Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
The use of open source has surpassed the occasional and solidified itself as the standard. In fact, the Black Duck by Synopsys 2018 Open Source Security and Risk Analysis found that 96% of the applications we scanned last year contained open source components.
It’s increasingly difficult to properly manage open source in an organization to ensure compliance with the over 2,000 different licenses in use today and defend against new vulnerabilities, which surface frequently.
Join this webinar with top open source legal experts Mark Radcliffe (partner at DLA Piper and general counsel for the Open Source Initiative) and Tony Decicco (shareholder, GTC Law Group & Affiliates) as they discuss best practices for managing open source in an organization and throughout an M&A transaction:
- How do you conduct an open source / third-party software audit?
- How do you get the most out of your Black Duck code scan?
i.e. Handling license compliance issues and managing security vulnerabilities
- What are key aspects of an effective open source / third-party software policy for both inbound use and outbound contributions?
- What are key success factors for effectively releasing code as open source?
Experis Finance is pleased to announce the first of our Hot Topics Series for Chief Audit Executives and their teams. Our goal is to provide you with a series of webinars that provide practical insights on topics of interest to internal audit professionals. Our first session will cover Agility and preparing for Robotic Process Automation.
The webinar will provide participants with the following learning objectives:
•Define Agility in the context of Internal Audit
•Share pragmatic insights in how to define and execute an Agile transformation
•Discuss RPA and in practical terms as companies begin to assess, plan and implement
•Highlight the role of audit in assessing the overall RPA plan
•Link the opportunities of RPA to the concepts of Agile Auditing
Tim Lietz – CIA, CRMA, MBA
Regional Director, Risk Advisory Services
Ed Williams CIA, CRMA
Sr. Manager, Risk Advisory Services
Leverage Threat Intelligence where it matters most.
Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing (MIB) to discuss the current cybersecurity threat landscape.
This month's theme: Insider and Privilege Misuse
Our Verizon Threat Research Advisory Center presenters will be:
• John Rudolph, Principal Consultant, Identity and Access Management
• Steve Atnip, Senior Analyst, Threat Intelligence
• David Kennedy, Managing Principal, Open Source Intelligence
• Laurance Dine, Managing Principal, Investigative Response – EMEA
For this month's theme of 'Insider and Privilege Misuse' we'll feature John Rudolph, Principal Consultant, Identity and Access Management who'll discuss insider threat motivations, common denominators, and countermeasures, to include the Zero Trust approach. We'll then touch base on the IR Pulse and trends in our caseload, followed by:
Magic words alone are not enough to deliver the return on investment and cyber security out of your AWS cloud. Join N2WS for a great Webinar Magic Show. We will dispel your business’s fears of cloud migration, demystify cloud compliance and escape from the dunk tank of complexity – especially when it comes to managing backup and ensuring uptime.
Hosted by cybersecurity expert Ian Thornton-Trump, N2WS System Engineer, Laurent Mombel, and CloudCheckr Product Specialist Todd Bernhard, we will spend an hour brewing up a cauldron of information for you - using the recipe for AWS success:
- Rapid Recovery
- Flexible Backup
- Shrink Downtime
- Why hybrid is dangerous
- Benefits for small, medium and large companies
- Maintain Compliance
- Ease Auditing
Modernization initiatives such as "Industry 4.0" and "Industrial IoT" are pushing industrial networks to be more connected as well as more complex and challenging to protect. In this session we will demonstrate how you can establish granular visibility and consistent security policy to your SCADA deployment, IIoT and remote sites in even the harsh environments. In other words, we can show you how to protect all of your IT AND OT infrastructure.
Join this webinar to learn about:
- Consistent and integrated deployment securing traffic across the SCADA core, remote sites, controlled/harsh environments, IIoT and industrial cloud
- Zero-trust segmentation using the PA-220R ruggedized Next-Gen Firewall across IT and OT environments
- Leveraging central management to increase administrative efficiency and provide cybersecurity and ICS network traffic intelligence to OT and IT
Cyber breaches are inevitable because attackers constantly change their tools, techniques and procedures (TTPs). Everyone is affected in different ways, whether from compromised systems or supply chains to the financial implications of non-compliance and breach notification.
Join us for a live video panel on trending topics in cyber security:
-Breach notification sources, dwell time and industries mostly likely to be compromised and retargeted by attackers
-Importance of understanding cyber attackers and their motives
-Red teaming to improve security effectiveness
-Cyber security skills gap
-Direct and indirect costs of a breach
-Requirements, processes and policies to handle the GDPR
In its inaugural report, Tenable Research explores who has the first-mover advantage – cyber criminals or security teams? What’s the difference in time between when an exploit is publicly available for a given vulnerability and the first time that security teams actually assess their systems? And why does this even matter to your organization?
The research team analyzed the 50 most prevalent critical and high-severity vulnerabilities from just under 200,000 vulnerability assessment scans over a three-month period. What did they find?
Alarmingly, all too often, the attackers have the advantage. On average, they have a seven-day head start on defenders. Threat actors are sprinting ahead, exploiting vulnerabilities before security teams have even left the starting blocks – before businesses even know they’re at risk.
Join Tenable and (ISC)² on Jul 18, 2018 (Wed) at 14:00 (Singapore Time) to understand how and why cyber attackers are beating your defence.
Presenter: Robert Healey, Senior Director Marketing, APAC, Tenable Network Security
Moderator: Tony Vizza, CISSP Director, Cybersecurity Advocacy for APAC, (ISC)²
Organizations continue to fight an asymmetric battle on the cyber front. Attackers are sophisticated, well-funded, well-organized and use highly targeted techniques. Security teams routinely struggle to understand which cyber threats pose the greatest risk to them and how to prioritize those they discover.
Most organizations stake their security efficacy on legacy, signature-based tactical intelligence feeds that can’t anticipate attacks or provide context to guide response. Instead, these feeds increase alert volumes with false positives that make it nearly impossible to detect attacks and provide a false sense of security.
The right threat intelligence can help organizations drive business efficiencies, by proactively assessing and managing risks that are relevant, improved detection and prevention of attacks, and building attack context for the alerts that they face.
Find out how threat intelligence helps you stay on top of an evolving threat landscape.
For most organizations, performing threat-modeling is a difficult and an expensive undertaking. There are good reasons why this is the case. Threat modeling traditionally requires an experienced security architect with knowhow in architecture patterns, design patterns, a breadth of technologies, and above all deep security knowledge.
Join this webinar and learn:
- Consistency/Reliability: Use of patterns allows us to identify recurring problems/patterns and provide consistently the same solution. In security this means that identifying patterns during threat modeling will allow us to create consistent design, development, testing, and risk guidance.
- Efficiency: Use of patterns allows us to automate some part of a problem while leaving the more complex concerns to be tackled by experts. This creates efficiencies.
- Commonly understood taxonomy: Patterns create a common taxonomy for organizing knowledge, training users/practitioners, communicating with stakeholders (developers, testers, architects, security analysts, etc.)
In this session, IDC will share insights into the IT spending patterns of some of the world’s largest companies. These firms are often among the first to embrace transformative, innovative technologies in an effort to delight customers and reinforce their position at the top of the pack. The web conference will showcase findings from IDC’s Worldwide Wallet IT research program, which estimates budgets and forecasts spending by region for more than 4,000 of the world’s largest enterprises. Join us for this webinar to see how IDC creates these data, and why the largest domestic and international IT vendors use IT wallet research to gather tactical data enabling more effective sales operations and marketing analytics.
-Full understanding of breadth/depth of IDC’s IT Wallet database
-Companies with largest anticipated increases in spending
-Understanding of how top WW firms dominate WW IT spending
-Top IT Spender Highlight
In the highly dynamic online landscape of misinformation, fake news, gossip, and the trading of absconded data, organizations must expand their cybersecurity arsenals in protecting their brands, personnel, facilities, and sensitive information. They must take into account what exists outside the perimeter in the greater cyber ecosystem: the surface, dark, and deep web. Locating and assessing these threats, however, is a challenge for even experienced threat hunters. The tools and techniques are non-standard. You should ask yourself, “Is my security team ready to tackle what lies beyond the perimeter?” If not, let us shed light on this topic. Register for LookingGlass' "Threats Beyond the Perimeter" webinar on Tuesday, July 17 @ 2 pm ET to hear Michael Suby, VP of Research at Frost & Sullivan and James Carnall, VP of Customer Support Group at LookingGlass discuss how these scenarios may affect your brand, employees, and facilities.
An understaffed security workforce is struggling to protect your evolving enterprise from ever changing cyber threats. Automation could be the answer to hardening your security posture in these shifting sands. However, the task of implementing automation across such a diverse and continuously morphing environment presents a challenge.
In this webinar, we will discuss the benefits, complexities and best practices of implementing security automation.
Bring Your Own Device (BYOD) policies present many benefits for both employees and companies, but they also bring unwanted risk associated with allowing individuals to access and share company information through non-monitored personal devices.
AccessData and Corporate Counsel Business Journal have partnered on a survey of Corporate Legal professionals to identify current BYOD trends and concerns, and understand the impact it is having on e-discovery. Join us for this one-hour webinar where we will review the findings of this exclusive survey and highlight best practices for organizations allowing personal device use for business purposes, to help ensure data is protected and accessible in the event of e-discovery.
Static application security testing (SAST) is the process of examining source code for security defects. SAST is one of many checks in an application security assurance program designed to identify and mitigate security vulnerabilities early in the DevOps process. Integrating SAST tools into DevOps processes is critical to building a sustainable program. And automating these tools is also an important part of adoption, as it drives efficiency, consistency, and early detection.
If you have questions like these, and you’re concerned about integrating SAST tooling into your DevOps process, this session will offer actionable advice to automate security testing that supports DevOps velocity.
But DevOps practitioners looking to integrate SAST tools into the DevOps pipeline often have questions:
How do I manage false positives?
How do I triage the results?
What happens to new issues identified?
How can I use a tool in my DevOps pipeline?
(ISC)² is committed to delivering value to our members, providing a transparent view of the organization’s developments and plans for the future. To that end, please join (ISC)² for a virtual Town Hall meeting on July 17, 2018 at 1:00PM Eastern to review many of our new member benefits, service offerings and look at what is still to come in 2018, including enriching professional development opportunities, Security Congress and more. Members and non members alike will enjoy the opportunity to learn how (ISC)² is delivering on its value promise.
Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:
The shared model for cloud security
What cloud providers protect...and what they don’t
How to migrate securely to the cloud
What penetration testing for cloud environments does differently
Our third White-Hat File comes from Anton Abaya, CISA, PCI QSA, Senior Consultant in Accudata’s Risk and Compliance practice.
In this 15-minute webinar, he’ll describe the most effective ways he’s used social engineering and phishing techniques to crack into companies, as well as the best practices you can implement to ensure these attacks don’t work on your business.
Register for the August edition of the White-Hat Files here: https://www.brighttalk.com/webcast/16347/330367
Zero-day malware--new malware that has never been seen before-- continues to plague businesses of all sizes. Millions of these unknown files are being crafted or modified each year. They cannot be detected by existing security systems; they hide on endpoints and networks and remain among the most important and effective tools hackers use.
Join Chief Research Scientist at Comodo Cybersecurity and NATO Cooperative Cyber Defense Centre of Excellence Ambassador, Dr. Kenneth Geers as he analyzes how geopolitical events affect malware in the world's hottest cyber-attack zones. Webinar attendees will learn:
• How cyber defenders benefit from spending more time on strategic cyber defense analysis.
• Why cities, countries, continents, verticals and even geopolitical events have their own malware fingerprint.
• How threat research and intelligence can quickly provide actionable intelligence to Network Security professionals at the tactical level.
The session draws on data from Comodo Cybersecurity's Threat Intelligence Team's analysis of 300 million malware incidents in the first six months of 2018 and how you can leverage this technology to enhance your IT infrastructure.
Managing data for value is a business-oriented focus on the potential of data. It complements the all-too-common obsession with data’s technical requirements. Data value recognizes that data is a valuable business asset and should be leveraged accordingly. If you are managing data for value, your asset portfolio of data should be protected, grown, and governed.
Data’s value should be documented and quantified centrally to provide data intelligence for both business and technical users who work with data. Data intelligence is a combination of data and metadata, plus additional information and functionality, such as lineage tracking, quality metrics, data cataloging, glossaries, and machine learning for the automation of data management. Without data intelligence, the fullest value of data cannot be realized.
Data value, data compliance, and data intelligence have an indivisible relationship. This is critical, considering that the European Union’s General Data Protection Regulation (GDPR) will become effective in May 2018. For example, data value provides strong fundamental skills and infrastructure for teams who must achieve data compliance. Furthermore, when data intelligence includes governance and sensitivity metrics, it can contribute significantly to achieving data compliance and proving such compliance in an audit.
In this TDWI webinar, we’ll consider data value and intelligence in the context of compliance. You will learn about:
- Definitions of data value and data intelligence
- The evolving data compliance landscape, especially the EU’s GDPR
- How data value and intelligence can impact data compliance efforts
- Six strategies for balancing compliance with data value
Check out our latest product update webinar to hear about our ground-breaking, new technology, the Effective Usage Analysis, as well as other, cool product enhancements that will revolutionize the way you secure and manage your open source components.
Here's a sneak peek of what we will be discussing:
- Our new technology, Effective Usage Analysis
- Web Advisor
- Contextual pattern matching engine
- Support for over 200 languages
- Container security solution
- Unified Agent
- CVSS Version 3
Join Raymond Kelly our Account Director for Defence, Intelligence and NATO in a short video explaining the uses of military messaging, how the military messaging market is changing and what Boldon James are doing to stay at the forefront of it.
Less than two years ago, the majority of Insurtech startups were focused on developing propositions for personal lines. Most aimed to disrupt or displace conventional distribution channels, with digital products and services that made the purchase of insurance quick, simple, and more user-friendly than ever before.
Facing a market saturated by innovation for personal lines, ambitious Insurtechs are now clamouring to crack the commercial market. With solutions being developed to address the challenges of underwriting complex and specialty risk, 2018 is widely tipped to be the year of commercial Insurtech.
Join Intelligent InsurTECH Europe in association with Oxbow Partners, as they discuss why Insurtech matters for corporate and specialty insurers.
•Georgi Pachov, Global Practice Leader Cyber, Allianz Global Corporate and Specialty (AGCS)
•Nikolaus Sühr, CEO & Founder, KASKO
•Iain Wilcox, Chief Executive Officer, GWT Insight
Tune-in to discuss:
•Discover the startups focusing on complex, commercial risk, and identify the most promising Insurtechs already delivering tangible results for leading commercial insurers today
•With AI, IoT and Blockchain under the spotlight, get up to speed with the latest use cases for commercial lines, including AI-driven underwriting, sensor-based asset monitoring and prevention, and parametric insurance
•Understand how emerging technologies are already being used to deliver better and cheaper products to corporates, and discuss what it takes to harness new data sources to provide better technical pricing and new and innovative services to commercial clients
Third and final part of our 'Breach Response Preparedness Series', a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.
Recovering from a large-scale incident is not an easy task. When compromised by an Advanced Persistent Threat, one must plan the efforts ahead of time to succeed in fully remediating and eradicating the attacker from the environment.
During this webinar, we will discuss:
- How to best remediate from such an event;
- The different stages of the preparation, when it is the best time to remediate, and how to classify actions;
- Examples of real investigations and remediation efforts to illustrate common complications like remediating too early, remediating partially and working with third party IT providers
Join your host Manfred Erjak, Professional Services Consultant, for a 25-minute webinar to discuss the latest incident remediation trends.
NOTE: This Session has been moved to the August 14th FinTech Summit at 1:00PM EDT
Financial Services and GDPR: The next 60 days….
In response to GDPR and Privacy Shield changes, entities in the Financial Services Industries have taken initial steps to identify gaps and modify their public facing privacy policies. This session will focus on what these heavily regulated industries will have to do in the next 60 days to establish and maintain a legally defensible position with respect to privacy and security of personal data not only to comply with regulation but to be poised to do business in the 21st Century.
Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.
Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.
We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.
Law firms are increasingly a high-value target for hackers, a “one stop shop” for sensitive data. And as dozen of examples show, the hackers are often successful. How do these cybercriminals infiltrate law firms and what can be done to prevent them?
Join our panel of experts as they dissect the anatomy of a successful law firm cyberattack and explain how you can protect yourself, and your clients, from a similar fate.
Attend this webinar to learn:
-Why hackers are increasingly targeting legal professionals
-What vulnerabilities make law firms easy prey for hackers
-The ethical implications of law firm cybersecurity
-How to protect yourself, your clients, and your data
- Jake Bernstein: An attorney with Newman Du Wors, Jake Bernstein’s practice focuses on counseling clients on cybersecurity issues. A former Washington State Assistant Attorney General and a frequent speaker and advisor on cybersecurity legal issues, Bernstein has significant experience with regulatory compliance, privacy, and cybersecurity law.
- Eli Wald: A professor of legal ethics at the University of Denver’s Sturm College of Law, Eli Wald was one of the first academics to investigate the ethical implications of law firm cybersecurity. A frequent author and speaker on ethics and professional responsibility, his work has been cited in ABA ethics opinions and excerpted in legal ethics casebooks.
- Kip Boyle: A 20-year information security expert and founder of Cyber Risk Opportunities, Kip Boyle advises global companies in the logistics, technology and financial services industries. He is a nationally recognized analyst, lecturer and thought-leader in cyber risks and has been featured in Entrepreneur magazine, Chief Executive magazine and others.
When people think about cybersecurity today, they typically think about securing data in motion and at rest or analyzing threats. But when you move into this new IoT connected world, you need to think about more than just the data and monitoring hackers. How do you ensure you can trust the actual IoT endpoint device? This 3-part webinar series will focus on approaches for making devices trustworthy and enabling secure device-to-cloud communications.
The journey to the cloud had just had a major breakthrough.
With VMware software now available on the global AWS Cloud, there is now a single, consistent, pervasive connectivity and a secure platform for apps and data. Whether that is in the Datacenter or in the AWS Cloud. This gives you the power to move existing applications seamlessly to the cloud and back as needed.
You’ll understand how you can quickly get workloads on the cloud without having to re-engineer your applications. Keep applying the skills you've developed on the VMware platform, backed by the large array of services in the AWS platform. This allows you to be agile, reduce capital costs and increase availability for innovations.
In this webinar, we will show you:
- How, as a VMware customer, you can go into the cloud without retraining, reconfiguring your apps, refactoring and more
- What it will mean to have immediate access to the AWS platform and services and how it'll accelerate innovation
- Immediate value Business Cases related to increased agility, disaster recovery, and stretch networking for high availability.
Scott Mathewson, Data Center Practice Lead, North America, Softchoice
As Practice Lead for Softchoice North America, Scott has over 25 years of Datacenter experience with EMC, VMWare and Cisco, he is responsible for defining Softchoice assessments and services offerings for VM ware and SDN. Scott works with customers to develop solid solutions as it relates to SDS, SDN, Cloud, management and automation solutions.
Your job is to protect your organisation from the risk associated to cyberattacks. Resources may be tight, you may be struggling with too many alerts, and you may not be getting the visibility you need. As such, constantly evolving threats can slip through the cracks and the risk of suffering a damaging breach could be causing you to lose sleep.
Join LogRhythm and Reliance ascn to discover what managing cyber risk really means and how the right approach can help you deliver continuous value to the business. We’ll outline how you can reduce your organisation’s cyber risk with a smarter approach to cybersecurity that maximises the efficiency and effectiveness of your security operations centre.
Join us to:
• Understand the challenges our customers are facing & how they’re overcoming them
• Discover the technologies & processes you can use to manage and reduce cyber risk
• Understand how NextGen SIEM enables measurably faster threat detection and response
• Learn how automation and orchestration boosts efficiency and productivity
• Hear how machine learning and true AI capabilities can enhance your security analytics
This webinar looks at how to eliminate complexity, increase efficiency of security tools, and improve confidence in the overall security posture of your organisation.
Adrian Rowley, Gigamon’s Technical Director for EMEA, will discuss todays challenges in network security and how these can be resolved.
Attendees will learn how you can:
•Maximise network availability and operational simplicity of security tool upgrades with its integrated inline bypass technology
•Deliver unmatched depth and breadth of traffic intelligence that is essential to increasing efficiency of overburdened security and networking tools, while decreasing complexity
•Minimise Total Cost of Ownership and increase ROI by an average of 153%
Join Adrian Rowley to see why only Gigamon provides a full solution for networking tools and inline and out-of-band security tools across on-premises, remote, virtual and cloud environments.
Data is the cornerstone of every organisation. Join WinMagic and Bechtle at this webinar where we’ll discuss how to protect your data from endpoint to cloud. You’ll learn the steps you need to take to ensure you’re confident that your data is secure.
Businesses deal with the impacts of data quality issues on a constant basis, yet the understanding of what data quality means is still improperly understood. In this webinar we’ll explore some of these impacts and how new approaches to data quality are changing the way organisations utilise data. We’ll also be exploring how new technology solutions are helping organisations investigate and diagnose the causes of various data quality problems and how fixing these issues makes a material impact to the health of the organisation. Data quality has become critical to the success of many business initiatives, so we’ll help you understand what items your detective toolkit needs to contain
As users become savvier and increasingly use ad blockers, advertising revenue is declining. Crypto coin mining is emerging as a new way for websites to monetise visitor traffic. But, there is a “dark side” to cryptomining: Cryptojacking, which includes, among other misdeeds, cryptomining without a website visitor’s permission or knowledge. While cryptojacking may seem like a victimless crime, since all that is being “stolen” is visitors’ computing and graphics processing power, it is anything but, and can lead to serious consequences. This session will focus on the differences between safe, legal cryptomining and dangerous cryptojacking, what it is, who is using it, why it is being used, when, how it is being abused, and how web browser isolation eliminates 100% of the cryptojacking risk.
• How crypto coin mining is being used today
• Why websites are moving away from advertising to crypto coin mining
• How and why web browsers are being used to steal users’ compute power away without consent in most cases
• How businesses can stop wide scale use of cryptojacking across all browsers and devices in their network through isolation
The world of payments is rapidly-changing. The rise of P2P payments in the U.S, Canada and Australia along with dramatic regulatory changes in Europe (PSD2), has created new opportunities across the ecosystem. New third-party payment providers (TPP's) in the EU and P2P apps in other regions are entering the arena by supporting the rapid rise in demand and associated adoption rates. Banks are enabling direct access to accounts via APIs. Consumers now get to pick which apps they use, how they want to pay, and when, making the user experience paramount to win their loyalty. At the same time, however, the speed and “openness” makes the ecosystem vulnerable to several types of threats including malware, social engineering, remote access Trojans, SIM swapping, call forwarding and other techniques. Using these techniques, the fraudsters are able to exploit various points of potential weakness: at the account creation stage, the bank account linking process and payment authentication.
Join us as Iain Swaine, explores this fast-changing landscape, leveraging real world experience that stems from his days as eCrime Fraud Prevention Manager of the Royal Bank of Scotland, which was on the front lines of the initial faster payments adoption in the UK, and his current work as Head of Cyber Strategy, EMEA at BioCatch. He will explain how fraudsters see the this new world, what some of their techniques are and some of the techniques that are being used by leading enterprises around the world to address the risks in the P2P and PSD2 ecosystems.
Cybercriminals and nation states are consistently using mobile threat tooling as part of their espionage or financially motivated attacks and campaigns. The Lookout Threat Intelligence team has noticed this increase as we research and protect against these adversaries. These actors are increasingly seeing value from having an offensive mobile capability in their toolkit and we have even seen low sophistication groups break into this space and successfully steal gigabytes of data from compromised devices. As BYOD and the prevalence of mobile devices in corporate environments continue to blur the traditional enterprise perimeter, the ability to understand the risks to mobile endpoints is critical.
Join Michael Flossman, Head of Threat Intelligence at Lookout, for this informative webinar as he covers the evolution of threat actors on mobile, discusses several recent high-profile cases, and explains why gaining visibility into your mobile endpoints and proactively securing them is key for today’s organizations."
Information / Discussion on SEC Guidance On Public Company Cyber Security Disclosures
The Securities & Exchange Commission, in Feb-2018 has published a guidance to assist public companies in handling Cyber Security Risks and Incidents. In this webinar, participants will learn about -
- Context Of SEC Guidance
- Purpose Of SEC Guidance
- Disclosure Approach
- Steps to Adhere to Guidelines
- Technology & Operational Considerations
FISMA is the all-embracing legislative framework for protecting the security, integrity, and availability of federal information and information systems. To meet FISMA compliance requirements, governmental agencies and private contractors that handle federal data must maintain full visibility over their information system inventory.
Attendees will learn:
- How to leverage existing documentation
- Shared responsibility
- Gaining an ATO without FedRAMP assessed infrastructure
Cloud computing continues to transform the way organizations use, store, and share data, applications, and workloads, but has also introduced a host of new security threats and challenges. With so much data going into the cloud—and into public cloud services in particular—these resources become natural targets for bad actors. And, contrary to what you may think, the primary responsibility for protecting corporate data in the cloud lies with the cloud customer, not with the service provider.
AlienVault is at the leading edge of cloud security with AlienVault USM Anywhere. Whether you are looking to secure your AWS & Azure cloud environments, cloud applications like Office 365 and G Suite or on-premises assets, USM Anywhere delivers essential security capabilities in a single SaaS platform.
Join this webcast to learn more about cloud security challenges and how to address them with USM Anywhere. You'll learn:
- What the shared responsibility model means for the security of your cloud assets
- Challenges with trying to use traditional on-prem security monitoring tools in your cloud environments
- How USM Anywhere gives you visibility into all assets across your cloud and on-premises environments
- Benefits of an all-in-one security solution for threat detection, incident response and compliance management
Group Product Marketing Manager
Danielle is a Group Product Marketing Manager at AlienVault, responsible for product messaging and positioning, go-to-market strategy, and sales enablement.
Sr. Technical Manager, Sales Enablement for North America
Brian is a member of AlienVault's Sales Enablement team. He was previously a Sales Engineer, and then Sales Engineering manager at AlienVault.
Of all the Agile practices, none is more foundational than the inspect & adapt cycle of the retrospective. Even if you struggle with every other aspect of Agile, if you consistently engage in productive retrospectives, you will get better.
Industry surveys and studies suggest that 80% or more of Agile organizations have at least some distributed teams. Most of the traditional retrospective methods assume that all team members are co-located.
Running effective retrospectives for distributed teams presents unique challenges, but also, potentially, some great advantages. In this webinar, Agile coach and Instant Agenda co-founder Michael Ball-Marian will discuss the three greatest challenges to running distributed Agile retrospectives and how to solve them. Michael will share a variety of tips and techniques that you can use in any retrospective, co-located or distributed. Finally, he’ll present a few ways in which a distributed retrospective can actually be better than a co-located one.
Securing workloads in public clouds requires a different approach than that used for traditional data centers. The need to operate security at cloud speed, respond to continuous change, and adapt at scale all require a dramatic shift in the type of security solution required by today’s operation.
This webcast will deliver a detailed analysis of the threats and risks discovered by recent research done by Lacework when it comes to deploying containers and orchestration services like Kubernetes running on AWS.
You can’t always trust that the sender of your email truly sent it. Impersonation threats are becoming more popular and difficult for end users to spot.
Ken Bagnall, Vice President, Email Security, presents “Impersonation: The Many Masks of Email Threats,” a FireEye webinar that digs into the details behind impersonation attacks:
• What psychological authentication involves
• How attackers prey on recipients’ imagination and emotions
• How impersonation attacks are evolving
• What is in the future for impersonation
• How threat intelligence and the speed of email security impact cyber risk
There’s a difference between threat data and threat intelligence, and while the former may give you a better understanding of malicious data sources, IPs, websites, and domains, what it fails to do is give you and your security team the context to remediate a threat. When CVEs are responsible for tens of millions of attacks, simply having threat data won’t cut it.
When it comes to cybersecurity, knowledge is power. And as cyber criminals gain more sophisticated tactics, protecting yourself requires a more intelligent approach.
Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?
Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!
Amanda Berlin, MCITP
Tracy Maleeff, Masters in Library and Information Science
Applicazioni SaaS come Microsoft® Office 365® sono molto apprezzate e sempre più diffuse nelle aziende, ma lo stesso può dirsi delle minacce che si nascondono in queste offerte:
• Esposizione accidentale dei dati con SharePoint®
• Uso non controllato di account personali di OneDrive®
• Violazioni alla sicurezza dei dati in Exchange
Sì, anche applicazioni SaaS affidabili come Office 365 possono far crescere il rischio di violazioni e problemi di conformità.
La nostra Security Operating Platform può offrirti supporto. Registrati al webinar e scopri come soddisfare le tue esigenze CASB e proteggere i dati sul cloud da malware ed esposizione accidentale.
Scopri anche come ottenere visibilità completa e reporting, classificazione dei dati e controllo granulare delle attività per utente, cartella e file, per una protezione efficace dei dati business-critical su Office 365.
Investigative teams are under increasing pressure to respond to challenges caused by greater volumes of data and a more diverse range of digital devices.
Key facts are often spread across multiple evidence sources, making it difficult to understand the bigger picture and often requiring an investigator to manually correlate their findings and identify connections. This places an increasing burden on overstretched teams, who need to respond faster and with more accuracy.
Join Stuart Clarke, Global Head Security & Intelligence at Nuix who will introduce collaborative and intelligence driven investigations that can augment human investigative skills and expose the hidden relationships across people, objects, locations and events.
• Learn how a single pane of glass can help expose hidden relationships in the data
• Understand the importance of efficient workflows that can make best use of technology
• Find out how the latest technology can augment your investigative teams to enable you to make timely and informed decisions
The presenter: Stuart Clarke, Global Head of Security & Intelligence Solutions
Stuart is an internationally respected information security expert who is responsible for the overall security and intelligence strategy and delivery at Nuix. During his time at the company, Stuart has advised the United Nations’ peak cybersecurity body ITU and provided cybersecurity training for over 60 computer emergency response teams. He led the development of Nuix Investigation & Response, an innovative investigative tool used to delve into the causes and scope of data breaches.
Earlier this month, FireEye revealed an extensive cyber espionage carried out by China-linked TEMP.Periscope which targeted Cambodia’s political system. The effort—which was covered by Bloomberg, Time, Associated Press and others—compromised multiple ministries, diplomats and opposition members. It was carried out by China’s second most active cyber espionage groups, which has previously targeted US-, Europe- and Asia-based organizations.
Join Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst for the webinar to learn more about TEMP.Periscope’s mission, and its attacker tactics, techniques and procedures.