Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
In the digital world we all live in, a majority of IT operations and support center organizations still rely on spreadsheets and spray-and-pray emails to entire teams to communicate major IT events due to application failures, network outages, cyberattacks, datacenter outages… During this session, Vincent Geffray will share the eye-opening results from various surveys on state of incident management and best performing companies practices and will explain how the lack of response automation hurts business and negatively impacts IT employees’ work-life balance.
During this session you will:
* Understand why quickly engaging the right team of IT experts is such a hard thing to do
* Understand the mechanisms which lead to a call storm and learn how to prevent it
* Learn how you can improve your incident response process and streamline the communication between the Service Desk, your IT teams and the impacted business users
Vincent Geffray is Senior Director of Product Marketing with focus on IT Incident Response Automation, IT Service Alerting, team Collaboration and Process Orchestration at Everbridge. He has over seventeen years of experience in Digital Operations and Service Management with expertise in Critical Communications, Application Performance Management, IT Process, Runbook and Workload Automation. Vincent has an international experience and he worked in Europe and in North America.
Every business that handles personally identifiable data is subject to privacy regulations and standards, such as PCI-DSS for credit card transaction data, HIPAA for medical records privacy, SOC 2 for any organization that delivers services (including SaaS-delivered solutions) and the European Union’s soon-to-be-enacted GDPR (General Data Protection Regulation). There are also privacy and breach disclosure laws that vary from country to country (even state to state in the US), making it a big challenge to keep up with them all. Failure to comply can result in daily penalties and fines, and a data breach resulting from non-compliance could cost millions in settlements, legal fees, and loss of reputation.
Join special guest, Divya Jeyachandran of Coalfire and John McLeod, CISO of AlienVault to hear what auditors are looking for and how to best prepare for your next audit.
Overview of common compliance requirements
Best practices for preparing for and demonstrating compliance
Keys to overcoming challenges in your on-premises and cloud environments
How a unified security toolset can greatly simplify this process
Sr. Manager - Payments, Cloud & Technology, Coalfire
Divya is a Senior Manager in the Payments practice at Coalfire focusing on data security in cloud environments. She advises and assesses client environments to meet security and compliance requirements such as the PCI DSS. With 8 years of experience in cloud technology, IT security and audit, and network and systems administration combined with understanding the applicability of regulatory security and compliance requirements towards IT solutions, Divya has been the lead QSA for some of the major cloud service providers and security service providers in the industry.
Learn about technology-assisted review methodologies, workflows, and uses in this comprehensive overview of TAR. We'll review what predictive coding methods are available, how they work, and what methods are recommended for specific situations. And we'll hear from a federal judge on why you need to understand TAR.
Hosted by Jim Waldron, director, EDRM. Sponsored by Knovos.
Security Information Event Management (SIEMs) systems have become the go-to application for cybersecurity practitioners, but it doesn’t come without a hefty cost or tradeoffs. These costs can include historic data being unreachable, advanced analytic limitations, and reduced enterprise visibility. Pairing SIEMs with a big data machine learning platform allows enterprises to proactively assess risk by accelerating anomaly detection, investigation, and response with machine learning and complete enterprise visibility.
Join TJ Laher, Cybersecurity Solutions Lead, as he discusses how big data and machine learning empowers cybersecurity innovators to optimize SIEM deployments. During this discussion, you will learn how open source technology is helping optimize SIEM deployments allowing organizations to:
• Infinitely scale data storage, access, and machine learning
• Deploy a community defined open data model to break vendor lock-in and gain complete enterprise visibility
• Open up application flexibility while building on a future-proofed architecture
With banks worldwide running proofs of concept for a number of use cases based on blockchain technology. It has become a question of when, not if, many of these initiatives will move into the production stage.
Now is a good time to consider what the expected adoption of blockchain and cryptocurrencies are likely to mean for fraud in banking and commerce.
Attend the webinar to learn:
-How banks and businesses are adopting distributed ledger technologies (DLT)
-What fraud and financial crime implications are created by the use of DLT
-What tools will be required in the future to mitigate DLT-related fraud
Since WannaCry and Petya took the world by storm in May of 2017, defending laptops, desktops, and IT assets from ransomware has become critically important for enterprises.
This webinar looks look at the newly released advanced capabilities of Symantec Endpoint Protection 14.1 that help protect against ransomware attacks and the strategies and the technologies that Symantec customers have deployed technology for effective protection against ransomware and unknown threats.
Join us to discover how you can:
· Block ransomware via latest enhancements into behavior monitoring, machine learning and intrusion prevention
· Gain enhanced visibility into suspicious activity across your endpoint estate
· Optimizing endpoint security across different environment needs such as high risk employee groups, low bandwidth environments, etc
In addition we’ll also show you SEP 14.1 in action, with a demo that showcases how unknown threats don’t stand a chance.
Learn how enterprises can achieve immediate visibility across on-premises, endpoint, and cloud IT environments with Qualys Cloud Platform and its powerful, natively integrated security and compliance applications.
After 25 years of speaking and writing about the impacts of technologies on “the human in the machine,” Richard Thieme documented the traumatic consequences for security and intelligence professionals of swimming in dark and turbulent waters that challenged our abilities, our ethos, and sometimes our very identity. Who we thought we were came up against what we had to do and the friction threw off sparks.
This webinar goes beyond those stories to explore in particular how what dominant cultures call “minorities” manage their unique challenges. Thieme has uncharacteristically lived as “a minority” in five different ways and the dynamics and resultant strategies he had learned port seamlessly to the experience of others. There’s more to it than “playing through the pain” - there’s real gold in discovering our capacities for the resilience, power, and self-transcendence intrinsic to the human condition.
Beginning with the “real facts” of the matter, Thieme draws on his experience to suggest ways to make this game a long distance run, not a sprint, and not lose our selves along the way.
We’ve spent years just seeing data as ‘there’; whether it’s a spreadsheet, email or information on a website/social media – data just exists. However, with recent, and massive, growth in stored data its value throughout its lifetime has now changed.
Because of this changing value, data must be secured and protected – kept away from people who might pose a threat to its integrity and value. In this world of instantly available information a news leak informed by real data is something that can quickly reduce the value of a product, or even damage the revenue and reputation of your business.
Endpoint-based technologies can help to prevent an attack, but this is a defensive posture - we need to move and become more proactive. Understanding the data you have makes it easier to know what is ‘normal’, in turn this makes it easier to recognize unusual behavior of devices and data which might indicate a threat has breached the network. The faster you are able to see this, the faster you can react – ensuring maximum time possible to mitigate the potential damage.
With the ever increasing number of devices and applications that individuals use and access on a daily basis, the authentication of individuals has become paramount for organizations. It needs to be done faster, seamlessly and have less impact on the user. What can organizations do to meet this challenge? Are behavioral analytics an answer? What role does identity assurance play? What about multi-factor authentication? Biometrics? Join RSA and (ISC)2 on January 18, 2018 at 1:00PM Eastern for a discussion on where ID/Access management and authentication is going and how these future advancements can impact your organization.
The management of change has been a recognized and necessary discipline in enterprise IT for decades. But the management of change – and indeed critical events – in datacenter facilities has not received so much attention, despite the dangers and significant costs associated with even partial failure.
Increasingly, datacenter owners and operators are reducing risks associated with change and unplanned events by using purpose-built datacenter infrastructure management (DCIM) software. DCIM has become an essential element of modern datacenter risk management, from monitoring and alerting to traceable (auditable) workflows, asset tracking, predictive analytics and end-to-end risk analysis.
In this webinar, you will learn how DCIM is being leveraged to understand, manage and lower risk, while at the same time delivering efficiency, agility and cost benefits.
3-D Secure 2.0’s impact on the financial industry will be one of the most significant in recent years. Built around the increasing popularity of mobile commerce, 3-D Secure 2.0 is predicated on risk-based authentication, leveraging data points for accurate verification, while optimizing the consumer experience.
But, what about migration? How do you get from where you are to where you want to be? It’s time to fine-tune your authentication strategy. Join Hannah Preston, Solution Strategist, Payment Security at CA to learn how to:
• Design the best payment security architecture for your business
• Exploit the power of a consistent device identity across online channels
• Incorporate a global network of devices to shut down fraud fast
The future lies in turnkey cloud solutions like hyper-convergence, which is set to displace traditional server and storage models.
WinMagic’s SecureDoc product suite, coupled with Nutanix, provides customers greater control and certainty over their data security through intelligent enterprise-controlled, cloud-agnostic key management & VM-level encryption.
Join us as we unravel some of the most critical considerations for establishing a high performance IT infrastructure that is not only flexible, fluid, and affordable, but provides the consistent security and simplicity needed across your entire environment.
In this webinar you will learn:
Simplicity: Discover how to converge your entire datacenter stack into one solution, reducing silos, and simplifying your operations
Scalability: Learn how you can flexibly and securely scale out to support dynamic workloads and evolving business needs of any size
Manageability: Reduce the complexity of managing traditional infrastructure and security across a disparate array of platforms. Gain simplicity in meeting Compliance audits
Join us on January 18th, 2018 for a lively discussion with Ralf Buchroth, Team Lead in IT Infrastructure and Provider Management at RWE, the second largest utility provider in Germany.
We will discuss RWE’s challenges and success in moving their network operations into the future without compromising security and compliance, including:
• consolidating security and orchestrating connectivity across a hybrid network, including legacy firewalls and routers, next generation firewalls, and the AWS cloud platform
• incorporating a cloud-first strategy and a heavy investment in DevOps to identify and address security violations in AWS, and allow application developers to spin up new applications without knowing IPs, protocols and ports
• reclaiming visibility of their firewall configurations and moving from error-prone manual changes to automating the process
• vastly improving workflows to improve audit preparation from a previously non-auditable change process
Register now to gain amazing insight into how they have found success. We will wrap up with a live Q&A, so have your questions ready!
Agile development and DevOps are built on a foundation integrated and automated testing that happens throughout the development lifecycle. Rather than waiting for a testing phase that happens late in the cycle, software quality and security must be verified at every step. In this session you will learn how to validate open source security, compliance, and quality across the SDLC, from design phase to production deployment and beyond.
Three major trends define the Cloud Generation chaos that organizations face today. They are 1) Use of cloud applications, 2) An increasingly mobile workforce accessing these cloud applications from outside the perimeter and 3) Use of both corporate owned and BYO devices (PC, Mac and Mobile).
On the other hand, the threat landscape is constantly evolving with adversaries taking advantage of these trends to attack organizations with ransomware, targeted attacks and mobile malware.
Existing solutions from the industry have been largely a mixture of disjointed point products to solve these problems piece meal. All of these have led to operational complexity for Organizations who face a severe shortage of skilled IT security personnel.
Attend this webinar and learn how endpoint security can solve these problems while increasing operational efficiency and lowering total cost of operations with a single agent architecture.
In addition, Symantec will discuss how the latest evolution of Symantec Endpoint Security can:
-Turn the tables on attackers by exposing intent and delaying their tactics using deception techniques and proactive security
-Expose, investigate and resolve incidents including file-less attacks with integrated Endpoint Detection and Response
-Harden environments against cyber-attacks with complete visibility into application attack surface and isolating suspicious applications
-Extend advanced security to mobile devices to protect them from network based attacks and OS/App vulnerabilities.
Today’s complex, multi-faceted infosec challenges can cause IT and security teams to spend unnecessary cycles trying to perform the fundamentals – basic hygiene, assessing posture, and validating security “readiness”. With most organizations getting attacked weekly, ensuring these functions are efficient and effective is more important than ever.
In this session you’ll learn how end-to-end security visibility is a critical first step to improving your security posture. By combining endpoint, network, user activity, and threat intelligence you can be truly data-driven and:
- Identify malicious activity and gain key context to help prevent similar threats
- Apply methods to help improve accuracy and further mitigate risk
- Automate context gathering and response actions to accelerate investigations, and to more effectively contain and prevent threats
Join us and get the inside view into the latest technological advancements powering today’s cybersecurity solutions.
Breach detection systems (BDS) and breach prevention systems (BPS) are capable of providing enhanced protection against advanced malware, zero-day attacks, and targeted attacks. NSS Labs’ 2017 BDS and BPS Group Tests measured the effectiveness of these solutions in real-world threat scenarios that included exploits, malware, offline infections, and evasions. Breach detection and breach prevention solutions from Check Point, Cisco, FireEye, Fortinet, Juniper Networks, Lastline, Palo Alto Networks, and Trend Micro are included in one or both of our breach security group tests. Sign up for our webinar to learn more about these test and to see which products received the coveted NSS Labs Recommended rating.
2017 was filled with cybersecurity meltdowns. From WannaCry to BadRabbit, the cybersecurity landscape has only become more volatile. With cyber threats on the rise, is your organization’s security posture ready for 2018?
Join LookingGlass’ Vice President of Customer Support, James Carnall and Vice President of Intelligence Operations, Eric Olson as they take a closer look at 2017’s major cyber-related incidents and provide tips and recommendations on how your organization can prepare for 2018. Webinar attendees will learn:
· Major cybersecurity trends from the past year
· Cybersecurity tactics that worked – and didn’t work – in 2017
· How to take a proactive cybersecurity approach to fending off cyber threats
Artificial Intelligence and Machine Learning are impressive but not yet able to completely replace security professionals. So, what is the right solution for you and your organization?
In this webinar, we will demonstrate the shortcomings of using both technologies, without a security professional in the loop, and make the case that coupling the experience and intuition of a security professional with a machine learning system, can greatly improve the overall results.
We will also tap the insights of Arctic Wolf Networks's Chief Architect, Matthew Thurston, on how Hybrid-AI and Machine Learning can improve threat detection capabilities and reduce false positives.
After attending, you will be able to:
- Recognize how AI and Machine Learning are typically used in Cyber Security, and what are the gaps
- Define what is Hybrid-AI, why it improves detection accuracy and reduce false positives
- Understand how Arctic Wolf Networks uses human augmented machine learning to detect Ransomware attacks
About our guest speaker:
Matthew Thurston developed his technical vision and security industry experience working over 10 years at Blue Coat Systems as a key developer of the policy enforcement system. He was a co-inventor on patents covering network policy management and optimizing MS Exchange (MAPI) traffic. His work reverse engineering the MAPI protocol gave birth to his keen interest in all things packet-related. Prior to Blue Coat, Matthew cut his teeth as a developer working on a wide range of projects including laser projection systems at Virtek Vision, ergonomic automation at HumanCAD Systems and configuration management software at MKS. Matthew is a graduate of the University of Guelph with a bachelor of science in computer science.
2017 marked the 10-year anniversary of Amazon’s AWS, and with it a decade of mainstream awareness of the concept of the public cloud. As we begin the year, the trends that will drive the technology industry through 2018 are becoming apparent. Among these trends is a greater maturity surrounding discussions about cloud computing.
In this webinar attendees will learn how 2018 will be a year where the importance of robust multi-cloud management capabilities becomes clear. Organizations of all sizes will seek out solutions that transcend any individual public cloud provider while still providing visibility and management of their own on-premises environments.
A single weak point in a line of code can create an open door for attackers. Threats originating from applications are now more pervasive than ever. We believe that the best defense against application vulnerabilities is a good offense.
In this webinar, we will share results from our recent primary research study that reveals:
• The top five application security risks
• Where these risks originate
• How to remediate these risks
• Best practices to protect your business, protect your customers
Protecting student and district data, privacy, and safety with their limited IT resources is a tall order for K-12 institutions. This no-cost webinar is for districts and their consultants considering the E-rate program for funding firewall services. Join our education and E-rate experts to learn:
•About Palo Alto Networks and how we uniquely protect students, data, and networks
•How your peers have successfully leveraged E-rate funding to create safe learning environments
•Which Palo Alto Networks products are eligible
•Where to find E-rate resources
David Cumbow is a Systems Engineering Manager with Palo Alto Networks. Prior to coming to Palo Alto Networks, David spent 13 years in the public sector working for the third-largest K-12 school district in Riverside County. Having worked jobs from Database Administration to Virtualization, David found a passion for Networking and Security. With eight years in the security field, David has led many K-12 Districts in California to a better security posture through guidance and peer-to-peer consulting. David holds a Bachelor of Science in Computer Science from California State University.
Greg Herbold is Director of the U.S. State/Local Government and Education (SLED) segment at Palo Alto Networks, where he is responsible for creating solutions and programs to protect our way of life in the digital age by preventing successful cyberattacks. In this capacity, he leads strategy and planning, marketing, solution development, sales programs, channel partner development, contracts, compliance and industry relations for the segment. Greg holds a Master of Arts from Georgetown University and an HP-Stanford Innovation and Entrepreneurship Certificate from the Stanford Graduate School of Business.
The recently disclosed Meltdown and Spectre vulnerabilities negatively impact the security of virtually every computer in the world today. These vulnerabilities allow an attacker to gain control of a computer’s processor and steal data located on that computer. Organizations that store data in the cloud are particularly susceptible.
During this webcast, Jimmy Graham, Director of Product Management for Qualys Threat Protection and Asset Inventory, will showcase solutions that can help you determine the impact of Spectre and Meltdown across your global IT environments.
By attending this webcast, you will understand how:
• To quickly and easily visualize Spectre and Meltdown vulnerabilities within your environment
• To track remediation progress as you patch against Spectre and Meltdown
• The Qualys Asset Inventory and Threat Protection apps, which will help you automate detection and track remediation progress
The webcast will include a live Q&A session.
Meltdown and Spectre have set the scene for 2018 and make attending our webinar even more of an imperative. This year is going to see it all and we have top panellists and audience members joining. The US Secret Service’s Mark Grantz, Middle East’s top Cybersecurity executive, Tushar Vartak, Europes most recognised Cybersecurity and AI visionary Ramses Gallego, Cybersecurity SME Wieland Alge, a NATO cleared hacker and of course, your very own Amar Singh, CISO and co-founder of Wisdom of Crowds and Cyber Management Alliance Ltd.
Join the debate, Share your opinions and hear a wide range of experts share their experience and insights.
Cyber Management Alliance brings you our interactive and educational webinar, inaugurating the new year with an exclusive webinar on what to expect, how and what the criminals are going to do (or not do) and what you can do to protect yourself.
Yes, we know GDPR is around the corner, but we believe there is much more ahead than just privacy concerns.
Join to hear Palo Alto Networks cybersecurity predictions for 2018 and get recommendations on how to mitigate against them to achieve a more resilient posture in the new year. Experts will dive into predictions on the threat landscape, cloud security, cyber hygiene, endpoint protection, IoT, machine learning and more.
Here’s a sampling of some of the predictions our cybersecurity experts will review:
•Ransomware Prevention more important than ever
•The Internet of Things blurs the line between personal and corporate security
•The era of Software Supply-Chain attacks has begun
•The Cloud will accelerate channel partner migration to next-generation security innovators
•Advances in Machine Learning will improve both patient care and cybersecurity
•Cyber hygiene for financial institutions found non-compliant with SWIFT mandatory security controls
Is your data protection infrastructure slowing you down? Staff and time are a limited resource. But all too often, addressing tactical matters supporting your systems consumes most, or all, of both.
Eliminate the slowdown and consolidate the point solutions and appliances that consume your time.
In this webinar we will introduce you to an appliance that gives you a turnkey data protection solution that’s designed, tested, built and supported entirely by Commvault. With it, you’ll save time across:
Acquisition: you won’t have to research components and compatibilities, or manage complicated orders
Installation and Integration: no need for your team to assemble, test, and monitor multiple components
Administration: with a simple, intuitive graphical user interface, an IT generalist can monitor performance, set policies, and enable self-service capabilities
Patching: a single update puts you on the latest software version, eliminating the need to track compatibility across vendors
Support: one call is all you’ll need to resolve any issue across the entire hardware and software stack
You can choose to scale out the appliance, or choose Commvault HyperScale™ Software with your preferred hardware vendor.
Join us to learn more about this game-changing solution.
Learn the pragmatic and simple approach to deal with GDPR
Join Fred Streefland, senior product marketing manager at Palo Alto Networks and guest speaker Mark Child, managing director at Xcina Consulting, for an informative webinar about taking a pragmatic approach to the GDPR and compliance.
Attend this event to understand:
- New cybersecurity legislation and the main elements of the GDPR
- What’s in the GDPR and what’s not
- Security-specific recitals and articles
- The U.K. Data Protection Bill and modifications to the GDPR
- How Palo Alto Networks can help you become GDPR-compliant
We do hope you can join us for this exclusive webinar.
"Your fees are too high; can you do it for less?" In the highly competitive marketplace we hear dreaded phrases like this all of the time. The easy thing to do is to offer a discount, but that cuts into your profit margins and sets a precedent for the future. You don’t want to become a victim of discounting gone wrong. So what do you do when clients push back on your fees? This webinar runs through the 4 things you can do when clients put pressure on you to lower your fees
Pushing Docker-based applications into production radically changes the way you monitor & troubleshoot your environment.
Join Sysdig for a review of the challenges of this new infrastructure and get live examples of monitoring and troubleshooting containers and orchestration systems like Kubernetes for optimal efficiency.
During this webinar you’ll learn:
- How should you monitor services built on top of containers?
- What metrics become more relevant in Docker-based environments?
- How do you construct alerts most effectively?
- How do you troubleshoot containers that are rapidly coming and going?
The webinar will focus on demonstrating open source tools, like Prometheus, and commercial tools, such as Sysdig Monitor, that help you solve these new challenges. You’ll walk away with ideas that you can immediately put to work in any scale environment.
Two critical European regulations are rolling out in 2017 and 2018. The General Data Protection Regulation (GDPR) is designed to strengthen the safeguards around personal data and create a more uniform standard within the European Union (EU), while eIDAS is the European Regulation aimed at creating a framework for cross-border electronic identification and transactions across EU member countries.
Paperless vs. Privacy is a real issue facing business in the EU, and around the world. Both eIDAS and GDPR have global ramifications and affect a broad group of industries. Complying with both of these regulations can be a real hardship for some small to mid-size companies.
Please join us for our BrighTalk webinar where our resident Public Key Infrastructure expert, Eric Avigdor, will help you tread the waters of eIDAS vs. GDPR. Which one is most important for your business? What are the consequences of non-compliance? We will also discuss how to comply with multi-factor authentication, physical access, and encryption requirements.
As European financial institutions work towards compliance with PSD2, there's an intense focus on securing customer data as it's opened up to third parties.
Essential requirements around securing APIs to enable direct payments and account aggregation are accompanied by increased regulations for strong customer authentication. Financial institutions are looking to improve their management of digital identities to ensure customer data remains private.
Not only can a modern digital identity platform help companies with API security and authentication requirements, it can also drive innovation in areas like consent management, with dashboards that allow customers to control their personal data at a granular level. Banks can embed identity into their digital platforms in order to use PSD2 as a strategic opportunity to build trusted relationships with their customers.
Cloud Security has recently filled everyone's network security forecast. Everyone is talking about it, but are they talking about the same thing? Today's webinar puts a framework around a term that has become ever-present in today's conversations even though its definition has not.
Join us as we discuss:
- How cloud security differs from a public cloud, a private cloud or a hybrid cloud
- How cloud technologies impact a company's security options
- How do you defend against attacks of third-party providers of IT services
- How to develop policies and procedures to test and evaluate servers over which you have no physical control
To better understand what cloud security means to you, register now.
Get a sneak peek at new legal research conducted by EDRM/Duke Law, Exterro and BDO Consulting on how judges are enforcing new e-discovery rules in their courtrooms along with judicial insight for improving e-discovery outcomes. In this webinar, two federal judges will walk attendees through the judges survey results and offer their own perspectives for implementing defensible but yet proportional e-discovery practices.
We'll discuss what federal judges see as:
- The primary cause of e-discovery problems and how to fix them
- The easiest way for legal teams to improve e-discovery outcomes
- The "must-do" preservation activities to ensure your actions are defensible
Hosted by George Socha, cofounder, EDRM. Sponsored by Exterro.
Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. Load Balancing offers different types of load balancers that all feature the high availability, automatic scaling, and robust security necessary to make your applications fault tolerant.
-Understand how Load Balancers can help optimize your cloud resource utilization and reduce costs
-Identify the security implications of Load Balancers
-Look at why monitoring Load Balancer deployments is so important
Equipped with Imperva’s own research, interactions with our customers, and a wealth of crowdsourced data analyzed from installations around the world, we’ve looked ahead to the future of Internet security. Join Terry Ray, CTO of Imperva, as he provides insight into cybersecurity trends for 2018, including:
· The impending arrival of massive cloud data breaches
· The growth of crypto-currency mining attacks
· Malicious use of AI and AI deception
· Cyber extortion's increasing focus on business disruption
· The evolution of insider breaches
About the presenter:
Terry Ray has global responsibility for Imperva’s technology strategy. He was the first U.S.-based Imperva employee and has been with the company for 14 years. He works with organizations around the world to help them discover and protect sensitive data, minimize risk for regulatory governance, set data security strategy and implement best practices.
As organizations embrace cloud infrastructure, DevOps methodologies, PAAS, IoT and mobile workforce, there are new risks coming from a broader attack surface. Vulnerability management designed for traditional assets is not enough. To improve security, you need to rethink how you do things. For example, containers have become the de facto standard in cloud architectures today, which means that security needs to move into developers’ build processes while complementing existing solutions.
Attend this webinar to discover:
•Where vulnerability management for today’s assets needs to start
•What the new faces of attacks and remediation look like
•Why prioritization should not be based on scan results
•Why reports using Excel are no longer the answer
•How DevOps can be part of the solution to incorporate security
Join Tenable and (ISC)² on Jan 24, 2018 (Wed) at 14:00 (Singapore time) to learn how to minimize cyber exposure in a world of cloud, containers and other modern assets.
Presenter: Robert Healey, Senior Director Marketing, APAC, Tenable Network Security
Moderator: Clayton Jones, Regional Managing Director, APAC, (ISC)²
How Data Classification can help support your Data Governance and Protection Initiatives.
Data classification is no longer a nice to have – it is a necessity – particularly with new data protection regulations like the GDPR just around the corner. Join us for this webinar featuring guest speaker Sue Robinson from Aspen Insurance, who have recently implemented a best-of-breed data classification solution across their organisation globally.
Watch this webinar to learn:
• How to approach a data classification project
• Learnings from planning and implementing a data classification project
• How data classification supports more effective data governance
• What to consider when evaluating a classification solution
The challenges of SaaS applications such as Office 365 or Box are already here whether they are enabled by IT or end users themselves. With the adoption of SaaS, your data is now outside your traditional network perimeter and any changes to how the data is shared, who it is shared with and if it is free of malware is no longer known by your organization. History has shown that when a significant risk arises, a point solution is applied to address it. Defenses made up of multiple point products that do not integrate leave gaps that may expose your organization to attack.
Join us for this live webinar where we will examine the various stages of a real-world attack targeting your SaaS applications. You will learn how to prevent these attacks at every single point in the security kill chain with a natively integrated Next Generation Security Platform and learn how to:
* Gain visibility and granular, context-based control of SaaS applications
* Protect corporate data from malicious and inadvertent exposure after it has left the traditional corporate perimeter.
*Satisfy compliance requirements while still maintaining the benefits of SaaS based application services
In today’s threat landscape, modern security teams recognise that compromise is inevitable. However, that does not mean that a breach should be inevitable too.
Today’s security leaders must bring together the people, process and technology to enable threat hunting. Detect and alert strategies need to be revamped to shift from reactive forms of incident response to proactive threat hunting.
Join Rick McElroy, Security Strategist for Carbon Black, to learn how better to enable your hunt.
1.Understand the role of threat hunting in a resilient cybersecurity strategy
2.Learn how to create a culture of threat hunting and embed it within your security strategy
3.Discover how to mature your threat hunting program
4.Learn how to create an ROI for threat hunting
5.Gain practical insight into the steps to take in order to start threat hunting
Moderator: Adrian Davis, Managing Director, (ISC)² EMEA
Rick McElroy, Security Strategist, Carbon Black
Joe Moles, Director of Detection Operations, Red Canary
Please join Tufin as we brief our customers on the release of Tufin Orchestration Suite™ R17-3, Advancing Our Leadership in Automation: Pioneering the Automation Journey to the SDN and More. We’ll cover the different facets of automation features in the release including automation and provisioning for VMware NSX, support for Check Point Identity Awareness Blade, and end-to-end group modification automation.
Other items covered include:
Policy optimization for Cisco Firepower
Enhancements to topology to further support “what-if” analysis
Policy Browser search enhancements
Changes to cloud license enforcement
During this 20-minute webinar, learn how developers can stay ahead of vulnerabilities that can disrupt the software development lifecycle (SDLC). See how Veracode Greenlight finds security defects and provides contextual remediation advice to help you fix issues in seconds, right within your IDE. Coupled with the use of Veracode’s developer sandbox, teams can scan code without alerting security or affecting an application’s overall compliance with policy.
As a result you will be able to:
•Reduce overall costs by 3x when compared to testing during the QA phase
•Increase the fix rate of flaws using sandbox scans
•Get your organization on track to move towards a DevOps and continuous release cycle
Balancing DevOps Speed with Quality: Environment Automation to the Rescue
A Prescriptive Approach to Innovation for the Modern Enterprise
Organizations in every industry face opportunities and threats caused by digitally empowered customers. Acquiring new customers — or losing existing ones — has never been easier. Companies can't afford to move fast only in some areas; the whole organization must race together toward customer obsession. Application development and delivery (AD&D) professionals must master development and operations (DevOps) and modern application delivery processes across their entire software portfolio to win in the digital marketplace. As software environments become increasingly distributed and complicated, modeling such environments authentically in the Dev/Test stage becomes critical to speed and quality. Giving timely access to such environments early on in the Dev/Test cycle, with self-service can help break silos and increase productivity allowing organizations to scale their software development and shift into higher gear – all with better governance and business insights.
How do you move fast with increased agility without increasing risk?
This webinar will share state-of-the-art research from Forrester including trends and best practices, and information from Quali on how to drive this with cloud sandboxes as part of the release cycle with on-demand, self-service environments.
Enterprise DevOps architects, Release Management professionals, Cloud architects and professionals from ITOps are encouraged to attend.
While there have been many improvements around securing containers, there is still a large gap in monitoring the behavior of containers in production and taking action on any abnormal behavior. That’s why we created Sysdig Falco, the open source behavioral activity monitor for containerized environments.
Sysdig Falco can detect and alert on anomalous behavior at the application, file, system, and network level. In this webinar attendees get a deep dive into Falco and learn:
-How does behavioral security differ from existing security solutions like image scanning?
-How does Falco work?
-What can it detect?
-How to build and customize rules.
-How to extend with alerting options.
Who should attend?
If you're managing containers in production, or just beginning our container exploration, you'll want to attend to understand the security paradigms of containers and how to secure them.
It’s that time when we strive to rid ourselves of old habits and embrace fresh ideas. In security, threat intelligence is certainly seen as one of those fresh ideas. According to Gartner’s recent “Market Guide for Security Threat Intelligence Products and Services,” “One benefit of threat intelligence is that it improves decision making in core security processes, such as incident response and policy enforcement. Better visibility of the threat landscape helps CISOs justify the need for additional resources and understand the problems they encounter.”
In this webinar, Allan Liska, author of “Threat Intelligence in Practice,” will address five practical steps from Gartner’s report to help you make better use of threat intelligence in your organization, including:
• Understanding the threat intelligence lifecycle.
• Knowing the difference between data feeds and threat intelligence.
• Centralizing, customizing, and collaborating with intelligence.
• Integrating with your existing security infrastructure.
• Using vulnerability intelligence to power smarter patching.
Join us live on Thursday, January 25th at 10:00 am for a 45-minute FREE webinar& demo to discover how SAP Learning Hub gives unlimited access to all of SAP’s learning content and certification paths, as well as opportunities for collaboration, social learning and access to live systems in which to practice. SAP Education and the UK & Ireland SAP User Group have collaborated to offer SAP customers a significant discount (up to 64%*) on an SAP Learning Hub subscription.
Caroline Kinsman is an experienced senior education architect who has worked within the field of SAP Education Solutions for over seventeen years. Responsible for designing and delivering successful education programmes for ERP system implementations at both national and multinational organisations. A qualified Chartered Accountant and fluent in three languages Caroline is able to bring her considerable wealth of business experience to a range of stakeholders and sponsors at many levels within an organisation. With twenty years of experience in project team training and consulting, she is able to engage on multiple levels from the strategic to the practical within a project environment. Caroline's experience covers a multitude of sectors including pharmaceutical, public sector, financial services, utilities, oil and gas, consumer goods and automotive. Specialties: A holistic education approach from cradle to grave; detailed knowledge of Project Team Training and SAP Learning Hub.
Nigel Williams presents a data management perspective driven both by GDPR together with the shift to digital business. In it, we propose an approach that takes the requirements of GDPR as a catalyst for change and seek a wider set of benefits from the investment made to meet the new privacy requirements - including deriving business value and protecting data more effectively.