Hi [[ session.user.profile.firstName ]]

How Big is Your Company’s Digital Shadow?

2012 will see organisations and their employees exposing more information online than ever before, be that through social media or through the technologies used by an organisation. They may perceive this information to be benign, however many have unintentionally and unknowingly exposed themselves
2012 will see organisations and their employees exposing more information online than ever before, be that through social media or through the technologies used by an organisation. They may perceive this information to be benign, however many have unintentionally and unknowingly exposed themselves to compromise by a cyber attack or may have leaked damaging or confidential information. Hackers are increasingly researching their target organisations and their employees before making focused, targeted attacks.

This presentation examines how companies' digital shadows are growing, and puts forward steps organisations can adopt to help get this information sprawl under control.

James Chappell is CTO for managed security service firm, Digital Shadows. James, builds on a technical infosec consulting career of 12 years looking at the security of large private sector and government organisations. During this time he became fascinated by the growth of crime and fraud in computer networks, with a particular focus on effective ways of measuring of managing the big picture of information security for large public and private sector organisations.
Recorded Jun 21 2012
46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
James Chappell, Chief Technology Officer, Digital Shadows
Presentation preview: How Big is Your Company’s Digital Shadow?
Recommended for you:
  • Date
  • Rating
  • Views
  • Digital Content & The Legality of Web Scraping Digital Content & The Legality of Web Scraping Jonathan Bailey, Rami Essaid, Katie Sunstrom, Orion Cassetto Live 75 mins
    Web scraping - the process of using bots to systematically lift content from a website - is either loved or hated. Startups love it because it’s a cheap and powerful way to gather data without the need for partnerships. Large companies use web scraping to gain competitive intelligence, but try to block others from doing the same. However, new legislation and high profile court cases have called into question the legality of web scraping.

    In this lively conversation, diverse panelists will discuss the origin of web scraping, the changing legal landscape, and the legal and technical best practices for protecting your website content.
  • Digital Content & The Legality of Web Scraping Digital Content & The Legality of Web Scraping Jonathan Bailey, Rami Essaid, Katie Sunstrom, Orion Cassetto Live 75 mins
    Web scraping - the process of using bots to systematically lift content from a website - is either loved or hated. Startups love it because it’s a cheap and powerful way to gather data without the need for partnerships. Large companies use web scraping to gain competitive intelligence, but try to block others from doing the same. However, new legislation and high profile court cases have called into question the legality of web scraping.

    In this lively conversation, diverse panelists will discuss the origin of web scraping, the changing legal landscape, and the legal and technical best practices for protecting your website content.
  • Security, Privacy and Risk in a Mobile World Security, Privacy and Risk in a Mobile World Sushila Nair, Managing Director, Cybernetics, CISA, CISSP, CISM, CRISC Recorded: May 25 2016 39 mins
    The discussion on privacy and security of mobile devices has become an explosive topic. With the Snowden revelations leading the way and mobile vulnerabilities like Stagefright and XcodeGhost following behind, the question of is it necessary or even possible to secure voice and data on mobile devices remain the subject of hot debate. With the focus of attackers shifting to these devices, organizations need to be ready to protect their employees and themselves.

    This seminar examines the security risks associated with mobile computing devices and infrastructures, and suggested controls for mitigating those risks. It examines the key guidelines from NIST and other organizations and the best practices for mobile security.
  • Application Security: 6 Myths of Open Source Management Application Security: 6 Myths of Open Source Management Chester Liu, Black Duck Software Recorded: May 25 2016 37 mins
    The recent high-profile “Panama Papers” exploit, which resulted in the theft of 2.6 terabytes of data from the Mossack Fonseca law firm, highlighted the firm’s failure to effectively secure and manage its open source software.
    Although the exploited component has yet to be pinpointed, the breach investigation has revealed that Mossack Fonseca was delinquent in patching known open source vulnerabilities in both Drupal and Wordpress. This lapse exposed sensitive client information.
    Open source software is an essential element in application development today and this breach raises the question: What are the best practices for securing and managing open source to avoid exploitation? This webcast will detail the processes organization can implement to secure and manage their open source to reduce risk from security vulnerabilities.
  • Closing Network Backdoors: Best Practices to Control Third-Party Risks Closing Network Backdoors: Best Practices to Control Third-Party Risks Dale Gardner, Director, CA Technologies Recorded: May 25 2016 60 mins
    In up to two-thirds of security breaches, stolen or compromised user credentials belonging to a privileged user with wide-ranging access to sensitive systems, served as the initial attack vector. In this way, attackers can steal sensitive data and wreak havoc. While you must provide access to third parties, you must also manage such high-impact security risks. Join us to learn the top five best practices for regaining control of third-party access, and the processes and technology necessary to stop unauthorized access and damaging breaches.

    In this webcast, you’ll learn:

    - The identity, access, and security governance processes needed to protect your network
    - How to ensure positive user identification to prevent credential theft and misuse
    - Techniques to limit access to only those resources required to satisfy work or business requirements
    - Preventing the unauthorized commands — and inadvertent mistakes — threatening your network
    - Establishing monitoring procedures that flag violations and speed forensic investigations
  • Alternatives to RSA Data Protection Manager for Centralized Key Management Alternatives to RSA Data Protection Manager for Centralized Key Management Steve Kingston, Product Manager - Gemalto Recorded: May 25 2016 27 mins
    RSA’s Data Protection Manager (DPM), BSAFE and tokenization products are quickly approaching EOL/EOPS, presenting RSA customers with an opportunity to reassess their encryption key management architecture and needs. With so many technologies available today that seemingly offer the same capabilities, how do you select the vendor and solution that is right for you?
    Join Stephen Kingston, Product Manager for SafeNet KeySecure, Gemalto, where you will learn how you can:

    • Benefit from proven, successful RSA to Gemalto migration use cases, including Healthcare, PII Protection and Retail PoS applications
    • Easily migrate with the same one-to-one functionality offered by SafeNet KeySecure and SafeNet Data Protection Connectors
    • Avoid encryption silos with a centralized key manager whether on-premises, virtual, or in the cloud
    • Painlessly expand your encryption solution as your future needs grow, be it files, databases, applications, or tokenization
    • Quickly get started with our 5 easy migration steps
  • Alternatives to RSA Data Protection Manager for Centralized Key Management Alternatives to RSA Data Protection Manager for Centralized Key Management Steve Kingston, Product Manager - Gemalto Recorded: May 25 2016 27 mins
    RSA’s Data Protection Manager (DPM), BSAFE and tokenization products are quickly approaching EOL/EOPS, presenting RSA customers with an opportunity to reassess their encryption key management architecture and needs. With so many technologies available today that seemingly offer the same capabilities, how do you select the vendor and solution that is right for you?
    Join Stephen Kingston, Product Manager for SafeNet KeySecure, Gemalto, where you will learn how you can:

    • Benefit from proven, successful RSA to Gemalto migration use cases, including Healthcare, PII Protection and Retail PoS applications
    • Easily migrate with the same one-to-one functionality offered by SafeNet KeySecure and SafeNet Data Protection Connectors
    • Avoid encryption silos with a centralized key manager whether on-premises, virtual, or in the cloud
    • Painlessly expand your encryption solution as your future needs grow, be it files, databases, applications, or tokenization
    • Quickly get started with our 5 easy migration steps
  • Alternatives to RSA Data Protection Manager for Centralized Key Management Alternatives to RSA Data Protection Manager for Centralized Key Management Steve Kingston, Product Manager - Gemalto Recorded: May 25 2016 27 mins
    RSA’s Data Protection Manager (DPM), BSAFE and tokenization products are quickly approaching EOL/EOPS, presenting RSA customers with an opportunity to reassess their encryption key management architecture and needs. With so many technologies available today that seemingly offer the same capabilities, how do you select the vendor and solution that is right for you?
    Join Stephen Kingston, Product Manager for SafeNet KeySecure, Gemalto, where you will learn how you can:

    • Benefit from proven, successful RSA to Gemalto migration use cases, including Healthcare, PII Protection and Retail PoS applications
    • Easily migrate with the same one-to-one functionality offered by SafeNet KeySecure and SafeNet Data Protection Connectors
    • Avoid encryption silos with a centralized key manager whether on-premises, virtual, or in the cloud
    • Painlessly expand your encryption solution as your future needs grow, be it files, databases, applications, or tokenization
    • Quickly get started with our 5 easy migration steps
  • PCI DSS 3.1 Compliance in Modern Data Center & Cloud: Lessons & Advices PCI DSS 3.1 Compliance in Modern Data Center & Cloud: Lessons & Advices Forrest McMahon, Director Tech Advisory & Assessment Svcs Coalfire; & Steve Neville, Director Cloud & Data Center Trend Micro Recorded: May 25 2016 49 mins
    Join Forrest McMahon from Qualified Security Assessor (QSA) Coalfire for an insightful view of PCI DSS 3.1 requirements in the face of increasingly sophisticated cyber-attacks and more complicated deployment scenarios:
    1. How to approach the task of PCI DSS 3.1 compliance
    2. What the impacts of different deployment environments (physical, virtual, cloud) have on compliance
    3. What key tools & approaches can be used to streamline and ease compliance impacts
  • Dynamic Analysis of Android Apps - Attacking Android Apps from the Inside Dynamic Analysis of Android Apps - Attacking Android Apps from the Inside Erez Metula, Founder, AppSec Labs Recorded: May 25 2016 48 mins
    Dynamic analysis of android apps is all about analyzing apps in real time, for the purpose of detecting application level vulnerabilities and for the sake of manipulating applications while they execute. It is often used as a last resort due to its complexity, when other pentesting techniques mainly focused on static analysis are not enough. Common usages of dynamic analysis are extraction of sensitive data from application memory variables, stealing encryption keys, manipulating signature mechanisms and so on.

    During this talk we will focus on memory dumps, remote debugging, small debugging, native debugging, usage of ReFrameworker platform and other interesting things.

    This talk is based on a similar chapter as part of the Android application hacking course given by the speaker at recent BlackHat USA 2015

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How Big is Your Company’s Digital Shadow?
  • Live at: Jun 21 2012 2:00 pm
  • Presented by: James Chappell, Chief Technology Officer, Digital Shadows
  • From:
Your email has been sent.
or close
You must be logged in to email this