Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Best Practices for Managing Open Source in an Organization and Throughout M&A
    Best Practices for Managing Open Source in an Organization and Throughout M&A Mark Radcliffe, Partner, DLA Piper/General Counsel OSI; Anthony Decicco, Shareholder, GTC Law Group & Affiliates Live 60 mins
    The use of open source has surpassed the occasional and solidified itself as the standard. In fact, the Black Duck by Synopsys 2018 Open Source Security and Risk Analysis found that 96% of the applications we scanned last year contained open source components.

    It’s increasingly difficult to properly manage open source in an organization to ensure compliance with the over 2,000 different licenses in use today and defend against new vulnerabilities, which surface frequently.

    Join this webinar with top open source legal experts Mark Radcliffe (partner at DLA Piper and general counsel for the Open Source Initiative) and Tony Decicco (shareholder, GTC Law Group & Affiliates) as they discuss best practices for managing open source in an organization and throughout an M&A transaction:

    - How do you conduct an open source / third-party software audit?
    - How do you get the most out of your Black Duck code scan?
    i.e. Handling license compliance issues and managing security vulnerabilities
    - What are key aspects of an effective open source / third-party software policy for both inbound use and outbound contributions?
    - What are key success factors for effectively releasing code as open source?
  • Hot Topics for Internal Audit
    Hot Topics for Internal Audit Tim Lietz and Ed Williams of Experis Finance Live 60 mins
    Experis Finance is pleased to announce the first of our Hot Topics Series for Chief Audit Executives and their teams. Our goal is to provide you with a series of webinars that provide practical insights on topics of interest to internal audit professionals. Our first session will cover Agility and preparing for Robotic Process Automation.

    The webinar will provide participants with the following learning objectives:

    •Define Agility in the context of Internal Audit
    •Share pragmatic insights in how to define and execute an Agile transformation
    •Discuss RPA and in practical terms as companies begin to assess, plan and implement
    •Highlight the role of audit in assessing the overall RPA plan
    •Link the opportunities of RPA to the concepts of Agile Auditing

    Presented by:
    Tim Lietz – CIA, CRMA, MBA
    Regional Director, Risk Advisory Services
    Experis Finance

    Ed Williams CIA, CRMA
    Sr. Manager, Risk Advisory Services
    Experis Finance
  • Verizon Threat Research Advisory Center - Insider and Privilege Misuse
    Verizon Threat Research Advisory Center - Insider and Privilege Misuse David Kennedy and John Rudolph, Verizon Global Security Recorded: Jul 18 2018 79 mins
    Leverage Threat Intelligence where it matters most.

    Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing (MIB) to discuss the current cybersecurity threat landscape.

    This month's theme: Insider and Privilege Misuse

    Our Verizon Threat Research Advisory Center presenters will be:

    • John Rudolph, Principal Consultant, Identity and Access Management
    • Steve Atnip, Senior Analyst, Threat Intelligence
    • David Kennedy, Managing Principal, Open Source Intelligence
    • Laurance Dine, Managing Principal, Investigative Response – EMEA

    For this month's theme of 'Insider and Privilege Misuse' we'll feature John Rudolph, Principal Consultant, Identity and Access Management who'll discuss insider threat motivations, common denominators, and countermeasures, to include the Zero Trust approach. We'll then touch base on the IR Pulse and trends in our caseload, followed by:

    • Current Intelligence
    • Attacks & Threat Indicators
    • Latest Malware Trends
    • Significant Vulnerabilities
  • Your Growing Cloud Investment: The Magic Formula for Your Cloud Success Story
    Your Growing Cloud Investment: The Magic Formula for Your Cloud Success Story Todd Bernhard, CloudCheckr Product Specialist, Ian Thorton-Trump, Cybersecurity Expert, Laurent Mombel, N2WS System Engineer Recorded: Jul 18 2018 57 mins
    Abracadabra AWS! Presto change Cloud!

    Magic words alone are not enough to deliver the return on investment and cyber security out of your AWS cloud. Join N2WS for a great Webinar Magic Show. We will dispel your business’s fears of cloud migration, demystify cloud compliance and escape from the dunk tank of complexity – especially when it comes to managing backup and ensuring uptime.

    Hosted by cybersecurity expert Ian Thornton-Trump, N2WS System Engineer, Laurent Mombel, and CloudCheckr Product Specialist Todd Bernhard, we will spend an hour brewing up a cauldron of information for you - using the recipe for AWS success:

    - Rapid Recovery
    - Flexible Backup
    - Shrink Downtime
    - Why hybrid is dangerous
    - Benefits for small, medium and large companies
    - Maintain Compliance
    - Ease Auditing

    Alakazam! See you there!
  • Protecting and enabling 21st century industrial networks at scale
    Protecting and enabling 21st century industrial networks at scale Del Rodillas, Head of Industrial Cybersecurity Solutions & Lionel Jacobs, Senior ICS Security Architect, Palo Alto Networks Recorded: Jul 18 2018 62 mins
    Modernization initiatives such as "Industry 4.0" and "Industrial IoT" are pushing industrial networks to be more connected as well as more complex and challenging to protect. In this session we will demonstrate how you can establish granular visibility and consistent security policy to your SCADA deployment, IIoT and remote sites in even the harsh environments. In other words, we can show you how to protect all of your IT AND OT infrastructure.

    Join this webinar to learn about:

    - Consistent and integrated deployment securing traffic across the SCADA core, remote sites, controlled/harsh environments, IIoT and industrial cloud
    - Zero-trust segmentation using the PA-220R ruggedized Next-Gen Firewall across IT and OT environments
    - Leveraging central management to increase administrative efficiency and provide cybersecurity and ICS network traffic intelligence to OT and IT
  • [VIDEO PANEL] Cyber Security in Europe: An Executive Perspective
    [VIDEO PANEL] Cyber Security in Europe: An Executive Perspective Kevin Taylor, EMEA VP; Stuart McKenzie, EMEA Mandiant VP; Simon Moor, NEUR VP; Richard Weaver, Data Privacy Officer Recorded: Jul 18 2018 38 mins
    Cyber breaches are inevitable because attackers constantly change their tools, techniques and procedures (TTPs). Everyone is affected in different ways, whether from compromised systems or supply chains to the financial implications of non-compliance and breach notification.

    Join us for a live video panel on trending topics in cyber security:
    -Breach notification sources, dwell time and industries mostly likely to be compromised and retargeted by attackers
    -Importance of understanding cyber attackers and their motives
    -Red teaming to improve security effectiveness
    -Cyber security skills gap
    -Direct and indirect costs of a breach
    -Requirements, processes and policies to handle the GDPR
  • Attacker’s Advantage - Understand How & Why Cyberattackers Beat Your Defence
    Attacker’s Advantage - Understand How & Why Cyberattackers Beat Your Defence Robert Healey, Senior Director Marketing, Asia Pacific, Tenable Network Security Recorded: Jul 18 2018 60 mins
    In its inaugural report, Tenable Research explores who has the first-mover advantage – cyber criminals or security teams? What’s the difference in time between when an exploit is publicly available for a given vulnerability and the first time that security teams actually assess their systems? And why does this even matter to your organization?

    The research team analyzed the 50 most prevalent critical and high-severity vulnerabilities from just under 200,000 vulnerability assessment scans over a three-month period. What did they find?

    Alarmingly, all too often, the attackers have the advantage. On average, they have a seven-day head start on defenders. Threat actors are sprinting ahead, exploiting vulnerabilities before security teams have even left the starting blocks – before businesses even know they’re at risk.

    Join Tenable and (ISC)² on Jul 18, 2018 (Wed) at 14:00 (Singapore Time) to understand how and why cyber attackers are beating your defence.

    Presenter: Robert Healey, Senior Director Marketing, APAC, Tenable Network Security
    Moderator: Tony Vizza, CISSP Director, Cybersecurity Advocacy for APAC, (ISC)²
  • How To Manage Your Risk with Threat Intelligence
    How To Manage Your Risk with Threat Intelligence Rob Van Der Ende, Vice President Asia Pacific & Japan, FireEye Inc. Recorded: Jul 18 2018 24 mins
    Organizations continue to fight an asymmetric battle on the cyber front. Attackers are sophisticated, well-funded, well-organized and use highly targeted techniques. Security teams routinely struggle to understand which cyber threats pose the greatest risk to them and how to prioritize those they discover.

    Most organizations stake their security efficacy on legacy, signature-based tactical intelligence feeds that can’t anticipate attacks or provide context to guide response. Instead, these feeds increase alert volumes with false positives that make it nearly impossible to detect attacks and provide a false sense of security.

    The right threat intelligence can help organizations drive business efficiencies, by proactively assessing and managing risks that are relevant, improved detection and prevention of attacks, and building attack context for the alerts that they face.

    Find out how threat intelligence helps you stay on top of an evolving threat landscape.
  • Trends in Security: How to Create a Scalable Threat-modeling Practice
    Trends in Security: How to Create a Scalable Threat-modeling Practice Chandu Ketkar, Principal Consultant, Synopsys Recorded: Jul 17 2018 45 mins
    For most organizations, performing threat-modeling is a difficult and an expensive undertaking. There are good reasons why this is the case. Threat modeling traditionally requires an experienced security architect with knowhow in architecture patterns, design patterns, a breadth of technologies, and above all deep security knowledge.

    Join this webinar and learn:

    - Consistency/Reliability: Use of patterns allows us to identify recurring problems/patterns and provide consistently the same solution. In security this means that identifying patterns during threat modeling will allow us to create consistent design, development, testing, and risk guidance.

    - Efficiency: Use of patterns allows us to automate some part of a problem while leaving the more complex concerns to be tackled by experts. This creates efficiencies.

    - Commonly understood taxonomy: Patterns create a common taxonomy for organizing knowledge, training users/practitioners, communicating with stakeholders (developers, testers, architects, security analysts, etc.)
  • A View from the Top: IT Spending at the World’s Largest Companies
    A View from the Top: IT Spending at the World’s Largest Companies David Lantsman Recorded: Jul 17 2018 11 mins
    In this session, IDC will share insights into the IT spending patterns of some of the world’s largest companies. These firms are often among the first to embrace transformative, innovative technologies in an effort to delight customers and reinforce their position at the top of the pack. The web conference will showcase findings from IDC’s Worldwide Wallet IT research program, which estimates budgets and forecasts spending by region for more than 4,000 of the world’s largest enterprises. Join us for this webinar to see how IDC creates these data, and why the largest domestic and international IT vendors use IT wallet research to gather tactical data enabling more effective sales operations and marketing analytics.

    Takeaways:
    -Full understanding of breadth/depth of IDC’s IT Wallet database
    -Companies with largest anticipated increases in spending
    -Understanding of how top WW firms dominate WW IT spending
    -Top IT Spender Highlight
  • Reducing Risk by Examining Threats that are Forming in the Cyber Ecosystem
    Reducing Risk by Examining Threats that are Forming in the Cyber Ecosystem Michael Suby, VP of Research at Frost & Sullivan, and James Carnall, VP of Customer Support Group at LookingGlass Recorded: Jul 17 2018 63 mins
    In the highly dynamic online landscape of misinformation, fake news, gossip, and the trading of absconded data, organizations must expand their cybersecurity arsenals in protecting their brands, personnel, facilities, and sensitive information. They must take into account what exists outside the perimeter in the greater cyber ecosystem: the surface, dark, and deep web. Locating and assessing these threats, however, is a challenge for even experienced threat hunters. The tools and techniques are non-standard. You should ask yourself, “Is my security team ready to tackle what lies beyond the perimeter?” If not, let us shed light on this topic. Register for LookingGlass' "Threats Beyond the Perimeter" webinar on Tuesday, July 17 @ 2 pm ET to hear Michael Suby, VP of Research at Frost & Sullivan and James Carnall, VP of Customer Support Group at LookingGlass discuss how these scenarios may affect your brand, employees, and facilities.
  • Harnessing Cybersecurity Automation
    Harnessing Cybersecurity Automation Holly Schipper, Product Marketing Manager, Cybersecurity. Juniper Networks Recorded: Jul 17 2018 21 mins
    An understaffed security workforce is struggling to protect your evolving enterprise from ever changing cyber threats. Automation could be the answer to hardening your security posture in these shifting sands. However, the task of implementing automation across such a diverse and continuously morphing environment presents a challenge.

    In this webinar, we will discuss the benefits, complexities and best practices of implementing security automation.
  • BYOD: Do benefits of personal devices at work outweigh drawbacks?
    BYOD: Do benefits of personal devices at work outweigh drawbacks? EDRM and AccessData Recorded: Jul 17 2018 63 mins
    Bring Your Own Device (BYOD) policies present many benefits for both employees and companies, but they also bring unwanted risk associated with allowing individuals to access and share company information through non-monitored personal devices.

    AccessData and Corporate Counsel Business Journal have partnered on a survey of Corporate Legal professionals to identify current BYOD trends and concerns, and understand the impact it is having on e-discovery. Join us for this one-hour webinar where we will review the findings of this exclusive survey and highlight best practices for organizations allowing personal device use for business purposes, to help ensure data is protected and accessible in the event of e-discovery.
  • How can static analysis help DevOps teams maintain velocity securely?
    How can static analysis help DevOps teams maintain velocity securely? Meera Rao, senior principal consultant and director of the secure development practice - Synopsys Software Recorded: Jul 17 2018 46 mins
    Static application security testing (SAST) is the process of examining source code for security defects. SAST is one of many checks in an application security assurance program designed to identify and mitigate security vulnerabilities early in the DevOps process. Integrating SAST tools into DevOps processes is critical to building a sustainable program. And automating these tools is also an important part of adoption, as it drives efficiency, consistency, and early detection.

    If you have questions like these, and you’re concerned about integrating SAST tooling into your DevOps process, this session will offer actionable advice to automate security testing that supports DevOps velocity.

    But DevOps practitioners looking to integrate SAST tools into the DevOps pipeline often have questions:

    How do I manage false positives?
    How do I triage the results?
    What happens to new issues identified?
    How can I use a tool in my DevOps pipeline?
  • Inside (ISC)²: Virtual Town Hall – Enrich. Enable. Excel
    Inside (ISC)²: Virtual Town Hall – Enrich. Enable. Excel Wesley Simpson, (ISC)² COO, Mirtha Collin, (ISC)² Sr. Ed. & Training Mgr., Michelle Schweitz, (ISC)² Media Mgr. Recorded: Jul 17 2018 59 mins
    (ISC)² is committed to delivering value to our members, providing a transparent view of the organization’s developments and plans for the future. To that end, please join (ISC)² for a virtual Town Hall meeting on July 17, 2018 at 1:00PM Eastern to review many of our new member benefits, service offerings and look at what is still to come in 2018, including enriching professional development opportunities, Security Congress and more. Members and non members alike will enjoy the opportunity to learn how (ISC)² is delivering on its value promise.
  • Making Clouds Secure Again (or for the First Time!)
    Making Clouds Secure Again (or for the First Time!) Doug Cody, Solutions Architect, Synack Recorded: Jul 17 2018 48 mins
    Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:

    The shared model for cloud security
    What cloud providers protect...and what they don’t
    How to migrate securely to the cloud
    What penetration testing for cloud environments does differently
  • Accudata's White-Hat Files | July 2018 Edition
    Accudata's White-Hat Files | July 2018 Edition Anton Abaya, CISA, PCI QSA, Senior Consultant Recorded: Jul 17 2018 16 mins
    Our third White-Hat File comes from Anton Abaya, CISA, PCI QSA, Senior Consultant in Accudata’s Risk and Compliance practice.

    In this 15-minute webinar, he’ll describe the most effective ways he’s used social engineering and phishing techniques to crack into companies, as well as the best practices you can implement to ensure these attacks don’t work on your business.

    Register for the August edition of the White-Hat Files here: https://www.brighttalk.com/webcast/16347/330367
  • World Map of Malware: The Geography of Hostile Code
    World Map of Malware: The Geography of Hostile Code Dr. Kenneth Geers, Chief Research Scientist Comodo Cybersecurity Recorded: Jul 17 2018 55 mins
    Zero-day malware--new malware that has never been seen before-- continues to plague businesses of all sizes. Millions of these unknown files are being crafted or modified each year. They cannot be detected by existing security systems; they hide on endpoints and networks and remain among the most important and effective tools hackers use.

    Join Chief Research Scientist at Comodo Cybersecurity and NATO Cooperative Cyber Defense Centre of Excellence Ambassador, Dr. Kenneth Geers as he analyzes how geopolitical events affect malware in the world's hottest cyber-attack zones. Webinar attendees will learn:
    • How cyber defenders benefit from spending more time on strategic cyber defense analysis.
    • Why cities, countries, continents, verticals and even geopolitical events have their own malware fingerprint.
    • How threat research and intelligence can quickly provide actionable intelligence to Network Security professionals at the tactical level.

    The session draws on data from Comodo Cybersecurity's Threat Intelligence Team's analysis of 300 million malware incidents in the first six months of 2018 and how you can leverage this technology to enhance your IT infrastructure.
  • Six Strategies for Balancing Risk with Data Value
    Six Strategies for Balancing Risk with Data Value Philip Russom, Senior Research Director, TDWI & Ian Rowlands, VP of Product Marketing, ASG Technologies Recorded: Jul 17 2018 63 mins
    Managing data for value is a business-oriented focus on the potential of data. It complements the all-too-common obsession with data’s technical requirements. Data value recognizes that data is a valuable business asset and should be leveraged accordingly. If you are managing data for value, your asset portfolio of data should be protected, grown, and governed.

    Data’s value should be documented and quantified centrally to provide data intelligence for both business and technical users who work with data. Data intelligence is a combination of data and metadata, plus additional information and functionality, such as lineage tracking, quality metrics, data cataloging, glossaries, and machine learning for the automation of data management. Without data intelligence, the fullest value of data cannot be realized.

    Data value, data compliance, and data intelligence have an indivisible relationship. This is critical, considering that the European Union’s General Data Protection Regulation (GDPR) will become effective in May 2018. For example, data value provides strong fundamental skills and infrastructure for teams who must achieve data compliance. Furthermore, when data intelligence includes governance and sensitivity metrics, it can contribute significantly to achieving data compliance and proving such compliance in an audit.

    In this TDWI webinar, we’ll consider data value and intelligence in the context of compliance. You will learn about:
    - Definitions of data value and data intelligence
    - The evolving data compliance landscape, especially the EU’s GDPR
    - How data value and intelligence can impact data compliance efforts
    - Six strategies for balancing compliance with data value
  • What's New With WhiteSource? May Product Update
    What's New With WhiteSource? May Product Update David Habusha, VP Product at WhiteSource Recorded: Jul 17 2018 41 mins
    Check out our latest product update webinar to hear about our ground-breaking, new technology, the Effective Usage Analysis, as well as other, cool product enhancements that will revolutionize the way you secure and manage your open source components.

    Here's a sneak peek of what we will be discussing:

    - Our new technology, Effective Usage Analysis
    - Web Advisor
    - Contextual pattern matching engine
    - Support for over 200 languages
    - Container security solution
    - Unified Agent
    - CVSS Version 3
  • Customer Interview - CNO Financial - Improvements with Keylight
    Customer Interview - CNO Financial - Improvements with Keylight Shelly Hogan - CNO Financial, Sam Abadir - Lockpath Recorded: Jul 17 2018 3 mins
    Hear how CNO Financial has benefited from implementing the Keylight GRC Platform for their Compliance and Policy Management program.
  • The Future of Military Messaging
    The Future of Military Messaging Raymond Kelly - Account Director for Defence, Intelligence and NATO Recorded: Jul 17 2018 5 mins
    Join Raymond Kelly our Account Director for Defence, Intelligence and NATO in a short video explaining the uses of military messaging, how the military messaging market is changing and what Boldon James are doing to stay at the forefront of it.
  • Why InsurTech Matters For Corporate And Specialty Insurers
    Why InsurTech Matters For Corporate And Specialty Insurers Chris Sandilands, Partner, Oxbow Partners and lead author of InsurTech Impact 25 Recorded: Jul 17 2018 61 mins
    Less than two years ago, the majority of Insurtech startups were focused on developing propositions for personal lines. Most aimed to disrupt or displace conventional distribution channels, with digital products and services that made the purchase of insurance quick, simple, and more user-friendly than ever before.

    Facing a market saturated by innovation for personal lines, ambitious Insurtechs are now clamouring to crack the commercial market. With solutions being developed to address the challenges of underwriting complex and specialty risk, 2018 is widely tipped to be the year of commercial Insurtech.

    Join Intelligent InsurTECH Europe in association with Oxbow Partners, as they discuss why Insurtech matters for corporate and specialty insurers.

    Confirmed panelists:

    •Georgi Pachov, Global Practice Leader Cyber, Allianz Global Corporate and Specialty (AGCS)
    •Nikolaus Sühr, CEO & Founder, KASKO
    •Iain Wilcox, Chief Executive Officer, GWT Insight

    Tune-in to discuss:
    •Discover the startups focusing on complex, commercial risk, and identify the most promising Insurtechs already delivering tangible results for leading commercial insurers today
    •With AI, IoT and Blockchain under the spotlight, get up to speed with the latest use cases for commercial lines, including AI-driven underwriting, sensor-based asset monitoring and prevention, and parametric insurance
    •Understand how emerging technologies are already being used to deliver better and cheaper products to corporates, and discuss what it takes to harness new data sources to provide better technical pricing and new and innovative services to commercial clients
  • Incident Remediation: Could this have been prevented?
    Incident Remediation: Could this have been prevented? Manfred Erjak, Consultant, Professional Services Recorded: Jul 17 2018 31 mins
    Third and final part of our 'Breach Response Preparedness Series', a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.

    Recovering from a large-scale incident is not an easy task. When compromised by an Advanced Persistent Threat, one must plan the efforts ahead of time to succeed in fully remediating and eradicating the attacker from the environment.

    During this webinar, we will discuss:
    - How to best remediate from such an event;
    - The different stages of the preparation, when it is the best time to remediate, and how to classify actions;
    - Examples of real investigations and remediation efforts to illustrate common complications like remediating too early, remediating partially and working with third party IT providers

    Join your host Manfred Erjak, Professional Services Consultant, for a 25-minute webinar to discuss the latest incident remediation trends.
  • NOTE: This Session has been moved to the August 14th FinTech Summit at 1:00PM ED
    NOTE: This Session has been moved to the August 14th FinTech Summit at 1:00PM ED Ulf Mattsson, Dick Morrell, Juanita Koilpillai Jul 18 2018 5:00 pm UTC 60 mins
    NOTE: This Session has been moved to the August 14th FinTech Summit at 1:00PM EDT

    Financial Services and GDPR: The next 60 days….

    In response to GDPR and Privacy Shield changes, entities in the Financial Services Industries have taken initial steps to identify gaps and modify their public facing privacy policies. This session will focus on what these heavily regulated industries will have to do in the next 60 days to establish and maintain a legally defensible position with respect to privacy and security of personal data not only to comply with regulation but to be poised to do business in the 21st Century.
  • Operationalizing DevSecOps: 7 Best Practices for Cloud Native Applications
    Operationalizing DevSecOps: 7 Best Practices for Cloud Native Applications Keith Mokris, Product Marketing Lead, Twistlock Jul 18 2018 5:00 pm UTC 60 mins
    Modern enterprises are implementing both the tools and the cultural changes required to embrace a DevSecOps mindset and approach.

    This webinar will highlight:

    •Risks you can avoid by embracing DevSecOps
    •DevSecOps as it relates to your container development pipeline
    •How to integrate and automate key steps of the process

    Join Twistlock Product Marketing Manager Keith Mokris for a presentation and platform demonstration.
  • Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Take the Industry’s Most Authentic Cyber Range for a Security Test Drive Mike Cooper, Sr. Security Manager Jul 18 2018 5:00 pm UTC 30 mins
    Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.

    Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.

    We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.

    Sign up to test drive CMD+CTRL!
  • Anatomy of a Hack: Learning From Successful Law Firm Cyberattacks
    Anatomy of a Hack: Learning From Successful Law Firm Cyberattacks Jake Bernstein, Eli Wald, Kip Boyle Jul 18 2018 6:00 pm UTC 60 mins
    Law firms are increasingly a high-value target for hackers, a “one stop shop” for sensitive data. And as dozen of examples show, the hackers are often successful. How do these cybercriminals infiltrate law firms and what can be done to prevent them?

    Join our panel of experts as they dissect the anatomy of a successful law firm cyberattack and explain how you can protect yourself, and your clients, from a similar fate.

    Attend this webinar to learn:
    -Why hackers are increasingly targeting legal professionals
    -What vulnerabilities make law firms easy prey for hackers
    -The ethical implications of law firm cybersecurity
    -How to protect yourself, your clients, and your data

    Featuring:
    - Jake Bernstein: An attorney with Newman Du Wors, Jake Bernstein’s practice focuses on counseling clients on cybersecurity issues. A former Washington State Assistant Attorney General and a frequent speaker and advisor on cybersecurity legal issues, Bernstein has significant experience with regulatory compliance, privacy, and cybersecurity law.

    - Eli Wald: A professor of legal ethics at the University of Denver’s Sturm College of Law, Eli Wald was one of the first academics to investigate the ethical implications of law firm cybersecurity. A frequent author and speaker on ethics and professional responsibility, his work has been cited in ABA ethics opinions and excerpted in legal ethics casebooks.

    - Kip Boyle: A 20-year information security expert and founder of Cyber Risk Opportunities, Kip Boyle advises global companies in the logistics, technology and financial services industries. He is a nationally recognized analyst, lecturer and thought-leader in cyber risks and has been featured in Entrepreneur magazine, Chief Executive magazine and others.
  • Protecting IoT Endpoint Devices and Communications – Mocana TrustPoint
    Protecting IoT Endpoint Devices and Communications – Mocana TrustPoint Srinivas Kumar, Vice President of Engineering, Mocana and Keao Caindec, Vice President of Marketing, Mocana Jul 18 2018 6:00 pm UTC 45 mins
    Part 1 - Securing the Boot Process

    When people think about cybersecurity today, they typically think about securing data in motion and at rest or analyzing threats. But when you move into this new IoT connected world, you need to think about more than just the data and monitoring hackers. How do you ensure you can trust the actual IoT endpoint device? This 3-part webinar series will focus on approaches for making devices trustworthy and enabling secure device-to-cloud communications.
  • The New Frontier Of Hybrid IT
    The New Frontier Of Hybrid IT Scott Mathewson, Data Center Practice Lead, North America, Softchoice Jul 18 2018 7:00 pm UTC 60 mins
    The journey to the cloud had just had a major breakthrough.
     
    With VMware software now available on the global AWS Cloud, there is now a single, consistent, pervasive connectivity and a secure platform for apps and data. Whether that is in the Datacenter or in the AWS Cloud. This gives you the power to move existing applications seamlessly to the cloud and back as needed.
     
    You’ll understand how you can quickly get workloads on the cloud without having to re-engineer your applications. Keep applying the skills you've developed on the VMware platform, backed by the large array of services in the AWS platform. This allows you to be agile, reduce capital costs and increase availability for innovations.
     
    In this webinar, we will show you: 
    - How, as a VMware customer, you can go into the cloud without retraining, reconfiguring your apps, refactoring and more
    - What it will mean to have immediate access to the AWS platform and services and how it'll accelerate innovation
    - Immediate value Business Cases related to increased agility, disaster recovery, and stretch networking for high availability.
     
    Presenter Info:
     
    Scott Mathewson, Data Center Practice Lead, North America, Softchoice
    As Practice Lead for Softchoice North America, Scott has over 25 years of Datacenter experience with EMC, VMWare and Cisco, he is responsible for defining Softchoice assessments and services offerings for VM ware and SDN. Scott works with customers to develop solid solutions as it relates to SDS, SDN, Cloud, management and automation solutions.
  • Managing Cybersecurity Risk and Delivering Business Value
    Managing Cybersecurity Risk and Delivering Business Value Craig Saunderson, Reliance acsn & Amardeep Sachdev, LogRhythm Jul 19 2018 9:00 am UTC 60 mins
    Your job is to protect your organisation from the risk associated to cyberattacks. Resources may be tight, you may be struggling with too many alerts, and you may not be getting the visibility you need. As such, constantly evolving threats can slip through the cracks and the risk of suffering a damaging breach could be causing you to lose sleep.

    Join LogRhythm and Reliance ascn to discover what managing cyber risk really means and how the right approach can help you deliver continuous value to the business. We’ll outline how you can reduce your organisation’s cyber risk with a smarter approach to cybersecurity that maximises the efficiency and effectiveness of your security operations centre.

    Join us to:

    • Understand the challenges our customers are facing & how they’re overcoming them
    • Discover the technologies & processes you can use to manage and reduce cyber risk
    • Understand how NextGen SIEM enables measurably faster threat detection and response
    • Learn how automation and orchestration boosts efficiency and productivity
    • Hear how machine learning and true AI capabilities can enhance your security analytics
  • Rethinking Security
    Rethinking Security Adrian Rowley, Technical Director EMEA Jul 19 2018 9:00 am UTC 45 mins
    This webinar looks at how to eliminate complexity, increase efficiency of security tools, and improve confidence in the overall security posture of your organisation.
    Adrian Rowley, Gigamon’s Technical Director for EMEA, will discuss todays challenges in network security and how these can be resolved.
    Attendees will learn how you can:
    •Maximise network availability and operational simplicity of security tool upgrades with its integrated inline bypass technology
    •Deliver unmatched depth and breadth of traffic intelligence that is essential to increasing efficiency of overburdened security and networking tools, while decreasing complexity
    •Minimise Total Cost of Ownership and increase ROI by an average of 153%
    Join Adrian Rowley to see why only Gigamon provides a full solution for networking tools and inline and out-of-band security tools across on-premises, remote, virtual and cloud environments.
  • VeriSM™ - Exploring the New (Service Management) Kid in Town
    VeriSM™ - Exploring the New (Service Management) Kid in Town Simon Dorst, Michelle Major-Goldsmith - Kinetic IT Jul 19 2018 10:00 am UTC 45 mins
    Michelle Major-Goldsmith and Simon Dorst of Kinetic IT will discuss the role of VeriSM in digital transformation, and its relation to ITIL and other service management practices.
  • What would you do if you lost all your data…?
    What would you do if you lost all your data…? Ben Searle, EMEA Alliance Manager @ WinMagic Jul 19 2018 10:00 am UTC 60 mins
    Data is the cornerstone of every organisation. Join WinMagic and Bechtle at this webinar where we’ll discuss how to protect your data from endpoint to cloud. You’ll learn the steps you need to take to ensure you’re confident that your data is secure.
  • Reimagine Data Governance: Become a Data Quality Detective!
    Reimagine Data Governance: Become a Data Quality Detective! Andy Joss, Head of Solutions & Data Governance , Informatica & Dagmar Hillmeister-Mueller, Data Governance, Informatica Jul 19 2018 10:00 am UTC 60 mins
    Businesses deal with the impacts of data quality issues on a constant basis, yet the understanding of what data quality means is still improperly understood. In this webinar we’ll explore some of these impacts and how new approaches to data quality are changing the way organisations utilise data. We’ll also be exploring how new technology solutions are helping organisations investigate and diagnose the causes of various data quality problems and how fixing these issues makes a material impact to the health of the organisation. Data quality has become critical to the success of many business initiatives, so we’ll help you understand what items your detective toolkit needs to contain
  • Cryptojacking: Who/What/Why/When & How to Prevent Computer Power Being Stolen
    Cryptojacking: Who/What/Why/When & How to Prevent Computer Power Being Stolen Jay Kelley, Senior Product Marketing Manager, Menlo, Lindsay Drabwell, Head of Member Services EMEA, (ISC)² Jul 19 2018 1:00 pm UTC 60 mins
    As users become savvier and increasingly use ad blockers, advertising revenue is declining. Crypto coin mining is emerging as a new way for websites to monetise visitor traffic. But, there is a “dark side” to cryptomining: Cryptojacking, which includes, among other misdeeds, cryptomining without a website visitor’s permission or knowledge. While cryptojacking may seem like a victimless crime, since all that is being “stolen” is visitors’ computing and graphics processing power, it is anything but, and can lead to serious consequences. This session will focus on the differences between safe, legal cryptomining and dangerous cryptojacking, what it is, who is using it, why it is being used, when, how it is being abused, and how web browser isolation eliminates 100% of the cryptojacking risk.

    • How crypto coin mining is being used today
    • Why websites are moving away from advertising to crypto coin mining
    • How and why web browsers are being used to steal users’ compute power away without consent in most cases
    • How businesses can stop wide scale use of cryptojacking across all browsers and devices in their network through isolation
  • The Fast and the Fraudulent
    The Fast and the Fraudulent Iain Swaine, Head of Cyber Strategy, EMEA, BioCatch Jul 19 2018 3:00 pm UTC 75 mins
    The world of payments is rapidly-changing. The rise of P2P payments in the U.S, Canada and Australia along with dramatic regulatory changes in Europe (PSD2), has created new opportunities across the ecosystem. New third-party payment providers (TPP​'​s) in the EU and P2P apps in other regions are entering th​e arena​​​ by supporting the rapid rise in demand and associated adoption rates. Banks are enabling direct access to accounts via APIs. Consumers now get to pick which apps they use, how they want to pay, and when, making the user experience paramount to win their loyalty. At the same time, however, the speed and “openness” makes the ecosystem vulnerable to several types of threats including malware, social engineering, remote access Trojans, SIM swapping, call forwarding and other techniques. Using these techniques, the fraudsters are able to exploit various points of potential weakness: at the account creation stage, the bank account linking process and payment authentication.

    Join us as Iain Swaine, explores this fast-changing landscape, leveraging real world experience that stems from his days as eCrime Fraud Prevention Manager of the Royal Bank of Scotland, which was on the front lines of the initial faster payments adoption in the UK, and his current work as Head of Cyber Strategy, EMEA at BioCatch. He will explain how fraudsters see the this new world, what some of their techniques are and some of the techniques that are being used by leading enterprises around the world to address the risks in the P2P and PSD2 ecosystems.
  • The Evolution of Mobile Threat Actors
    The Evolution of Mobile Threat Actors Michael Flossman, Head of Threat Intelligence, Lookout Jul 19 2018 3:00 pm UTC 60 mins
    Cybercriminals and nation states are consistently using mobile threat tooling as part of their espionage or financially motivated attacks and campaigns. The Lookout Threat Intelligence team has noticed this increase as we research and protect against these adversaries. These actors are increasingly seeing value from having an offensive mobile capability in their toolkit and we have even seen low sophistication groups break into this space and successfully steal gigabytes of data from compromised devices. As BYOD and the prevalence of mobile devices in corporate environments continue to blur the traditional enterprise perimeter, the ability to understand the risks to mobile endpoints is critical.

    Join Michael Flossman, Head of Threat Intelligence at Lookout, for this informative webinar as he covers the evolution of threat actors on mobile, discusses several recent high-profile cases, and explains why gaining visibility into your mobile endpoints and proactively securing them is key for today’s organizations."
  • SEC Guidance - Cyber Security Disclosures
    SEC Guidance - Cyber Security Disclosures Aseem Rastogi CEO & Founder - CloudOptics Jul 19 2018 4:00 pm UTC 30 mins
    Information / Discussion on SEC Guidance On Public Company Cyber Security Disclosures

    The Securities & Exchange Commission, in Feb-2018 has published a guidance to assist public companies in handling Cyber Security Risks and Incidents. In this webinar, participants will learn about -
    - Context Of SEC Guidance
    - Purpose Of SEC Guidance
    - Disclosure Approach
    - Steps to Adhere to Guidelines
    - Technology & Operational Considerations
  • The Public Sector Guide to FISMA Accreditation
    The Public Sector Guide to FISMA Accreditation Jeff Valentine, Chief Product Officer, CloudCheckr, and Matt Jordan, VP Corporate Development, JHC Technology Jul 19 2018 4:00 pm UTC 60 mins
    FISMA is the all-embracing legislative framework for protecting the security, integrity, and availability of federal information and information systems. To meet FISMA compliance requirements, governmental agencies and private contractors that handle federal data must maintain full visibility over their information system inventory.

    Attendees will learn:
    - How to leverage existing documentation
    - Shared responsibility
    - Gaining an ATO without FedRAMP assessed infrastructure
  • The Practitioner’s Guide to Security Monitoring in the Cloud
    The Practitioner’s Guide to Security Monitoring in the Cloud Danielle Russell, Group Product Marketing Manager & Brian Bledsoe, Sr. Technical Manager, Sales Enablement for NA, AlienVault Jul 19 2018 4:00 pm UTC 60 mins
    Cloud computing continues to transform the way organizations use, store, and share data, applications, and workloads, but has also introduced a host of new security threats and challenges. With so much data going into the cloud—and into public cloud services in particular—these resources become natural targets for bad actors. And, contrary to what you may think, the primary responsibility for protecting corporate data in the cloud lies with the cloud customer, not with the service provider.

    AlienVault is at the leading edge of cloud security with AlienVault USM Anywhere. Whether you are looking to secure your AWS & Azure cloud environments, cloud applications like Office 365 and G Suite or on-premises assets, USM Anywhere delivers essential security capabilities in a single SaaS platform.

    Join this webcast to learn more about cloud security challenges and how to address them with USM Anywhere. You'll learn:

    - What the shared responsibility model means for the security of your cloud assets
    - Challenges with trying to use traditional on-prem security monitoring tools in your cloud environments
    - How USM Anywhere gives you visibility into all assets across your cloud and on-premises environments
    - Benefits of an all-in-one security solution for threat detection, incident response and compliance management

    Hosted By
    Danielle Russell
    Group Product Marketing Manager
    Danielle is a Group Product Marketing Manager at AlienVault, responsible for product messaging and positioning, go-to-market strategy, and sales enablement.

    Brian Bledsoe
    Sr. Technical Manager, Sales Enablement for North America
    Brian is a member of AlienVault's Sales Enablement team. He was previously a Sales Engineer, and then Sales Engineering manager at AlienVault.
  • 3 Challenges of Distributed Agile Retrospectives & How to Solve Them
    3 Challenges of Distributed Agile Retrospectives & How to Solve Them Michael Ball-Marian, Agile Expert at CA Technologies Jul 19 2018 5:00 pm UTC 60 mins
    Of all the Agile practices, none is more foundational than the inspect & adapt cycle of the retrospective. Even if you struggle with every other aspect of Agile, if you consistently engage in productive retrospectives, you will get better.

    Industry surveys and studies suggest that 80% or more of Agile organizations have at least some distributed teams. Most of the traditional retrospective methods assume that all team members are co-located.

    Running effective retrospectives for distributed teams presents unique challenges, but also, potentially, some great advantages. In this webinar, Agile coach and Instant Agenda co-founder Michael Ball-Marian will discuss the three greatest challenges to running distributed Agile retrospectives and how to solve them. Michael will share a variety of tips and techniques that you can use in any retrospective, co-located or distributed. Finally, he’ll present a few ways in which a distributed retrospective can actually be better than a co-located one.
  • Containers At-Risk: A Review of 21,000 Cloud Environments
    Containers At-Risk: A Review of 21,000 Cloud Environments Dan Hubbard, Chief Security Architect | Lacework Jul 19 2018 5:30 pm UTC 45 mins
    Securing workloads in public clouds requires a different approach than that used for traditional data centers. The need to operate security at cloud speed, respond to continuous change, and adapt at scale all require a dramatic shift in the type of security solution required by today’s operation.

    This webcast will deliver a detailed analysis of the threats and risks discovered by recent research done by Lacework when it comes to deploying containers and orchestration services like Kubernetes running on AWS.
  • Impersonation: The Many Masks of Email Threats
    Impersonation: The Many Masks of Email Threats Ken Bagnall, Vice President, Email Security, FireEye Jul 19 2018 6:00 pm UTC 60 mins
    You can’t always trust that the sender of your email truly sent it. Impersonation threats are becoming more popular and difficult for end users to spot.

    Ken Bagnall, Vice President, Email Security, presents “Impersonation: The Many Masks of Email Threats,” a FireEye webinar that digs into the details behind impersonation attacks:

    • What psychological authentication involves
    • How attackers prey on recipients’ imagination and emotions
    • How impersonation attacks are evolving
    • What is in the future for impersonation
    • How threat intelligence and the speed of email security impact cyber risk
  • Applying Data Science to Measure Your True Risk
    Applying Data Science to Measure Your True Risk Michael Roytman, Chief Data Scientist at Kenna Security Jul 19 2018 7:00 pm UTC 45 mins
    There’s a difference between threat data and threat intelligence, and while the former may give you a better understanding of malicious data sources, IPs, websites, and domains, what it fails to do is give you and your security team the context to remediate a threat. When CVEs are responsible for tens of millions of attacks, simply having threat data won’t cut it.

    When it comes to cybersecurity, knowledge is power. And as cyber criminals gain more sophisticated tactics, protecting yourself requires a more intelligent approach.
  • Career Conversations w/ Twitter Queens Tracy and Amanda
    Career Conversations w/ Twitter Queens Tracy and Amanda Jessica Gulick, MBA | PMP | CISSP Jul 19 2018 11:00 pm UTC 60 mins
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!

    Guest:
    Amanda Berlin, MCITP
    Tracy Maleeff, Masters in Library and Information Science
  • I tuoi dati su Office 365 sono protetti?
    I tuoi dati su Office 365 sono protetti? Tristano Ermini, Systems Engineer Jul 20 2018 8:30 am UTC 60 mins
    Applicazioni SaaS come Microsoft® Office 365® sono molto apprezzate e sempre più diffuse nelle aziende, ma lo stesso può dirsi delle minacce che si nascondono in queste offerte:

    • Esposizione accidentale dei dati con SharePoint®
    • Uso non controllato di account personali di OneDrive®
    • Violazioni alla sicurezza dei dati in Exchange

    Sì, anche applicazioni SaaS affidabili come Office 365 possono far crescere il rischio di violazioni e problemi di conformità.

    La nostra Security Operating Platform può offrirti supporto. Registrati al webinar e scopri come soddisfare le tue esigenze CASB e proteggere i dati sul cloud da malware ed esposizione accidentale.

    Scopri anche come ottenere visibilità completa e reporting, classificazione dei dati e controllo granulare delle attività per utente, cartella e file, per una protezione efficace dei dati business-critical su Office 365.
  • Scaling for the future: Evolving your intelligence-driven digital investigations
    Scaling for the future: Evolving your intelligence-driven digital investigations Stuart Clarke, Global Head of Security & Intelligence Jul 23 2018 1:00 pm UTC 45 mins
    Investigative teams are under increasing pressure to respond to challenges caused by greater volumes of data and a more diverse range of digital devices.

    Key facts are often spread across multiple evidence sources, making it difficult to understand the bigger picture and often requiring an investigator to manually correlate their findings and identify connections. This places an increasing burden on overstretched teams, who need to respond faster and with more accuracy.

    Join Stuart Clarke, Global Head Security & Intelligence at Nuix who will introduce collaborative and intelligence driven investigations that can augment human investigative skills and expose the hidden relationships across people, objects, locations and events.

    Key takeaways:

    • Learn how a single pane of glass can help expose hidden relationships in the data
    • Understand the importance of efficient workflows that can make best use of technology
    • Find out how the latest technology can augment your investigative teams to enable you to make timely and informed decisions

    The presenter: Stuart Clarke, Global Head of Security & Intelligence Solutions

    Stuart is an internationally respected information security expert who is responsible for the overall security and intelligence strategy and delivery at Nuix. During his time at the company, Stuart has advised the United Nations’ peak cybersecurity body ITU and provided cybersecurity training for over 60 computer emergency response teams. He led the development of Nuix Investigation & Response, an innovative investigative tool used to delve into the causes and scope of data breaches.
  • TEMP.Periscope Surfaces in Cambodia: A Chinese espionage operation
    TEMP.Periscope Surfaces in Cambodia: A Chinese espionage operation Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst Jul 24 2018 4:00 am UTC 60 mins
    Earlier this month, FireEye revealed an extensive cyber espionage carried out by China-linked TEMP.Periscope which targeted Cambodia’s political system. The effort—which was covered by Bloomberg, Time, Associated Press and others—compromised multiple ministries, diplomats and opposition members. It was carried out by China’s second most active cyber espionage groups, which has previously targeted US-, Europe- and Asia-based organizations.

    Join Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst for the webinar to learn more about TEMP.Periscope’s mission, and its attacker tactics, techniques and procedures.