills your site ranking Experts show how hackers perform web attacks which kills your site ranking Leon Brown - Product Marketing, Symantec Website Security & Avishay Zawoznik - Security Researcher, Imperva Incapsula Sep 6 2016 3:00 pm UTC 45 mins
    After a brief introduction to the world of SEO, we will dive into the different types of web application attacks and manipulations that are made to either degrade your competitor’s ranking or raise your own.
  • The Internet of Things Requires a Security Rethink The Internet of Things Requires a Security Rethink Zeus Kerravala, Founder and Principal Analyst at ZK Research Sep 6 2016 6:00 pm UTC 45 mins
    The IoT Is Making Status Quo Network Security Obsolete

    The number of devices in the Internet of Things (IoT) category is exploding—adding billions of devices to networks every year that lack native security capabilities. Please join us as ZK Research Founder and Principal Analyst Zeus Kerravala discusses the Internet of Things and suggests ways to deal with IoT-related security challenges, including:
    • Why traditional perimeter defenses are no longer relevant and how IoT devices can circumvent conventional firewalls
    • The lack of IT and OT alignment—a major issue given that the IoT connects everything to a common network
    • The role agentless visibility and control play in finding, classifying and securing network-attached IoT devices
  • Stop Reading the WSJ and Focus on Your Cyber Risks Stop Reading the WSJ and Focus on Your Cyber Risks Jay Schulman, Principal Security and Privacy at RSM US LLP Sep 6 2016 6:00 pm UTC 45 mins
    Too many organizations are focused on what issues others are having and don't pay enough attention to what inherent cybersecurity risks they are facing.
    Today's speaker, Jay Schulman, Principal Security and Privacy at RSM US LLP will walk through a concept called "Organizational Threat Modeling." Learn to take a holistic approach to security and look at the overall threats to the organization and then determine a method to address, accept or hedge risks.
  • What is the Microsoft Government Cloud? What is the Microsoft Government Cloud? Alex Starykh & Chris Niehaus Sep 6 2016 6:00 pm UTC 30 mins
    Government organizations are undergoing a digital transformation. Across the U.S., government agencies are embracing the cloud, mobile computing, big data, and other advanced technologies to radically reduce operational costs and improve delivery of government services to citizens.

    Microsoft, and its ecosystem of cloud solution providers, is uniquely positioned to help federal, state, and local government organization make this transformation. The Microsoft Government Cloud is among the most complete and secure cloud designed to meet the demands of U.S. government organizations.
  • 보안이상징후 및 내부정보 유출을 방지하기 위한 프로파일링의 기반의 이상 행위 분석을 통한 보안 전략 보안이상징후 및 내부정보 유출을 방지하기 위한 프로파일링의 기반의 이상 행위 분석을 통한 보안 전략 홍세진, 부장, HPE 소프트웨어 보안사업부, 휴렛팩커드 엔터프라이즈(HPE) Sep 7 2016 5:00 am UTC 60 mins
    공격자들은 지하 시장에서 점점 전문화 , 조직화하고 있으며, 공격 기법도 무서운 속도로 고도화하고 있습니다.
    정보 보호 업체인 “Websense Security Labs”이 미국, 영국, 캐나다, 호주의 IT관리자 1,000명 을 대상으로 조사한 결과 보고서에 따르면 대부분의 데이터 유출 사고는 “인가된 사용자”에 의해 이루어지고 있다고 합니다.
    또한 그 동안 국내/외 많은 보안 사고 사례를 통해 알 수 있듯이 대부분의 정보 유출 사고는 탈취된 정상 사용자 계정 권한을 이용해서 이루졌다는 사례를 언론 등을 통해서 접할 수 있었습니다.

    정보 유출 사고 예방을 위해 대부분의 보안 담당자는 이러한 알려진/알려지지 않은 다양한 보안 위협과 고도화된 내/외부에서 발생되는 위협을 식별 및 대응을 위한 위협 관리 체계의 필요성을 느끼고 있으며, 가트너에서는 향후 내/외부 다양한 보안 위협 예측 그리고 예방을 위해User Behavior Analytics (UBA) 사용은 필수이며, 2018년까지 최소 25%이상의 보안사고가 UBA 기술에 의해 탐지될 것이라고 리포트를 통해 예측하고 있습니다.

    프로파일링 기반 이상행위 분석은 정상적인 사용자 및 시스템의 행동과 적절한 연관성의 정상 기준선을 설정하고 사용자 및 동료 그룹 간 이상 현상을 실시간으로 분석을 통해 권한 보유 사용자의 비정상 행위를 시각화 및 위협 예측 그리고 예방합니다.

    또한 전체 IT 환경에 대한 보안을 더욱 민첩하고 지능적으로 변모하도록 요구하고 있으며, SIEM 보안 플랫폼과 연계 가능하며 UBA 기술은 알려진 위협과 알려지지 않은 위협에 관한 조치 가능한 정보를 생성하여, 사용자 및 시스템에 대한 세부적인 가시성을 제공함으로써 위협을 선제적으로 대응할 수 있는 보안 인텔리전스와 내부 위협를 보다 신속하게 해결할 수 있습니다.