Hi [[ session.user.profile.firstName ]]

Six Critical Elements to Ensure Pain-Free FISMA Compliance

Federal CISOs note compliance as one of their top three priorities with significant time spent on addressing compliance issues. This is exacerbated by the complexity of today’s IT environment, including physical and virtual environments, multiple operating systems and applications supported, and the
Federal CISOs note compliance as one of their top three priorities with significant time spent on addressing compliance issues. This is exacerbated by the complexity of today’s IT environment, including physical and virtual environments, multiple operating systems and applications supported, and the mobility of data and users. A FISMA compliance approach that relies on a manual and labor-intensive process can produce mountains of paper and electronic documents that become quite burdensome to manage and ultimately don’t ensure a secure network. It’s no surprise then, that in a recent ISC2 survey, while FISMA is generally viewed as having had a positive effect, two in five CISOs believe it has become misdirected or is a time-wasting exercise.

In this Lumension webcast you will learn:
•About FISMA and its requirements
•The six critical elements necessary to reduce the burden of FISMA compliance processes, improve security and optimize resources
•How to apply these critical elements to achieve economical FISMA compliance
Recorded Jan 21 2010
60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Michael Rasmussen, Corporate Integrity; Jeff Hughes & Steve Antone, Lumension
Presentation preview: Six Critical Elements to Ensure Pain-Free FISMA Compliance
Recommended for you:
  • Date
  • Rating
  • Views
  • GDPR Summary:  Why encryption and other measures are now a must? GDPR Summary: Why encryption and other measures are now a must? Adrian Davis, MD (ISC)² EMEA; Jason Hart, CTO Gemalto; Tom De Cordier, Lawyer and Partner, CMS DeBacker Recorded: May 24 2016 62 mins
    Until recently, EU data protection laws mainly focused on data subject consent, proportionality, purpose limitation, transparency, etc. Information security, however, was very often deemed to be an area for the techies, not an area of legal compliance.
    This will change as a result of two recent and major pieces of EU legislation: the General Data Protection Regulation (GDPR) and the Network and Information Security Directive (NIS Directive).
    Under the GDPR and the NIS Directive, businesses and operators of essential services (eg. hospitals; airports; etc.) will have to implement robust information and system security measures. In addition, the new rules contain a new name-and-shame mechanism: businesses and operators will have to inform the relevant authorities of security incidents. And they will have to inform the affected data subjects, unless the affected data were rendered unintelligible (for example by means of encryption).
    Finally, the EU wants the new data protection rules to become a board-level issue and it has therefore decided to make the rules subject to hefty fines:
    •If a business fails to comply with its data security obligations under the GDPR, it may get a fine of up to 10,000,000 EUR or 2 % of its total worldwide annual turnover, whichever is higher.
    •Worse even, if a business is found to be in breach of certain other obligations under the GDPR, the fine may go up to a dazzling 4 % of its total worldwide annual turnover.
    During this webinar, you will learn from Jason Hart, CTO at Gemalto and Tom De Cordier, an expert in data protection and information security law at CMS in Brussels, what the new rules mean in practice and what businesses should do to bring themselves in line with the upcoming requirements.
  • GDPR Summary:  Why encryption and other measures are now a must? GDPR Summary: Why encryption and other measures are now a must? Adrian Davis, MD (ISC)² EMEA; Jason Hart, CTO Gemalto; Tom De Cordier, Lawyer and Partner, CMS DeBacker Recorded: May 24 2016 62 mins
    Until recently, EU data protection laws mainly focused on data subject consent, proportionality, purpose limitation, transparency, etc. Information security, however, was very often deemed to be an area for the techies, not an area of legal compliance.
    This will change as a result of two recent and major pieces of EU legislation: the General Data Protection Regulation (GDPR) and the Network and Information Security Directive (NIS Directive).
    Under the GDPR and the NIS Directive, businesses and operators of essential services (eg. hospitals; airports; etc.) will have to implement robust information and system security measures. In addition, the new rules contain a new name-and-shame mechanism: businesses and operators will have to inform the relevant authorities of security incidents. And they will have to inform the affected data subjects, unless the affected data were rendered unintelligible (for example by means of encryption).
    Finally, the EU wants the new data protection rules to become a board-level issue and it has therefore decided to make the rules subject to hefty fines:
    •If a business fails to comply with its data security obligations under the GDPR, it may get a fine of up to 10,000,000 EUR or 2 % of its total worldwide annual turnover, whichever is higher.
    •Worse even, if a business is found to be in breach of certain other obligations under the GDPR, the fine may go up to a dazzling 4 % of its total worldwide annual turnover.
    During this webinar, you will learn from Jason Hart, CTO at Gemalto and Tom De Cordier, an expert in data protection and information security law at CMS in Brussels, what the new rules mean in practice and what businesses should do to bring themselves in line with the upcoming requirements.
  • Social Engineering: Is that a Pwn Plug in Your Pocket? Social Engineering: Is that a Pwn Plug in Your Pocket? Peter Wood Recorded: May 24 2016 44 mins
    Most organisations are surprised by the ease with which social engineering defeats their security. The human factor provides a simple and effective route to bypass even the best hardware and software security controls, yet is commonly overlooked or considered too difficult to solve. Peter will share a number of real examples to reinforce his opinion: as more and more data breaches are published, perhaps it’s time to become creative and strengthen the human firewall.
  • Como garantir os SLAs de disponibilidade dos seus ambientes NAS e Big Data Como garantir os SLAs de disponibilidade dos seus ambientes NAS e Big Data Luis Feitor - Commvault Senior Systems Engineer Recorded: May 24 2016 40 mins
    Os dados não estruturados das empresas são cada vez mais um ativo imprescindível para os serviços e processos de negócio. No entanto, o seu crescimento exponencial faz com que as tecnologias tradicionais de proteção deste tipo de dados sejam não só ineficientes, como ainda incapazes de responder às necessidades de disponibilidade em ambientes empresariais.

    Neste webinar, iremos ver três áreas de inovação da Commvault que permitem responder às necessidades de proteção de dados não estruturados:

    -Na primeira parte, iremos mostrar as novidades da tecnologia IntelliSnap, que permite a integração com novos fabricantes de Storage e a gestão de réplicas de volumes; falaremos ainda da nova tecnologia de captura de blocos, que amplia o conceito de proteção contínua e consistente, a qualquer tipo de sistema de ficheiros e de base de dados, para dispor de um número ilimitado de pontos de recuperação de acesso nativo.

    -Na segunda parte, veremos como a nova versão do software da Commvault expande as suas capacidades a ambientes de Big Data. De acordo com a Gartner, mais de três quartos das empresas têm iniciativas de Big Data, e portanto a necessidade de gerir a disponibilidade destes dados é um desafio que se deve resolver a curto prazo.

    -Por último, iremos mostrar como as soluções NAS hiperescaláveis exigem tecnologias inovadoras para poder garantir a proteção e acesso aos dados que armazenam.

    Junte-se a nós para ficar a saber como a Plataforma de Gestão de Dados da Commvault lhe permite cumprir os seus SLA de disponibilidade de dados não estruturados, independentemente da tecnologia que escolha para armazenar e gerir estes ativos do seu negócio.
  • GDPR and the impact it will have on your organization GDPR and the impact it will have on your organization David Moseley, Chris Bridgland & Tamzin Evershed Recorded: May 24 2016 59 mins
    We look at how ready EU businesses are for the impending data privacy revolution and how a holistic approach to Information Governance not only helps you prepare for the regulation, but brings agility and innovation back to your IT systems.
  • 『ベトナム:アジアの次なるエマージングマーケットにおけるリスクとビジネスチャンス』 『ベトナム:アジアの次なるエマージングマーケットにおけるリスクとビジネスチャンス』 影山正:シニア・マネジング・ディレクター、アジア太平洋地域統括責任者、坂出國雄:マネジング・ディレクター、ジャパンデスクヘッド、オットー マンフレッド 倉雄:ドウェイン・モリス・ベトナム法律事務所 Recorded: May 24 2016 89 mins
    ベトナムは、アジア太平洋地域のなかでも引き続き海外からの直接投資が多い国のひとつです。堅調なGDP増加、多くの自由貿易協定、インフラ改善、多い若年層、安価な労働力といったマクロ経済視点での好材料がビジネスを呼び込む要因となっています。一方で今年1月に開催された第12回共産党大会で選出された新指導部の動向は、投資家にとって不確定要素やリスクが残ります。また、南シナ海を巡る地政学的な状況についてもベトナムでビジネスを展開する際の懸念材料であり、さらに、政府による情報統制は、ディールの行使に際して大きな課題となっています。

    投資先としてのベトナムについて、クロールのシニア・マネジング・ディレクター、アジア太平洋地区統括責任者である影山正と、マネジング・ディレクター、東南アジアのジャパンデスク・ヘッドである坂出國雄がセミナーを開催し、クロールが過去にベトナムで行なった調査を踏まえながら、ベトナムでのビジネス上および政治上のリスク、新指導部の動向、自由貿易協定が海外からの投資に与える影響、事業運営する際の留意点やビジネスリスクについて紹介します。皆様のご参加を心よりお待ち申し上げております。
  • PWC and Palo Alto Networks Discuss Security Framework PWC and Palo Alto Networks Discuss Security Framework Chad Kinzelberg, SVP of Business Development at Palo Alto Networks and David Burg, Global Cybersecurity Leader at PWC Recorded: May 23 2016 59 mins
    Palo Alto Networks and PwC have established a strategic partnership to help customer organizations build security architectures, organizational structures, and computing processes optimized to prevent successful cyber breaches.

    At the core of this partnership is a jointly-developed state-of-the-art security framework, designed to assist corporate executives and boards of directors address the people, process, and technology elements of managing cybersecurity risk.

    To learn more about the framework and the value it can bring to your organization, register to attend this webinar with Chad Kinzelburg, SVP of Business and Corporate Development at Palo Alto Networks and David Burg, Principal and Global & US Cybersecurity Leader at PwC.
  • Using Chef Compliance to Secure your Servers Using Chef Compliance to Secure your Servers Joe Gardiner, Field Solutions Architect, Chef Recorded: May 20 2016 33 mins
    Chef Compliance lets you express your compliance rules as code. You can easily run those rules as tests whenever you want. You get immediate feedback on whether your servers are configured as they should be.

    Chef Compliance scans your servers to see if they are configured in accordance with your rules and generates a report that identifies the issues it found. You can then use Chef to remediate those problems.

    In this webinar, Joe Gardiner will demonstrate how Chef Compliance works by scanning a default installation of RHEL 7.0 on the public cloud to see if it is CIS compliant. After the scan identifies the problem areas, Joe will use Chef to bring the server in line with the CIS benchmarks.

    You’ll also learn about an offer from Chef to help you perform a scan of your infrastructure and get you started on the road to compliance.
  • May 19th 2016 - PROTECT Webcast May 19th 2016 - PROTECT Webcast Edward Preston Recorded: May 19 2016 60 mins
    Join us on May 19th 2016 for the "Introducing PROTECT" webinar, offering a complete look at HOW our solution works to find threats that the others simply miss

    You'll learn:

    WHO CylancePROTECT was built to protect
    WHY math and machine learning are the future of security
    HOW CylancePROTECT catches what the others miss

    To reserve your spot, please register today!

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Six Critical Elements to Ensure Pain-Free FISMA Compliance
  • Live at: Jan 21 2010 6:00 pm
  • Presented by: Michael Rasmussen, Corporate Integrity; Jeff Hughes & Steve Antone, Lumension
  • From:
Your email has been sent.
or close
You must be logged in to email this