Browse communities
Browse communities
Presenting a webinar?

GRC Controls in Depth

Das Soumya, Senior Director, Product Marketing
Global companies and public sector organizations alike face increased scrutiny from regulators, auditors, shareholders, and trading partners to certify the integrity of their business processes and safeguard sensitive information such as customer and employee data. To effectively respond to these needs in a sustainable manner, organizations must leverage automated solutions to identify, analyze, and continuously monitor controls that govern how critical business applications are configured, who has access to which systems, and what type of transactions are being executed. Join Oracle to learn how a comprehensive and in-depth approach to controls management can help you meet regulatory obligations, establish best practices, minimize risk and inefficiency, and streamline internal and external audits.
Dec 2 2008
50 mins
GRC Controls in Depth
More from this community:

IT Governance, Risk and Compliance

  • Live and recorded (3389)
  • Upcoming (81)
  • Date
  • Rating
  • Views
  • L’ambiente dei tuoi clienti è sempre più complesso, Backup Exec 15 permette loro di esguire backup e recovery in modo semplice ed efficace, sempre e ovunque.
    Segui questo webinar e scopri come Backup Exec 15 può semplificare e rispondere alle esigenze delle diverse infrastrutture.
  • If your organization is reliant on a rapidly aging version of SQL Server, you need to join SQL Server experts Michael McCracken from HOSTING and Rodney Landrum, a Microsoft SQL Server MVP, from Ntirety for this in-depth discussion of the hows, whys and whats of upgrading from Microsoft SQL Server 200X to SQL Server 2014. The interactive webinar will cover:
    •The benefits of upgrading
    •Considerations to understand
    •How to smooth the transition
    •Q & A
  • Ingesting raw data into Hadoop is easy, but extracting business value leveraging exploration tools is not. Hadoop is a file system without a data model, data quality, or data governance, making it difficult to find, understand and govern data.

    In this webinar, Tony Baer, Principal Analyst of Ovum Research, will address the gaps and offer best practices in the end-to-end process of discovering, wrangling, and governing data in a data lake. Tony Baer will be followed by Oliver Claude who will explain how Waterline Data Inventory automates the discovery of technical, business, and compliance metadata, and provides a solution to find, understand, and govern data.

    Attend this webinar if you are:
    --A big data architect who wants to inventory all data assets at the field level automatically while providing secure self-service to business users
    --A data engineer or data scientist who wants to accelerate data prep by finding and understanding the best suited and most trusted data
    --A Chief Data Officer or data steward who wants to be able to audit data lineage, protect sensitive data, and identify compliance issues
  • Targeted malware, zero-day vulnerabilities and advanced persistent threats are increasingly responsible for data breaches. Why? Because they work. Most security products have a hard time protecting from advanced malware. This problem is compounded because attackers can easily mass produce new malware variants. What’s an IT person to do?

    Join us to learn key techniques to stop modern malware the first time. We will discuss:
    •What tactics work
    •Where to apply them
    •How to optimize cost, staffing and security.
  • Software defined architectures are all the buzz, helping to start conversations about transforming customer data centers from cost centers into competitive advantages. But in today’s economy, no business can afford to stand still. And a business is only as agile as its IT organization allows. An agile data center and IT department can:

    •Protect the infrastructure and easily recover if faults are found or predicted
    •Control access to data while meeting compliance and regulatory requirements
    •Deliver services quickly, resiliently, and cost-effectively

    Join us on at 10am GMT on 16th April 2015 and learn how Symantec’s view of the “Agile Data Center” covers delivering the right resources in the right way to the users. Whilst bringing a broader view on how you can introduce critical solutions and new revenues around disruptive customer events.
  • For years ClearCase was the standard for enterprise SCM. If you had a large number of developers and lots of projects ClearCase was a great choice, while ClearCase MultiSite provided basic support for distributed teams. Now industry trends are converging toward a new generation of development tools and processes. Today, continuous delivery brings agile development and DevOps together, promising much shorter development cycles and higher quality.

    Learn how moving from ClearCase to Subversion can improve your development processes and significantly reduce deployment cost and complexity. You'll also learn practical ClearCase to Subversion migration techniques.

    Topics Covered:
    • Differences and similarities between Subversion and ClearCase
    • How to merge in Subversion
    • Continuous delivery using Subversion: bringing agile and DevOps together for faster delivery and higher quality
    • ClearCase vs. Subversion in a distributed development environment
    • Migrating from ClearCase to Subversion
  • Recently cyber attacks against Industrial Control Systems (ICS) used by
    utilities and other Critical Infrastructure organizations have hit the
    newlines worldwide. Stuxnet is the best known cyber attack against an
    industrial installation, but it's not the only one.

    But what if cyber attacks were not the biggest threat to industrial
    networks and systems? Although malware is still a major point of
    interest, the sword of Damocles for critical industrial networks is
    represented by system misuse performed by disgruntled employees,
    contractors and vendors, as well as unintentional mistakes,
    network and system misconfiguration; all this could lead to the
    divergence or failure of critical processes.

    In this talk we will reshape the concept of ICS cyber security and will present our vision for a comprehensive approach to cyber security for ICS.
  • Adhering to international maritime sanctions requirements can be challenging in today’s regulatory landscape. Join Dow Jones Risk & Compliance and experts from HFW and Pole Star for a discussion on best practice in shipping compliance. Learn about regulatory developments -- including the latest UN Security Council communiques on "Sanctions compliance for the maritime transportation sector" -- and leverage case studies on the use of enhanced sanctions data and monitoring tools to mitigate sanctions risk.
  • As superfast connectivity becomes widely available, it will increase both data volume and velocity as well as new business opportunities. However, this dramatic leap forward will also result in new and potentially destructive activity online, which can affect an organisation’s defences both internally and within their supply chain. It has never been more important for businesses to assess and understand their critical infrastructure in an increasingly connected environment.

    During this webinar Steve Durbin, Managing Director of ISF Ltd, will discuss how businesses can update their resilience along with examining the role in securing the network boundary that investments in technology and third party provider programmes can play. This will necessarily include an assessment of cloud-based systems and the use of robust risk assessment methodologies.
  • An overview of how businesses can gain visibility into B2B transactions to speed decision-making, respond to changing customer and market demands, and optimize business processes.
  • Channel
  • Channel profile
  • Managing Cyber Risk In Your Vendor Ecosystem Apr 28 2015 5:00 pm UTC 45 mins
    Stephen Boyer, Co-Founder and CTO , BitSight; Mike Rothman, President, Securosis
    Sharing network access and sensitive information with your business
    partners could be putting you at risk of third-party breach. These
    breaches can be very damaging and may account for major losses in
    data, time, and resources. If you’re looking for a better risk
    management method, you’re not alone.

    Watch this webinar to will learn more about:

    - Security risks that could be facing your corporation today.
    - How you can utilize selection criteria to build the best solution.
    - Methods you can use to assess partner security risk.
    - How to make better risk-based decisions by factoring in the security
    posture of your organization.
  • Beware the Botnets: Botnets as an Indicator of Breach Likelihood Apr 28 2015 4:00 pm UTC 45 mins
    Stephen Boyer, Co-Founder and CTO , BitSight
    A 2015 PwC survey found that 96% of CEO’s in the US have indicated rising concern about data breaches - and rightly so. With the record-breaking breaches of 2014 barely behind us, organizations want to take steps to avoid becoming the next victim and are looking for signs that can indicate troubling performance. BitSight Technologies may have found one such indicator. Using their Security Ratings data, recent research shows a solid correlation between a company’s botnet grade and their likelihood of experiencing a publicly disclosed breach, demonstrating that Security Ratings are a powerful metric for communicating cyber risk across the enterprise.

    Join BitSight CTO and Cofounder Stephen Boyer to discuss this research and to learn why continuous security performance monitoring should be an essential part of your enterprise risk management strategy.

    Attendees will learn:
    -What is the correlation between botnet grades and publicly disclosed breaches
    -Why botnet grades vary across key industries and what the top infections are by sector
    -How Security Ratings are generated and the impact botnets and other risk vectors have on these security performance metrics
  • CyberTECH Securing the Internet of Things Forum San Francisco Apr 23 2015 6:00 pm UTC 75 mins
    Expert panel
    This panel of security experts will discuss the internet of things and what's keeping them up at night when they think about security in 2015. After an in-depth discussion, there will be live Q&A from the audience.

    Panelists include:
    Jennifer Bisceglie, CEO, Interos Solutions
    Robert Brese, Executive Partner, Gartner
    Tom Byrnes, Founder and CEO, ThreatSTOP
    Mike Coomes, SVP, Strategy and Development, CyberUnited
    Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator, The White House
    Ryan Gillis, Vice President, Cybersecurity Strategy and Global Policy, Palo Alto Networks
    Tim Gooch, CEO and Managing Director, iWebGate
    Ron Gula, CEO and Founder, Tenable Network Security
    Gary Hayslip, CISO, City of San Diego
    Co-Chair, CyberTECH
    Dr. Sung Hong, Technical Executive and Advisor, Polygon Lab, Stardust Motors and ENT
    Grant Jordan, President, Somerset Recon
    Jon Neiditz, Partner, Kilpatrick Townsend & Stockton
    Daniel Obodovski, Author, The Silent Intelligence
    Mark Rasch, CyberLaw Editor, SecurityCurrent.com
    Paul Rosenzweig, Principal, Red Branch Consulting
    Tom Sadowski, President and CEO, Economic Alliance of Greater Baltimore
    Kevin Sullivan, Technology and Policy Strategist, Microsoft
    Darin Andersen, Chairman and Founder, CyberTECH
  • Using Machine-Readable Threat Intelligence to Block Unknown Threats Apr 23 2015 5:00 pm UTC 60 mins
    Gartner Research Director Craig Lawson and Webroot Chief Technology Officer Hal Lonas
    Enterprises continue to struggle with network breaches, data theft, and other incidents, despite deploying layers of security technologies across their IT environments. One reason for these successful attacks is that many of the threats have never been seen before, and go undetected by traditional security technology. So how can an organization recognize these threats more quickly as they emerge? How does the organization ensure that information about the latest threats is available to drive fast response at the points of vulnerability? In this program, Gartner Research Director Craig Lawson and Webroot Chief Technology Officer Hal Lonas discuss how integrating machine-readable threat intelligence into your security infrastructure can help your organization block active attacks, and even predict where future attacks are likely to come from.
  • Overcoming the Barrier to Threat Intelligence Sharing Apr 23 2015 3:00 pm UTC 60 mins
    Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group, Rich Reybok: CTO
    Your organization is constantly under cyber attack that could - if unchecked - damage your business, customers, employees and reputation. To date, the ad-hoc sharing of cyber-threat information across industries is not well defined nor well structured and in many instances, sharing threat information relevant to your organization is not allowed due to privacy, workload constraints, outdated policies or legal concerns.

    Join Jon Oltsik, Sr. Principal Analyst with Enterprise Strategy Group, and Rich Reybok, CTO Vorstack Corporation, to understand the challenges that organizations face today with sharing threat intelligence and how to navigate them both internally and externally. Come to understand what’s changed in the last few years and the historical negative stigma of information sharing. This webinar can help answer the question “What does sharing threat intelligence really mean?” Following the overview and strategy, a brief discussion on the different approaches to sharing threat information and how secure sharing within your “trusted circle” can create a simple Cyber neighborhood-watch environment. This event is designed to help you overcome the hurdles that organizations have today – that of being able to receive the available collective knowledge, validate impending cyber-threats and access remediation solutions – all within the framework of stringent data access and privacy controls.

    What you will learn:

    -Issues organizations face when sharing threat information.
    -What’s changed that has created this “need” to share threat intelligence.
    -Definition of what sharing Threat Intelligence means in today’s world of cyber crime and attacks.
    -The new approaches available for successful and secure collaboration.
    -How to participate in a Cyber Neighborhood watch with trusted industry peers.
    -The benefits organizations can recognize from collaboration.
  • Deploying a "Magic Quadrant" Private Cloud-based Backup and Recovery Platform Apr 22 2015 7:00 pm UTC 45 mins
    Jack Pressman, Chief Technology Officer, Cyber Innovation Labs
    Information is the lifeblood of any business. If the data required to operate and maintain market presence becomes inaccessible, compromised, or worse – unrecoverable, the business impact could be devastating. Learn about the existing and emerging risks to your critical data infrastructure and business operations. What mitigation strategies are available and what considerations do you need to assess? How does the changing landscape for consumption of IT such as cloud, on-premise, and hybrid solutions effect survivability and securitization of your prized assets?
  • Hand to Cloud Data Security Apr 22 2015 6:00 pm UTC 60 mins
    Gary Watson
    Tech blogs are overflowing with examples of password hacks, data destruction, and data leakage. It’s time for a new approach. Imation’s recently-announced Secure Data Movement Architecture (SDMA) will safeguard your organization’s most valuable data against tampering, leakage, or loss - throughout its entire lifecycle including when it’s in the cloud or mobile devices, or anywhere in between. Join us as we give you a sneak peek into our new concept for painless data protection, and the rapidly evolving types of threats its meant to address.
  • Planning for anything: business continuity and disaster recovery Apr 22 2015 5:00 pm UTC 60 mins
    Mike Kunz, VP of Sales, StorageCraft
    Is your business prepared for a disaster? Join ESET and industry expert, StorageCraft, for a research overview presentation of modern business disasters. We'll look at the difference between back up and recovery and discuss best practice for building a recovery plan. Mike Kunz, VP of Sales with StorageCraft, will also look at specific solutions to quickly get your business up and running when disaster strikes.
  • Using Sequence Package Analysis to Detect Terrorism and Sedition Apr 22 2015 4:00 pm UTC 60 mins
    Amy Neustein, Ph.D. CEO and Founder Linguistic Technology Systems
    This webinar will demonstrate how Sequence Package Analysis (SPA), a new natural language method that utilizes a corpus of annotated training data comprised of a unique set of feature extractions, may detect early signs of terrorism and sedition. Using an SPA-designed BNF table consisting of sequentially-implicative (as opposed to syntactic) parsing structures, this natural language tool searches social media content and recordings of conversations of suspected terrorists to identify (and measure) collusion, collaboration, affinity with other terror or sedition suspects. Whereas conventional text mining methods are hindered by the speech system’s failure to identify keywords (most suspects intentionally refrain from the use of keywords that pinpoint location, names, dates and time), SPA is designed to work around these obstacles in which users refrain from referring to named entities that are likely to flag their communications as suspicious.
  • Securing Wi-Fi Networks - A System Approach Apr 22 2015 4:00 pm UTC 45 mins
    Kowshik Bhat, Director of Product Marketing, Xirrus
    Wi-Fi security attacks, hacking, stolen mobile devices – are these keeping you awake at nights? Are you surprised that Wi-Fi networks can be more secure than your wired networks? Wireless LAN has come a long way from the days of its inception with inadequate security.

    Contrary to common belief, security is not a single protocol or an appliance or an encryption. It is a system of different components working together to ensure your Wi-Fi network is secure and your confidential information is protected.

    Join this webinar to learn about

    - Advances in Wi-Fi security
    - Multi-layers approach to holistic protection
    - Controlling user and device access
    - Controlling applications
    -Xirrus security solutions
  • Leveraging the Hybrid Cloud for Complete Data Protection Apr 21 2015 5:00 pm UTC 45 mins
    Jayme Williams, Senior Systems Engineer, TenCate
    Jayme Williams, Senior Systems Engineer at TenCate is protecting eight environments across the US and Canada – and each site has different storage. All sites require disaster recovery and backup across the application set. Having one solution would be ideal, but not possible – until they came across Zerto.
    Zerto Virtual Replication is storage agnostic and made it easy to integrate a new site into their disaster recovery plan. Their original business continuity and disaster recovery (BC/DR) plan, affectionately named the “Hit by the bus” book due to its volume, has been greatly simplified and the service levels they are seeing are outstanding – single digit seconds for their recovery point objectives (RPO).

    Finally, they are incorporating public cloud into their IT plans by backing up their applications from their DR site to AWS. With one solution, they can achieve their BC/DR and backup SLA, while reducing costs and introducing public cloud into their IT strategy at a pace that supports changing business requirements.

    With Zerto Virtual Replication:
    •Manage all sites in one pane of glass with one tool for replication and automation of failover, failback and testing processes as well as backup
    •Increase efficiencies with the ability to track and manage consumption across the hybrid cloud
    •Hardware agnostic solution does not require a change in the infrastructure reducing costs
    •Consistency in the BC/DR solution dramatically reduces operational costs
    •Replicates between different types of storage and versions of VMware vSphere making it easy to add new sites to the process
    •Point-in-time recovery enables failover to a previous point to recover from any issue – logical corruption, datacenter outage, etc.
    •Leveraging a public cloud strategy with backups stored in Amazon
  • DDoS Attacks: More Dangerous to You; Never Easier to Launch Apr 21 2015 5:00 pm UTC 45 mins
    Christina Richmond, Program Director, IDC and Joe Loveless, Product Marketing, Neustar
    If your organization cannot afford downtime from DDoS attacks, join this timely discussion from Neustar, with special guest perspective from IDC’s Christina Richmond. Explore the complexity and purpose behind today’s attacks and what you can do to defend your Internet presence. You will learn:

    · What the DDoS threat environment looks like today
    · Why “smokescreening” is a particular danger
    · Where attacks can have impact across your organization
    · How you can take steps to thwart DDoS threats
  • Leveraging Risk, Physical and Cyber Security and Continuity Planning Apr 21 2015 4:00 pm UTC 45 mins
    Eric Kretz, Director, Continuity of Operations (COOP) Division, National Continuity Programs (NCP)
    Generally, risks associated with continuity planning, from physical to cyber-security, are part of an ever-evolving threat to our systems and technologies. Continuity planning is simply the good business practice of ensuring the execution of essential functions through all circumstances, and it is a fundamental responsibility of public institutions and private entities responsible to their stakeholders. What are some of the risks associated with continuity planning? Why is managing risk important for continuity? What are some of the methods used to mitigate risks in continuity planning?

    The COOP presentation will provide an understanding of Continuity and Continuity of Operations, explain the importance of a viable Continuity capability, and emphasize the need for a viable Continuity capability in all organizations, to demonstrate some of the linkages between continuity programs and:

    • Risk Management
    • Physical Security
    • Emergency Management
    • Cyber Security/ Information Technology

    Join us on April 21 as NCP’s senior continuity practitioner shares resilient continuity programs and outreach efforts. Hear from Eric Kretz, NCP, as he talks about Information Integration: Leveraging Risk, Physical and Cyber Security and Continuity Planning.
  • SIEM Detection & Response Cases Apr 21 2015 3:00 pm UTC 30 mins
    Tom Clare, Director, Arctic Wolf
    Before tackling a SIEM project to improve detection and response, learn from these case studies as their scenario likely matches yours. To firebreak your network brings together technologies, processes and people in the right balance across four phases. More than a security point solution or another box, you need to turn craft into a discipline to improve detection and response.

    Learn from your peers about the following:
    - Before environment and issues
    - Transition effort, cost and impact
    - After environment and benefits
    - Best practices for managed SIEM
    - Your network and next steps
  • Webroot’s 2014 Threat Brief Preview Recorded: Apr 16 2015 38 mins
    Grayson Milbourne, Security Intelligence Director
    This presentation provides an overview of the threats against a wide range of organizations and individuals during 2014. This overview is based on research and analysis conducted by the Webroot Threat Research team. The report includes analysis of IP addresses associated with malicious activity, details on the reputation of URLs by category and location, phishing detection statistics, insights into file reputation and encounter rates with malware and PUAs and information on mobile app security for Android devices. All data presented comes from Webroot’s Intelligence Network and was observed during 2014.
  • Next-Generation Security for Amazon Web Services Recorded: Apr 16 2015 37 mins
    Matt Keil, Product Marketing, Palo Alto Networks
    Public cloud computing resources such as Amazon Web Services (AWS) are helping organizations like yours develop and deploy new applications rapidly; expand into geographic regions seamlessly and extend competitive advantages. Cyber criminals are well aware of the rapid expansion into the public cloud and are looking for weaknesses in your security posture. Don’t let them find one. The VM-Series for AWS, allows you to securely extend your corporate datacenter into AWS, using our next-generation firewall and advanced features to protect your data while native management features ensures policies keep pace with the changing to your applications.

    In this webinar, attendees will learn:
    - Common customer use cases for AWS
    - Key security challenges and considerations
    - How the VM-Series can protect your AWS environments
  • Improve Threat Detection with OSSEC and AlienVault USM Recorded: Apr 15 2015 60 mins
    Garrett Gross, Sr. Technical Product Marketing Manager, Bjorn Hovd, Systems Engineer
    Host-based IDS systems, or HIDS, work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM features a complete integration of OSSEC, one of the most popular and effective open source HIDS tools.

    In this live webinar, we'll show you how USM helps you get more out of OSSEC with:
    Remote agent deployment, configuration and management
    Behavioral monitoring of OSSEC clients
    Logging and reporting for PCI compliance
    Data correlation with IP reputation data, vulnerability scans and more
    We'll finish up by showing a demo of how OSSEC alert correlation can be used to detect brute force attacks with USM
  • Surfacing Critical Cyber Threats Through Security Intelligence Recorded: Apr 15 2015 62 mins
    Dr. Sameer Bhalotra, Former White House Director; Chris Petersen, CTO; Robert F. Lentz, Former CISO for the Dept of Defense
    The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether.

    In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats.

    Learn about:
    • Emerging cyber threat vectors in 2015.
    • Security Intelligence and the critical role it plays in addressing high-impact threats
    • Using the SIMM to assess your current Security Intelligence Maturity
    • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management
  • What You Don't Know about Cryptography and How It Can Hurt You Recorded: Apr 14 2015 50 mins
    Chuck Easttom, Computer Scientist, Author, and Inventor
    This presentation describes the gaps in most security professionals knowledge of crypto, why that is a problem, and how you can correct it.
  • The Dark Side of Anonymizers: Protect Your Network from the Unknown Recorded: Apr 14 2015 44 mins
    Joanna Burkey, DVLabs Manager, HP TippingPoint
    While anonymizers can serve a positive purpose by protecting a user’s personal information by hiding their computer’s identifying information, their use in your network environment can be dangerous. Anonymizers can evade enterprise security devices, and their misuse can make your organization susceptible to malware and unwanted intrusions. Attend this session to learn how you can detect and block elusive anonymizers from wreaking havoc on your network.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: GRC Controls in Depth
  • Live at: Dec 2 2008 8:00 pm
  • Presented by: Das Soumya, Senior Director, Product Marketing
  • From:
Your email has been sent.
or close
You must be logged in to email this