Top Security Threats and Trends: 2011 Cyber Risk Report

Jason Jones, Advanced Security Intelligence, HP DVLabs & Adam Hils, Sr. Product Manager, HP Fortify
Enterprise organizations have been under security attacks for the past decade, but security events in 2011 have created a ripple effect that will be felt for years to come and will actually start to shift the way we view security. This webcast will highlight the latest threat trends and risks from the new 2011 Cyber Risk Report from HP Enterprise Security and will cover:

• Why a decline in vulnerabilities disclosed may lead to a false sense of security
• How changing attack motivations are increasing security risks
• What the biggest risks to the enterprise were in 2011
May 2 2012
47 mins
Top Security Threats and Trends: 2011 Cyber Risk Report
More from this community:

IT Governance, Risk and Compliance

  • Live and recorded (3304)
  • Upcoming (60)
  • Date
  • Rating
  • Views
  • A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.

    If a security device produces an alert in the forest, who’s there to hear it?

    The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.

    You will learn:
    1.How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
    2.Why next generation sandboxing and full-system emulation are the keys to combatting evasive malware threats
    3.The expertise needed to accurately identify and diagnose the threat once the alert is received
    4.How to ensure your organization has the ability to respond effectively to the incident and close all the backdoors a threat actor may have opened
  • 2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • Join Tom Kellermann, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who are ready to take the reins of a real and effective plan to secure their organization, their data, and their careers against targeted attacks.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
  • Cutting down on the time taken to complete complex document review cycles allows the modern lawyer to operate at the pace required by their industry.

    Join our webinar to learn top tips for shortening these review cycles without losing document integrity and risking corruption. We’ll also cover what technologies are available to provide a quick and accurate way to improve document review efficiency.
  • FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • From unobtrusive advanced malware detection technologies to automated threat response and actionable mobile-friendly dashboard – manage security from any device, any time, ESET will present new solutions for securing your endpoints and new ways to manage them.
  • Organizations are having to cover more ground than ever when it comes to security. Yet businesses often lack the in-house skills and resources, so security leaders are turning to MSSPs to help bear the burden to ensure every area of risk is adequately attended to.

    Join us for an interactive discussion with guest speaker, Forrester Research VP and Principal Analyst, Ed Ferrara, to learn how MSS is changing the conversation for businesses to achieve security goals. Help drive the conversation by submitting a question for Ed in advance so we can tackle your biggest security concerns such as:

    • Overcoming the skills shortage
    • Where to focus the budget – spending trends across industries
    • The value of security – pitching it as an investment not a cost to business leaders
    • Improving business outcomes – leveraging MSSPs as a tactical arm to optimize IT security, efficiency and value
  • A recent analyst study found that 88% of organizations are “doing Project and Portfolio Management (PPM).” This finding could lead many to believe all is well with this critical business process so essential to strategic success. This is hardly the case as studies also show PPM is still generally immature in enterprises today. The lack of maturity is largely due to the fact that most organizations are addressing only a subset of PPM capabilities. So though almost every organization can lay claim to doing PPM, few are actually doing PPM for all its worth. Many of these organizations will continue to miss out on the incredible possibility and promise of this essential business capability until they grasp and appreciate the full scope and potential of PPM.

    One of the greatest barriers to realizing the full potential of PPM is an enterprise-wide awareness of the span of PPM and the likely gap that must be overcome to achieve it. There is a plethora of great PPM insight contained in the numerous books, methodologies, and frameworks available today, but using this volume of information to get everyone on the same page is a daunting challenge. The key is to use a simple approach and model to quickly establish a common understanding of this critical business discipline and to easily foster the conversations and discussions to drive the endeavor to raise PPM proficiency.

    This brief webcast will present a PPM model that is easy to remember, easy to communicate, and proven to quickly illuminate the gap between existing immature PPM processes and the full scope and potential of comprehensive Project and Portfolio Management.
  • Portfolio planning activities have struggled to gain respect in most businesses. Lack of enterprise-wide orchestration arises from a lack of effective involvement and intimate business knowledge – not simply of operations and processes, but of business imperatives, obstacles and desired outcomes. And the information systems aspects continue to be planned in splendid isolation from the business, causing IT people to mistakenly celebrate victory when a new IT system goes live. However a project only really starts when the IT goes live, and so the planning needs to be fully integrated. This can only be accomplished first by building strong relationships with business peers that will result in measurable value creation. The next step is to implement a sophisticated PPM system that can handle the extreme complexity of orchestrating all the business and related technology portfolio of initiatives, capable of optimizing the plans (and the outcomes) as the business environment changes.

    To achieve this, a new PPM model needs to be created to look at portfolio management in a holistic way, enterprise-wide. Planners need a capability that will generate multiple scenarios and real-time decision support. This dimensionality and complexity is well beyond the capacity of the human brain. By implementing such a tool, IT would be positioned as a critical partner with the business – not just in implementing mainstream information systems, but also in helping the business with a much better way to plan and manage all of its key initiatives effectively

    This session focuses on how enterprise leaders and divisional leaders and IT leaders should be working in harmony to orchestrate great business outcomes, rather than looking after their parochial interests.
  • Channel
  • Channel profile
  • The Dark Side of Anonymizers: Protect Your Network from the Unknown Apr 14 2015 5:00 pm UTC 45 mins
    While anonymizers can serve a positive purpose by protecting a user’s personal information by hiding their computer’s identifying information, their use in your network environment can be dangerous. Anonymizers can evade enterprise security devices, and their misuse can make your organization susceptible to malware and unwanted intrusions. Attend this session to learn how you can detect and block elusive anonymizers from wreaking havoc on your network.
  • Anatomy of a Cyber Attack Mar 17 2015 4:00 pm UTC 45 mins
    Victims of targeted attacks, or advanced persistent threats (APTs), make the headlines. Attend this webinar to learn how APTs work and how to defend your business from them. Pat Hill, HP TippingPoint Product Manager, and Bob Corson, Director, Solutions Marketing, discuss the anatomy of an attack and why it's critical to detect and isolate the attack at "patient zero," the initial point of infection.

    Attend this webinar to learn:
    · How the bad guys evade your security
    · The counter measures you need to detect and block them
    · How HP TippingPoint and Trend Micro have partnered to neutralize patient zero
  • Outthinking the Bad Guys Recorded: Feb 6 2015 22 mins
    Businesses are spending so much money on security -- almost $47 billion in 2013 -- and yet the number of breaches continues to increase. To mitigate the risks of increasingly sophisticated, innovative and persistent threats, we need to change the way we think about our security programs. In this webcast, Art Gilliland, General Manager of HP Enterprise Security Products, talks about the challenges all enterprises face from the bad guys -- and the critical steps businesses must take to defend against today's most advanced threats.
  • HP TippingPoint—every second matters Recorded: Jan 12 2015 3 mins
    A next-generation intrusion prevention system (IPS) shouldn't just keep your company safe, it should be quick to implement and easy to manage. HP TippingPoint is the simple, effective, and reliable solution for network security that protects you faster—when every second matters.
    This video explains how TippingPoint stops threats faster. Watch it to learn:
    •How HP TippingPoint provides 80% threat coverage out of the box
    •How most companies install TippingPoint in less than two hours
    •How TippingPoint filters key on vulnerabilities rather than exploits to keep you safer and reduce false positives
  • Protecting your company in a changing threat environment Recorded: Jan 9 2015 4 mins
    Hackers don't have change management, so they can change and deploy threats faster than companies can respond to them. That's the message of Forrester Principal Analyst John Kindervag in this short but important video. He explores the impact of a changing threat environment and new zero-day threats on cyber defenses.

    View it to learn:
    •Why it's important for security professionals to change their mindset when dealing with the changed threat landscape
    •Why conventional defenses based on exploit signatures no longer work
    •Why context-aware defenses that correlate incoming attacks to outgoing data exfiltration are required for enhanced security
  • Top 5 Security Threats of 2014: How to Protect Yourself for the New Year! Recorded: Dec 11 2014 41 mins
    2014 has been an explosive year riddled with nasty security threats. Some of these you may have heard about like Heartbleed and Shellshock, but others like Sandworm, may have gone unnoticed or worse unprotected on your network. This webcast will offer an explanation of the top vulnerabilities, how they could have infected your network and security precautions to protect your organization. Don’t miss it.
  • Challenges and Solutions for Securing Today's Enterprise Network Recorded: Nov 18 2014 39 mins
    As enterprise network design changes and evolves to incorporate mobile devices, BYOD and cloud solutions, the traditional network perimeter is breaking down. All this, while attacks are getting ever more sophisticated. This session will discuss the challenges facing the modern enterprise network, and show how HP TippingPoint network security products offer solutions that can help.
  • Defending the Network in the Battle Against Malware Recorded: Oct 22 2014 49 mins
    With malware and botnets wreaking havoc worldwide, stopping network infiltration and protecting confidential data is proving increasingly difficult. This session introduces you to a triple-threat triple ally against attackers: HP TippingPoint with ThreatDV. Join us and learn how HP TippingPoint and the power combo of ThreatDV, weekly Digital Vaccine package, and reputation feed help networks stay ahead of attacks by blocking infiltration, phone-home, command-and-control, and data exfiltration.
  • 5th Annual Ponemon Cost of Cyber Crime Study Results: APJ Recorded: Oct 10 2014 56 mins
    Explore cyber crime in Asia Pacific and Japan

    The cost of cyber crime is on the rise in the APJ region, according to the 2014 Cost of Cyber Crime study from the Ponemon Institute. Among 30 companies surveyed in Australia, the reported per-company cost for Internet-driven crime was $4 million, up 8.4% from 2013. In Japan, the per-company average hit $6.9 million in the study, up 5.7% from 2013.

    On the more optimistic side, companies in the region are achieving notable ROI for their investments in cyber security solutions. The average ROI for seven security technologies was 16% in Australia and 17% in Japan. For a close-up view of these and other findings from the institute’s research in Australia and Japan, join Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, for our APJ Security webinar.
  • 5th Annual Ponemon Cost of Cyber Crime Study Results: Americas Recorded: Oct 9 2014 60 mins
    Explore cyber crime in the Americas

    In the 2014 Cost of Cyber Crime study, U.S. companies reported an average of $12.7 million in losses to cyber crime. That was the highest national average in the study by the Ponemon Institute. Among the 59 U.S. companies in the survey, the average cost of cyber crime climbed by more than 9% over the course of the year.

    Among other findings, the study noted that the most costly cyber crimes are those caused by denial of services, malicious insiders, and malicious code. These threats account for more than 55 percent of all cyber crime costs. For a fuller look at these and other findings from the institute’s study of U.S. companies, join Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, for our AMS Security webinar
  • 5th Annual Ponemon Cost of Cyber Crime Study Results: EMEA Recorded: Oct 8 2014 59 mins
    Explore cyber crime in Europe

    For its 2014 Cost of Cyber Crime study, the Ponemon Institute expanded its focus in Europe to encompass the Russian Federation, as well as France, Germany, and the United Kingdom. Collectively, the institute surveyed 137 companies in Europe in a study that found broad differences in the reported costs of cyber crime across the region. The per-company average ranged from $3.3 million in the Russian Federation to $8.1 million in Germany.

    The study results indicate that over the course of the year, cyber crime rose 20.5% in France, 17.4% in the U.K., and 7.2% in Germany. For a closer look at these and other findings from the institute’ European research, join Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, for our EMEA Security webinar.
  • HP TippingPoint is On Your Side When Every Second Matters Recorded: Sep 25 2014 28 mins
    Security defenses are only effective when you can easily deploy and manage them. HP TippingPoint Next-Generation Intrusion Prevention System and Next-Generation Firewall make it easy. And the TippingPoint Security Management System provides a dashboard to show you the state of your defenses and instantly see attacks that are blocked.

    Every second matters. Watch this interactive demo to learn how:

    · Easy it is to automatically download the latest Digital Vaccine packages to stay up-to-date with the latest security intelligence

    · Simple it is to share security configurations and policies across devices

    · The at-a-glance dashboard effortlessly shows your protection status

    · To automatically create protection, status and network behavior reports
  • Blocking Advanced Threats with a Layered Security Approach Recorded: Sep 18 2014 42 mins
    Threats to the network continually evolve, which makes isolating the victimized “patient zero” machine nearly impossible. Today’s advanced threats require an advanced approach to security. This session explores how HP TippingPoint stops these attacks in their tracks by neutralizing patient zero through behavior, static, and dynamic detection. Join us to learn how this layered security approach is the most effective way to minimize the threat of network infiltration and, when it does occur, protect your infrastructure from further damage.
  • Incident Response Techniques and Processes: Where We Are in the Six-Step Process Recorded: Aug 26 2014 62 mins
    Incident response weighs heavily on the minds of security practitioners today. Prompted by the recent data breaches and attacks plaguing enterprises large and small, a new SANS survey project asked IT professionals to explain what steps they take immediately following a breach and to share how successful those steps really are.

    Tune into Part 1 of the Incident Response Techniques webcast to hear highlights from the survey results and discussion concerning where we are as an industry in a typical six-step incident response process.
  • Odd Todd Deploys TippingPoint Recorded: Jul 24 2014 3 mins
    View this video to see how easy it is for Odd Todd to deploy TippingPoint.
  • HP Cyber Risk Report Recorded: Jul 23 2014 4 mins
    In application vulnerability testing performed by HP, 52 percent of total vulnerabilities found are on the client side, and 48 percent are on the server. That is one of the real-world statistics uncovered by the HP 2013 Cyber Risk Report and summarized in this informative four-minute video.

    The Cyber Risk Report video presents the data you need to separate the hype from the real threats and better plan how to spend your security dollars. View it to learn the most common kinds of attacks and to hear the one lesson learned from the in-depth study of the 2013 attack that took down South Korean Banks.
  • Role of Research in Stopping Security Threats Recorded: Jul 1 2014 22 mins
    Jennifer Ellard from HP, Patrick Sweeney from Dell and Robin explore what role research by security vendors plays in stopping threats. Issues examined include the definition and importance of good research and how vendors shine and fall short. The discussion then moves on to selecting a security solution that is backed by world-class research.
  • Preparing for Zero-Days and Emerging Threats - Where Effective Security Counts Recorded: Jun 24 2014 35 mins
    Staying ahead of the bad guys requires two things: a good plan and a good partner. Your security plan must be robust, flexible, and responsive. Your partner must do the heavy lifting, so your team can concentrate to what matters most to your business. HP Security Research Zero-Day Initiative has more than 3000 security researchers looking for vulnerabilities in the software you rely on. Once they are found, HP TippingPoint DVLabs pushes out weekly digital vaccine packages to proactively protect customers from emerging threats.
    But staying protected isn’t just a numbers game.

    Attend this webinar to learn:
    • How we develop “virtual patches” that block any attempt to exploit the vulnerability rather than simple filters to block individual exploits
    • How our approach reduces false positives
    • How the HP Security Research and DVLabs team keeps them out to let you rest easier
  • Integrating Network Security with Threat Intelligence to Stop Advanced Malware Recorded: May 22 2014 48 mins
    Cyber criminals have become more sophisticated and more determined than ever. Protecting your business from advanced malware requires new techniques tuned to these emerging threats. Now, HP TippingPoint Security Management System works with Lastline to provide an advanced layer of protection against the most sophisticated attacks.

    Attend the webinar to learn:
    • How Lastline uses the HP TippingPoint Advanced Threat application programming interface (API) to integrate their global threat intelligence and advanced malware detection capabilities with HP TippingPoint
    • How the industry-leading security intelligence of HP TippingPoint and Lastline’s innovative products combine to help you stay ahead of the bad guys
  • Closing the Book on Heartbleed - and Avoiding Future Sad Stories Recorded: May 14 2014 61 mins
    The Heartbleed vulnerability in OpenSSL forced millions of users to changed passwords and enterprises to rapidly patch thousands of servers.Because of all the publicity there continues to be a lot of CXO-level awareness around cyber security and now is the perfect time to recommend strategies for avoiding or mitigating the next Heartbleed - and there *will* be a next one. There were many lessons learned during Heartbleed than can be used to bolster your plans and your presentations to management to gain funding.
    In this SANS Special webcast, John Pescatore, SANS Director of Emerging Security Trends will present an overview on the details around Heartbleed and an update on the current status, risks and industry efforts around software security. He will then moderate a panel of vendor experts in a discussion around lessons learned from dealing with Heartbleed and best practices for mitigating or shielding the risks due to vulnerabilities in open source and other third party software. Panelists will include Joanna Burkey, TippingPoint DVLabs Manager, and Joe Sechman, Manager, Software Security Research for HP.
Delivering Advanced Network Defense to the Enterprise
This channel covers the latest topics in network security, virtualization security, and threat research from HP TippingPoint and HP DVLabs to help security professionals protect their network against ever-evolving threats

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Top Security Threats and Trends: 2011 Cyber Risk Report
  • Live at: May 2 2012 4:00 pm
  • Presented by: Jason Jones, Advanced Security Intelligence, HP DVLabs & Adam Hils, Sr. Product Manager, HP Fortify
  • From:
Your email has been sent.
or close
You must be logged in to email this