Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • SIEM 2.0 - How Unified Security Management SIEMplifies Threat Detection
    SIEM 2.0 - How Unified Security Management SIEMplifies Threat Detection Sacha Dawes, Principal Product Marketing Manager, AlienVault Live 60 mins
    SIEM solutions have been widely adopted to help IT teams collect and correlate data from a variety of security point products. However, traditional SIEM deployments require a great deal of time, money & expertise to properly normalize data feeds, create correlation rules to detect threats & continuously tune those rules to limit false positives. And, after all that work is done, it has to be continuously re-done as the network & threat landscape changes.

    AlienVault takes a different approach to SIEM. Join this webcast to learn how AlienVault Unified Security Management (USM) overcomes the most common SIEM challenges with:

    Built-in capabilities like asset discovery, vulnerability assessment, intrusion detection, orchestrated incident response, and log management
    Continuously updated correlation directives, vulnerability signatures, incident response guidance, and more
    Fully integrated, real-time threat intelligence from the AlienVault Labs Security Research Team and the AlienVault Open Threat Exchange (OTX)
    The ability to monitor on-premises and cloud environments including AWS and Azure, as well as cloud applications like Office 365
  • Win the Cyberwar with Zero Trust
    Win the Cyberwar with Zero Trust John Kindervag, Field Chief Technology Officer at Palo Alto Networks Live 60 mins
    Zero Trust is revolutionizing network security architecture: it is data-centric and designed to stop data breaches. Zero Trust also adds a layer of agility to modern networks that is impossible to do in traditional network designs. These 21st century networks have been adopted by government entities and large enterprises around the world.

    In this session, John will discuss the concept of Zero Trust and explain why Zero Trust is the world's only true cybersecurity strategy. He will show a Zero Trust Strategy will achieve tactical and operational goals. This session will demonstrate how Zero Trust will not only transform network security but function as a business enabler, by focusing on the businesses grand strategic objectives.
  • How to Use the NIST CSF to Recover from a Healthcare Breach
    How to Use the NIST CSF to Recover from a Healthcare Breach Axel Wirth, CPHIMS, CISSP, HCISPP, Technical Architect, Symantec & Ken Durbin, CISSP Strategist: CRM & Threat Intel, Symantec Live 60 mins
    Part 6 of 7: NIST Cybersecurity Framework for Healthcare Webinar Series

    The final piece to the puzzle is the RECOVER function, which is arguably the most important area of the NIST CSF. How quickly can you return to business and clinical operations after a cyberattack occured?

    This webinar will focus on the measures required for a timely recovery and return to normal operations to reduce the impact from a cybersecurity event, with a focus on:

    • Recovery Planning: Processes and procedures are executed and maintained to ensure timely restoration of systems or assets.

    • Improvements: Planning and processes are improved by incorporating lessons learned.

    • Communications: Restoration activities are coordinated with internal and external parties.

    Register Today

    To view upcoming NIST Cybersecurity Framework for Healthcare Series Part 7 https://resource.elq.symantec.com/LP=4235
  • Start Benefiting from PAN-OS 8.0 with User-ID and Global Protect
    Start Benefiting from PAN-OS 8.0 with User-ID and Global Protect Wiley Richardson, Security Engineer, Trainer and Cloud Architect at Cloud Harmonics Recorded: Oct 17 2017 38 mins
    Join us for our follow-up webcast with a focus on Authentication, Global Protect, and User ID enhancements to get a quick overview of SAML Authentication, Global Protect Clientless VPN and other selected new features and enhancements that PAN-OS 8.0 adds to your Palo Alto Networks Security Platform. Attendees will:

    •Learn about the key capabilities introduced by 8.0
    •See the value of the update to security deployments
    •Receive a voucher for 8.0 training course - $500 value
  • Take your Incident Response plan to a whole new level!
    Take your Incident Response plan to a whole new level! Gary Southwell, General Manager, CSPi & John Black, Cisco Recorded: Oct 17 2017 44 mins
    In this webinar, join Cisco and CSPi as they discuss how automated breach notification takes Cisco’s incident response services to a whole new level. With FirePOWER and nVoy the incident response process can start immediately after a breach is verified and therefore be completed faster, in some cases the full impact of a breach can be determined in minutes.

    This can be extremely powerful for companies which rely on managed services providers for their cyber breach incident response strategy. With FirePOWER and nVoy Cisco’s IR professional services team will proactively monitor the solution for you and will receive email notifications when a potential incident is occurring against your organizations critical assets to trigger IR activity as per services contract.

    Shortening the breach identification and investigation phase provides several benefits:
    - Meet stringent data privacy compliance regulations, like GDPR
    - Focus efforts on effective forensic analysis and remediation
    - Limit breach exposure and the expenses related to handling breaches

    Up your incident response game!
  • Digital Business is Here - Is your Trust Infrastructure Ready?
    Digital Business is Here - Is your Trust Infrastructure Ready? Mike Hathaway, Aaron Davis Recorded: Oct 17 2017 57 mins
    The move to digital business is exposing the limits of existing trust infrastructures. Rapid growth in the number of deployed certificate authorities (CAs). Increased burden on multiple PKI point solutions deployed to address specific problems. And while IT grapples to support tactical implementations of PKI, the demands of digital business overwhelmingly require a more strategic and holistic approach.

    What's required is a centralized yet agile overarching trust framework that can easily accommodate multiple use cases today and in the future.

    This webinar looks at the steps you can take to build an agile trust infrastructure with a centralized PKI deployment.

    * Digital Trust at Scale Learn how to build a PKI that supports endpoint diversity, evolving and multiple use cases and integration with complimentary solutions.
    * Streamline PKI Deployment Discover how a trust infrastructure can be deployed and managed across your organization to mete the requirements of today's dynamic and distributed business models
    * Simplify 3rd Party CA Key Migration Find out how you can migrate certificates from other vendor systems without having to distribute a new trust anchor and without the need to generate new keys and certificates.
  • Bringing Order to the Chaos of Third Party Risk Management
    Bringing Order to the Chaos of Third Party Risk Management Sam Abadir, Director of Product Management, LockPath; Dan Schrotberger, Director of Sales Engineering, LockPath Recorded: Oct 17 2017 41 mins
    The complexity of vendor risk management increases every day, as does its importance to organizations that rely on third parties. Regulators are increasing their focus on potential third-party risk. Risks assessments for business processes and vendor management are being integrated, mapped to organizational risks, and mined for patterns and trends. Some organizations are even extending vendor risk management to assess the vendors of vendors.

    Assessing and monitoring vendors and third parties is an arduous task if conducted manually. A manual process of inputting data, assigning risk levels, and following up requires multiple employees dedicating numerous hours. A manual process also makes it difficult to ensure harmony between an organization’s policies, regulatory requirements and those of the vendor or supplier.

    On the other hand, a robust governance, risk management, and compliance system like the Keylight Platform can help organizations identify, classify, monitor, and recommend risk mitigation to support business operations and regulatory requirements.

    In this webinar, LockPath’s vendor risk management experts provide an overview of the challenges to efficient and effective vendor risk management, and they demonstrate how GRC can bring order to the chaos of vendor risk management.
  • Deliver agile data management with Commvault HyperScale™ Software
    Deliver agile data management with Commvault HyperScale™ Software Marc Lucas & Roger Lane, Commvault & Bob Pearson, HPE Pointnext Recorded: Oct 17 2017 53 mins
    The EU General Data Protection Regulation (GDPR) is the most important new regulation involving individuals’ information to emerge over the last few decades: it provides the foundation for how multi-national organisations and government agencies must protect sensitive customer information, and also how they can derive value from enterprise data.


    In order to prepare for the May 2018 deadline, organisations must interpret the GDPR requirements, map processes and technology to them to ensure compliance, and quickly identify the correct information to be tightly managed and protected. Information insight is the key to solving these challenges of large volumes of data and high levels of complexity. The risks are high - lost customer confidence, security breaches, fines, sanctions, and potential lawsuits.


    Enterprise IT is being transformed with the maturing of public cloud providers that offer compute, storage and application services with unprecedented elasticity, scale, resiliency and availability, on a consumption based economic model. However, the choice between public cloud and on-premises infrastructure is not a binary one.

    Register to attend our webinar on Tuesday 17th October at 11:00 GMT to discover how HPE Pointnext GDPR Consulting services can provide the expertise and support to de-risk your journey to compliance. Plus learn how Commvault Hyperconverged Architecture can help you to overcome the complexities of GDPR through the consolidation of all roles performed by discrete servers in the traditional data protection architecture into a single software defined stack.
  • Preventing Cyberattacks via Dynamic Network Segmentation
    Preventing Cyberattacks via Dynamic Network Segmentation Ward Holloway, ForeScout Technologies & Chris Ebley, Managing Partner, BAI & Lee Space, Palo Alto Networks Recorded: Oct 16 2017 49 mins
    In today’s era of ‘Bring your own device’ (BYOD) mobility and ‘Internet of Things’ (IoT) devices proliferating networks as unknown or unmanaged connections, the cyberattack surface for most any organization continues to grow at an alarming rate. No longer can organizations rely on guarding their perimeter and trusting they know everyone and everything that is accessing their network. Proactive threat prevention in today’s BYOD and IoT era requires continuous network access visibility and intelligence as well as being able to automatically apply context-aware security policies such as segmenting devices and users without having to re-build networks or knowing the devices upfront.
    Webinar topics include:
    - Network security trends and challenges, including the more destructive ransomware, cryptoransomware, wipers, etc.
    - Risk prevention architecture considerations
    - Best practices based on real world experiences

    BAI will share some of its key learnings based on extensive experience implementing successful solutions that target attacks while creating more highly available, responsive, and automated networks. BAI is a team of Security Architects who have provided Automated Detection, Prevention, and Orchestration to protect Government Agencies, Higher Education and Fortune 1000 commercial accounts.
  • Disrupting the Cybersecurity Status Quo
    Disrupting the Cybersecurity Status Quo Nir Zuk, Palo Alto Networks co-founder and CTO Recorded: Oct 16 2017 59 mins
    The signs that the security market is ready for disruption are here. Join in discussion with Nir Zuk, Palo Alto Networks co-founder and CTO, on how the security market is evolving and maturing and ultimately, ready for disruption.
  • CUI and NIST SP 800-171 Compliance What Agencies and Contractors Should Know
    CUI and NIST SP 800-171 Compliance What Agencies and Contractors Should Know TITUS and PKH Recorded: Oct 16 2017 59 mins
    The December 31, 2017 deadline for protecting Controlled Unclassified Information (CUI) and complying with the NIST Special Publication 800-171 standard is fast approaching.

    Join PKH Enterprises and TITUS for a discussion on strategies to help federal agencies and contractors meet the main CUI requirements as established by NIST 800-171 and DFARS 252.204-7012. These experts will provide an analysis of the most challenging compliance areas, and offer insights to help organizations prioritize their next steps.
  • Cybersecurity in the Workplace is Everyone’s Business
    Cybersecurity in the Workplace is Everyone’s Business Aaron Cohen, Director of Cyber Security Services, Symantec Recorded: Oct 16 2017 35 mins
    Building a culture of cybersecurity is critical to every organization no matter the size. Join Aaron Cohen, Director of Cyber Security Services, to learn more about how to strengthen your organization’s cyber resiliency.

    Register for this webinar to:
    Hear about the biggest threats and challenges facing organizations
    Learn about the stages of the attack lifecycle and how to prepare for each stage
    Understand how to increase your resiliency and train your team
  • Forcepoint  GDPR Product Mapping: Inventory of Personal Data
    Forcepoint GDPR Product Mapping: Inventory of Personal Data Mike Smart - Forcepoint, Chris Jones - Forcepoint Recorded: Oct 13 2017 58 mins
    Learn why organizations must ensure they understand what personal data they hold and where it exists across the organization. In this session, we will discuss data-centric technologies like DLP and examine how they help organizations to find personal data and understand risk.
  • Governance, Risk, and Automation: Part 1
    Governance, Risk, and Automation: Part 1 Peter Tessin, Sr. Manager, Discover Financial Services; Jimmy Heschl, Head of Digital Security, Redbull Recorded: Oct 13 2017 61 mins
    This is the first in a two-part series on governance, risk and automation.

    In Part I, we will explore concepts central to IT governance and risk. The presenters will use a conversational style to describe IT governance, how it works, and then go deeper into one central aspect, risk.

    Part II will build on the foundation presented in part one and describe how these issues are managed in an automated solution.
  • Increasing the Effectiveness and Efficiency of Sarbanes-Oxley
    Increasing the Effectiveness and Efficiency of Sarbanes-Oxley Dennis Keglovits, Vice President of Services, LockPath Recorded: Oct 13 2017 51 mins
    While the Sarbanes-Oxley Act (SOX) has been in place for over a decade, many public companies still have questions regarding the efficiency, and even effectiveness, of their overall SOX compliance and audit programs. With room for improvement, companies are considering solutions to automate the process, reduce efforts to complete testing, and better manage the remediation process.

    In this webinar, LockPath’s Vice President of Services, Dennis Keglovits, discusses the common challenges SOX compliance poses in today’s organizations, as well as strategies and techniques to assist your programs.
  • Security by Design – Modernizing Technology Governance
    Security by Design – Modernizing Technology Governance Tim Sandage, Sr. Security Partner Strategist, AWS Recorded: Oct 12 2017 33 mins
    Up-front design of your cloud environment can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Security by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability across, such as:

    - Organizational governance
    - Asset inventory and control
    - Logical access controls
    - Operating system configuration
    - Database security
    - Applications security configurations

    Why this session:

    Cloud Computing is becoming the new normal, the question isn’t “if” anymore, it’s really just “how fast can we move?” and “what are we going to move first”

    Because of this trend organizations need to understand their security and compliance capabilities and shared responsibilities for security as they migrate resources to the cloud. Whether its clinical trial simulations with Bristol Myers-Squibb, who uses AWS to run clinical trial simulations for 64% less cost; in 1.2 hours vs. 60 hours or Galata Chemicals who are running their development and test workloads in the cloud. Organizations need to start with a “Secure by Design approach, which support security at scale as they increase their use of cloud resources.”
  • Saving Your Bacon with the Cloud When Your Data Center is On Fire
    Saving Your Bacon with the Cloud When Your Data Center is On Fire Kenneth Hui, Technical Marketing Engineer at Rubrik Recorded: Oct 12 2017 33 mins
    Ok, so your data center may not catch on fire (at least we hope not). However, the consequences can be just as dire if critical data is lost, a virtual machine crashes or a portion of your data center becomes unavailable. In an emergency, how confident are you about restoring your company’s data in a timely fashion, especially when every minute of downtime may mean lost revenues from and credibility with your customers. What if your company can’t afford the cost of maintaining a disaster recovery site? How long would it take for you to recover from a site disaster?

    Participants will learn:

    - How you can leverage the public cloud for cost effective DR for your on-premises infrastructure

    - What factors do you need to consider to use the Cloud for DR

    - Different approaches to architecting DR in the Cloud, including pilot light, warm standby and hot site.
  • Closing The Skills Gap: Accelerating Governance with Cloud Automation
    Closing The Skills Gap: Accelerating Governance with Cloud Automation Nathan Wallace, Founder & CEO Turbot Recorded: Oct 12 2017 30 mins
    Business agility and faster speed to market are often primary drivers of enterprise cloud strategies. IT organizations often implement a Cloud Center of Excellence (CCoE) model to streamline operations, but without effective automation these teams can quickly become a bottleneck to the broader business strategy.

    In this session, enterprise cloud thought leader Nathan Wallace, CEO & Founder of Turbot, will address how Software-Defined Operations can deliver agility, elevate the business value of the Cloud Center of Excellence, and ensure compliance for your organization.


    - The business impact of moving to Software Defined Operations
    - How to enable self-service cloud while improving security and compliance.
    - How automation allows the CCoE to focus on higher value delivery.
    - Benchmarks and KPIs to measure the effectiveness of your automation strategy

    About the Speaker

    Nathan Wallace is the Founder and CEO of Turbot HQ, Inc. Nathan is recognized as a transformational leader that has enabled some of the World's largest enterprise organizations to make the transition to public cloud. Nathan has recently been profiled by CIO Applications and was a featured guest on the AWS podcast. Prior to starting Turbot, Nathan was the Global Director of Cloud & DevOps for a Fortune 50 Multi-National Pharmaceutical Company.
  • Game, Set, Match: Leveraging Compliance as a Competitive Advantage
    Game, Set, Match: Leveraging Compliance as a Competitive Advantage Todd Bernhard, CloudCheckr Product Marketing Manager Recorded: Oct 12 2017 13 mins
    This talk will focus on how compliance can be transitioned from a costly manual burden to a business enabler using automation. One of the biggest challenges faced by organizations today is the use of manual methods like spreadsheets and email for compliance management. This long-time practice is unable to keep pace with the myriad of workflows and processes required which leads to constant firefighting, fines, increased cost and loss of accountability. Adopting an automated platform brings the benefits of being compliant in less time using a streamlined assessment process with better business alignment, accountability, higher profits and lower costs.
  • TechDemo – Breach Detection and Notification for the GDPR
    TechDemo – Breach Detection and Notification for the GDPR Cheryl Tang, Director Data Security Products, Imperva and Brian McAuliffe, Sales Engineer, Imperva Recorded: Oct 12 2017 39 mins
    This is part 4 of our GDPR demo series. The GDPR, which comes into effect on May 25, 2018, requires organizations report a data breach within 72 hours. In this webinar, we’ll provide an overview of:

    •What the General Data Protection Regulation is
    •What the GDPR breach notification requirements are
    •How Imperva CounterBreach can help detect potential data breaches
  • Cloud Leaders Panel: Expert Insights for Developing a Cloud-First Approach
    Cloud Leaders Panel: Expert Insights for Developing a Cloud-First Approach Bob Hale: CEO at Alterian, Mike Pinch: CISO at University of Rochester, Dan Wacker: CFO, ClubReady Recorded: Oct 12 2017 49 mins
    Cloud adoption represents a major IT transformation, a shift in culture and a new way of financing your infrastructure. It presents new cost and security challenges, requiring governance and control across the organization. And it also needs a proactive team to take ownership and direction of the migration process.

    In this Cloud Leaders Panel: Industry Perspectives from a CEO, CISO, & CFO, Steve Hall, VP of Marketing at CloudCheckr, will be joined by Bob Hale - CEO at Alterian, Mike Pinch - CISO at University of Rochester, and Dan Wacker - CFO at ClubReady. During this interactive discussion, we’ll uncover what the cloud means to each panel expert from their own unique perspective and learn what the key drivers are to successfully shift an organization to a cloud-first approach.
  • A NIST Guide on How Identity Management is Reshaping Cyber Security
    A NIST Guide on How Identity Management is Reshaping Cyber Security Bill Newhouse, Deputy Director, NICE; Naresh Persaud, Sr. Dir. Security; Prod Mktg, CA; Spencer Wilcox; Brandon Dunlap Recorded: Oct 12 2017 60 mins
    Did you know that 80% of data breaches implicate lost, stolen and weak credentials, as well as excessive access as culprits? NIST’s National Cybersecurity Center of Excellence (NCCoE) is helping companies better understand how to apply standards-based, commercially available technologies to improve their cybersecurity posture. The NCCoE’s security control mappings, reference designs, and lab implementations can be used as roadmaps or checklists for organizations looking to bolster their cybersecurity programs. Join CA and (ISC)2 on October 12, 2017 at 1:00PM Eastern for our ThinkTank where our expert panel will take an in depth look at how Identity Management is shaping the recommendations and requirements for the next generation of cyber security controls.
  • NIST 800-171 Protect CUI or Risk Losing Federal Business
    NIST 800-171 Protect CUI or Risk Losing Federal Business Kelly Handerhan, CISSP, PMP, CASP, CEH, Cybrary.it SME Recorded: Oct 12 2017 63 mins
    Federal contractors that process, store or transmit what’s called Controlled Unclassified Information have until December to implement new, more stringent security guidelines to protect that information. Chances are your organization already meets some of the requirements, but it’s unlikely that you meet them all. Join us to identify what’s new, what’s not, what you have to do and how to assess the impact.
  • Case Study: Transform Threat Investigation With a Stretched Security Team
    Case Study: Transform Threat Investigation With a Stretched Security Team Arabella Hallawell, Sr. Director Advanced Threat Product Marketing + Deb Briggs, CSO, NETSCOUT Recorded: Oct 12 2017 43 mins
    Chief Information Security Officer Reveals How With Arbor Spectrum.

    Attackers continuously have new tools, tactics and practices in their weapons arsenal. Human defenders must shift their strategies to more proactively uncover meaningful threats, and find ways that dramatically accelerate threat investigation.

    Join us to hear:
    - NETSCOUT’s Chief Security Officer discuss how the Arbor Spectrum threat analytics platform was used to help her team take detection and investigation to a new level.
    - In depth examples of how security teams can begin or enhance their detection and investigation of attack campaigns.
  • Controlling access to infrastructure and applications, in cloud and on-prem
    Controlling access to infrastructure and applications, in cloud and on-prem Ulf Mattsson, CTO at Atlantic BT. Alex Hanway, Product Marketing Manager at Gemalto, David Morris, Pioneer in Cybersecurity Oct 17 2017 6:00 pm UTC 60 mins
    With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.
    This session will discuss Identity and Data Protection solutions for enterprise security, organizations can take a data-centric approach to their security posture, all while controlling access to the infrastructure and applications they rely upon — both on-premises, and in public and private clouds.
  • 2018 Forecast: Clouds Keep Rolling In
    2018 Forecast: Clouds Keep Rolling In Howard Marks, Deep Storage & Bernie Behn, Avere Systems Oct 17 2017 7:00 pm UTC 60 mins
    Howard Marks looks ahead at the storage trends rolling into IT Operations in the new year.

    Today’s data center is a much more dynamic environment than ever before leaving IT organizations struggling to compete, and or integrate, with public cloud services with tools and hardware designed for the much more static datacenter of yesteryear. In this webinar long time industry observer Howard Marks will examine five of the trends that IT operators should pay attention to in the coming year.

    Our discussion will focus on the promise, tools and challenges involved in moving to hybrid architectures that bridge private data centers and cloud resources to shift workloads, support data-intensive compute operations, manage unstructured data growth, build affordable archives, and prepare for disaster recovery. These technologies will consider macro-level trends as well as solving operational challenges that come with the growth of cloud.

    Infrastructure architects, systems engineers, storage engineers, data strategists, HPC specialists and other enterprise IT professionals will learn:
    - Current environment and challenges in building hybrid infrastructures that support traditional and object storage
    - Five not-to-be-ignored trends ripe for adoption in 2018
    - How compute and storage can mix in the new cloud-enabled world
  • How Do I Get the Cyber/Cloud Security Project Experience Employers Want?
    How Do I Get the Cyber/Cloud Security Project Experience Employers Want? Michael Van Heesch Oct 17 2017 11:00 pm UTC 30 mins
    In this Q&A Session we will explain how you can get the hands-on cyber/cloud security project experience in high-demand.
  • Digital Learning for SAP S/4HANA with SAP Learning Hub
    Digital Learning for SAP S/4HANA with SAP Learning Hub Caroline Kinsman, SAP Learning Expert Oct 18 2017 8:00 am UTC 60 mins
    Please note that this webinar is postponed to October 18th.

    SAP Education is launching a series of 30 minute live interactive sessions on Wednesdays as from September 13th. You will join thought leaders to find out how your company can benefit from SAP® Education best pratices to enable successful adoption of SAP S/4HANA in support of your transformation goals.
  • Kick-Start your Software Asset Management Practice
    Kick-Start your Software Asset Management Practice Michael Krutikov, Global Product Marketing, Snow Software and Martin Thompson, Founder of The ITAM Review Oct 18 2017 2:00 pm UTC 60 mins
    What is Software Asset Management (SAM) and how can you develop a SAM practice to reduce risk, save money and empower business agility?

    This educational and interactive webinar provides an introduction to SAM for those new to the field. Martin Thompson, founder of ITAM Review, and Michael Krutikov, Global Product Marketing with Snow Software will share how organizations like yours have driven quantifiable efficiencies and delivered ROI by managing their cloud and on-premise software more efficiently.

    Learn the key steps to implementing a best-in-class SAM practice and how to avoid the most common pitfalls when starting a SAM practice.

    During this webinar you will learn:

    •What SAM is and how it differs from basic asset management
    •The ROI you can deliver with a SAM practice
    •Top 3 common hurdles to avoid when starting your implementation
    •Tips to getting your SAM solution started successfully
    •Best practices from other successful organizations such as Carnival and Sky.

    Register today and all attendees will enter a prize draw to win one of 20 free copies of Practical ITAM – The Essential Guide for IT Asset Managers: Getting started and making a difference in the field of IT Asset Management, by Martin Thompson from ITAM Review. Please click here for full terms and conditions http://ow.ly/7sSW30f6b3W
  • Cultivating Your Strategic and Creative Thinking
    Cultivating Your Strategic and Creative Thinking Dr. Ted Marra Oct 18 2017 2:00 pm UTC 75 mins
    Join our guest, Dr. Ted Marra as he introduces his new strategic leadership course in Global Risk Academy.

    During the webinar we will cover:

    How does a truly strategic organization think? What is strategic thinking versus strategic planning? What are the vital few factors that will determine your organisation’s long-term success or failure and are they on your radar screen?

    Who should attend.

    People with 10 years management experience minimum up to and including C-Level in all disciplines responsible for strategic decisions or large scale operational issues - so they have large budget and many people reporting to them.

    Managers and senior management from all areas of the organisation having responsibility for planning and achievement of key business objectives.

    Why you should attend.

    - Reflect on how you got where you are as an organisation;

    - What factors were critical to your success? What factors were the basis for your success?

    - What held you back – prevented you from being even more successful?
    - What could you have done differently

    Understand what are the most critical factors that will better ensure your organisation is a “winner” in the future (e.g., next 3-5 years).

    Find out which ones you may be missing and what to do about it before it’s too late and you become just an “average or good” organisation when, with a little effort and the right strategic thinking and creativity, you could take the organisation to the next level of performance and move toward “greatness”.

    How to build exceptional stakeholder relationships and why doing this is critical in especially in turbulent times.
  • SOC Talk: Automation and Visibility for Faster, More Accurate Response
    SOC Talk: Automation and Visibility for Faster, More Accurate Response Simon Gibson, CISO / Security Architect, Jack Hamm, Principal Information Security Engineer, Graham Melville, Sr. Director Oct 18 2017 4:00 pm UTC 45 mins
    Join Jack Hamm and Simon Gibson from the Gigamon SecOps as they demonstrate how to use automation and visibility to take the boredom out of repetitive tasks. One of the featured use case will be how to automate tasks to find and block Kaspersky in government organizations.
    Security practitioners use a variety of tools and information sources to spot potential threats, evaluate each event and then act to mitigate. They are challenged by little interoperability between security tools, plus the cost of these tools across the network and cloud can be prohibitive.
    During this lively webinar, hosted by Security Solutions leader, Graham Melville, you will see how Gigamon and the Phantom security automation and orchestration platform can help you reduce mean time to resolution. The team will show how you can provide wider visibility and automate the tasks your security staff repeats on a frequent basis. 

    Simon and Jack will demonstrate:

    •How to generate indicators of compromise to trigger Phantom to execute customized playbooks with specific actions.
    •How to automate tasks to find and block the use of Kaspersky in government organizations.
    •How to streamline dozens of sources to gain insight into security events.
    •How to gain visibility to the necessary traffic from all segments of your networks without buying more security tools.
    •How you can reduce the load and turn on more features on your security tools such as Next Gen Firewalls.
  • Answers to 5 Cyber Security Challenges for the Midsize Enterprise
    Answers to 5 Cyber Security Challenges for the Midsize Enterprise Dan Reis, FireEye Director of Product Marketing, Endpoint Security Oct 18 2017 5:00 pm UTC 60 mins
    Large corporations aren’t the only targets for sophisticated advanced attacks. In fact, cyber criminals find that small and midsize enterprise (SME) companies are easier targets because their security is not as advanced and they don’t have proper cyber defenses.

    FireEye SME customers are more prepared to defend their company’s digital assets. Join us for a live problem-solving webinar based on real-world examples from your peers and learn:

    •What best practices will increase cyber awareness
    •How to conduct a security assessment to identify gaps and a
    •How to align security needs and reduce vulnerabilities

    Register today to gain insights into SME cyber warfare and more effectively protect your business from advanced attacks.
  • Advancing UEBA: The Impact of AI, ML and Cloud Infrastructure
    Advancing UEBA: The Impact of AI, ML and Cloud Infrastructure Samir Jain, Senior Product Manager (LogRhythm) Mark Settle, Product Marketing Manager (LogRhythm) Oct 18 2017 5:00 pm UTC 60 mins
    Alongside an expanding attack surface resulting from the growth of cloud, mobile and IoT, organizations are now increasingly faced by internal threats. Insider threats, compromised accounts, administrator abuse and other user-based threats are some of the most damaging vulnerabilities and the hardest to detect. This has led to the evolution of user and entity-based analytics (UEBA) solutions, designed to address user based threats, and through the use of artificial intelligence (AI) and machine learning these solutions are advancing threat detection capabilities in modern security operation centers.

    In this webinar, Mark Settle, LogRhythm Product Marketing Manager, and Samir Jain, Senior Product Manager, UEBA, will discuss the evolving UEBA market, and advancements in the technology fueling these solutions.

    Webinar attendees will learn:
    •How advancements in AI and machine learning technology are enabling security analytics and in particular UEBA.
    •Why security analytics solutions are moving to cloud infrastructure, and the security implications compared to on premise platforms.
    •What security mature organizations are asking for versus what is being delivered
    •Whether UEBA solutions are better delivered via security analytics/SIEM platforms, or via stand alone solutions
  • Today's Predictions for Tomorrow's Connected World
    Today's Predictions for Tomorrow's Connected World Kevin Haley, Director of Product Management for Symantec Security Technology and Response Oct 18 2017 5:00 pm UTC 30 mins
    In the new world of IoT, smart cities, smart cars and home, our personal devices are more connected than ever before.

    Learn about predicting the future by looking at the past with insights on how to improve the world of IoT that is coming into our homes.

    Register Today
  • Essential Reading for the Security Professional
    Essential Reading for the Security Professional Rick Howard, chief security officer at Palo Alto Networks Oct 18 2017 5:00 pm UTC 30 mins
    Join Rick Howard, CSO at Palo Alto Networks to learn about must-read books for all cybersecurity practitioners – be they from industry, government or academia — where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.
  • Are Your Third Party Vendors Exposing Your Organization to Cyber Threats?
    Are Your Third Party Vendors Exposing Your Organization to Cyber Threats? Eric Olson, LookingGlass Vice President of Intelligence Operations and Nick Hayes, Forrester Senior Analyst – Security & Risk Oct 18 2017 6:00 pm UTC 90 mins
    By now, the majority of us have likely been inundated with stories about third party data breaches and how one vendor’s vulnerability can cost your organization millions. But how do you know if you’re doing enough to stop third party risk?

    As we enter 2018, new U.S. and European cyber regulations are going into effect, and organizations can no longer check the box when it comes to their vendors’ cybersecurity. You are not only liable for knowing where you are most at-risk, but now you must also understand how that risk affects your organization and identify a solution for mitigating that risk.

    This webinar features guest speaker Nick Hayes, Senior Analyst at Forrester and LookingGlass VP of Intelligence Operations Eric Olson. They will delve into the third party risk landscape: our current state of affairs, and where the industry is moving, as well as how you can take a different approach to third party risk prevention, including:
    • How to see where your vendors are already compromised
    • The importance of actionable intelligence for real-time mitigation
    • Why a continuous monitoring solution is the future of third party risk
  • Utilizing Contextual Threat Intelligence in Splunk
    Utilizing Contextual Threat Intelligence in Splunk Henry Canivel, Security Operations Engineer, Splunk and Scott Donnelly, Director of Technical Solutions, Recorded Future Oct 18 2017 6:00 pm UTC 45 mins
    Security operations center (SOC) teams are continually faced with new alerts and events. Security information and event management (SIEM) solutions such as Splunk help by making it easier to collect and analyze data generated by your technology infrastructure, security systems, and business applications. However, working with this volume of data risks SOCs being overloaded and rapidly available and readable information is vital to prioritize how you respond.

    See how a pre-integrated solution between Recorded Future and Splunk gives you full context of emerging threats from the widest breadth of open, technical, and dark web sources. Join this webinar to:

    • Alleviate alert fatigue and speed decision making with machine and human-analyzed threat context.
    • Identify threats already in your system by correlating network traffic with known bad from outside your network.
    • Get a live walkthrough of how to utilize real-time threat intelligence in Splunk Enterprise.
  • Are You Ready for GDPR? Preparing Your Organisational Checklist
    Are You Ready for GDPR? Preparing Your Organisational Checklist Julian Parkin, Metro Bank; Philip East, BitSight Oct 19 2017 11:00 am UTC 60 mins
    Introduced in 2016, the General Data Protection Regulation (2016/679)—or GDPR—was created for the purpose of strengthening the European Union’s (EU) procedures and practices related to data protection. GDPR will impact organisations worldwide and implement maximum fines of up to €20,000,000 (or 4% of global turnover) if they fail to ensure compliance. Join BitSight’s Philip East and Metro Bank’s Julian Parkin as they discuss:

    - The checklist organisations should review to align their business with GDPR.
    - Noteworthy articles within GDPR and how they affect data governance/usage.
    - BitSight’s recommendations for monitoring the GDPR alignment of third parties.
  • PCI DSS 3.2 - Are You Ready?
    PCI DSS 3.2 - Are You Ready? Adrian Davis, Managing Director, (ISC)² EMEA, Mor Ahuvia, IAM Product Marketing Manager, Gemalto Oct 19 2017 11:00 am UTC 60 mins
    The February 2018 deadline for complying with PCI DSS 3.2 is fast looming. Most of the new requirements in the latest PCI DSS guidelines are focused on the need to extend multi-factor authentication (MFA) to additional use cases and user groups within organisations who handle Credit Card Data. From February 2018 onwards, all individuals who access systems such as databases, network modules and email servers which hold credit card data will be required to authenticate themselves with MFA.
    Join (ISC)² EMEA and Gemalto to learn:
    - What’s new in PCI DSS 3.2
    - How to effectively map PCI DSS MFA requirements to business use cases and user groups in your organisations
    - Best practices for organisations that need to extend their MFA footprints to additional use cases, and for those that are starting to think about how to comply with PCI DSS’s authentication requirements.
  • Collecting Personal Information Securely? If not time is running out.
    Collecting Personal Information Securely? If not time is running out. Jay Huff, Hiten Sharma Oct 19 2017 1:00 pm UTC 45 mins
    The care and handling of personal information is a top concern for consumers and governments alike. Unlike many issues which gain public attention and struggle to keep it, an endless stream of publicised data breaches serves to keep data privacy in the public eye. As a result we’re seeing increasingly onerous regulation coming into effect in an effort to improve the data management practices of organisations and protect the confidential information of citizens. Major Internet players are also weighing in in an effort to make the user experience more secure.

    For organisations with a large digital presence, identifying all the places that personal information, or in the case of GDPR, personally identifiable information, is collected can be a daunting task. Are those forms collecting data securely? Are they accompanied by compliant statements and controls? Research carried out by RiskIQ suggests that there is much more to do in this area.

    Join us for a closer look at the security and compliance issues surrounding the collection of personal information on the Internet and learn how you can automatically discover and assess all forms and persistent cookies across your web presence.
  • Post GDPR World - What Are Your Chances of Survival?
    Post GDPR World - What Are Your Chances of Survival? Amar Singh & Chris Payne Oct 19 2017 1:00 pm UTC 60 mins
    With the greatest shake-up of data protection regulation in a generation looming, CISOs, DPOs and IT Administrators are busy planning for the changes needed for their organisations to be compliant. But with 60% of IT executives suggesting staff as their biggest threat to adherence (Bluesource, 2017) and 90% of staff admitting to violating policies designed to prevent security incidents (BSI, 2017), have they really addressed the issue of friendly fire?

    In this live, informative and interactive webinar led by Amar Singh, Global CISO & CEO of Cyber Management Alliance. A panel of data security and policy experts will discuss, why staff remain such an active threat to GDPR compliance, why policies are being ignored and how to ensure that your staff are on-board with the GDPR before May 2018.


    Amar Singh, Global CISO & CEO, Cyber Management Alliance
    Chris Payne, Data Privacy Expert & Managing Director, Advanced Cyber Solutions
    Dominic Saunders, CTO and Co-Founder, NETconsent
    Joe Lee – UK and Ireland Commercial Manager, NETconsent
  • Thwarting Risk in the Modern Digital World
    Thwarting Risk in the Modern Digital World Sandy Carielli - Security Technologies Director, Entrust Datacard Oct 19 2017 3:00 pm UTC 30 mins
    Brought to you by Entrust Datacard and IDG Research

    As organizations expand on legacy infrastructures and build new digital business models, what is the role of trusted identity? This webinar will illustrate how trusted identity technologies — including authentication and PKI — are essential as organizations capitalize on the full potential of cloud and mobile technologies. We will also discuss how to avoid the pitfalls of misaligned identity strategies.
  • 451 Research & Gemalto Present "Alphabet Soup: Deciphering Multi-Cloud Security
    451 Research & Gemalto Present "Alphabet Soup: Deciphering Multi-Cloud Security Eric Hanselman, Chief Analyst at 451 Research and Michael Gardiner, Security Lead for CTO office, Gemalto Oct 19 2017 3:00 pm UTC 60 mins
    The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.

    In this joint webinar with 451 Research, we will cover topics including:

    -Building a multi-cloud security strategy for encryption and key management
    -Best practices, benefits and pitfalls of managing your own security
    -Impact of regulations on data protection in the next few years
    -Understanding the different CSP requirements for key management:
    oCustomer-Supplied Encryption Key (CSEK)
    oBring Your Own Key (BYOK)
    oHold Your own Key (HYOK)
    oGeneral cloud service provider key management services overview
  • Micro Focus Fortify & Black Duck Present: End to End Security in a DevOps World
    Micro Focus Fortify & Black Duck Present: End to End Security in a DevOps World Erdem Menges, Sr. Product Marketing Manager, Micro Focus Fortify and Dave Meurer, Technical Director, Black Duck Oct 19 2017 3:00 pm UTC 60 mins
    DevOps teams are building applications faster than ever before, and utilizing large amounts of open-source software to increase agility. However, that introduces the possibility of open-source security risk. The landscape of attacks has changed in recent years, with cyber-attacks increasingly happening on the application layer. This means DevOps teams need to be involved in the security process.

    This task is made more daunting as modern applications are a mix of custom code and open source in their applications. How do you protect your DevOps? Register for this webinar where security experts from Micro Focus Fortify and Black Duck discuss:
    - Understanding the mindset of an attacker
    - Ways to automate the process of risk identification
    - The ability to gate builds when finding risk elements
  • Application Controls and Data Reliability
    Application Controls and Data Reliability Jeff Sisolak, CISM, CISA Oct 19 2017 4:00 pm UTC 60 mins
    The use of Information Technology in business has become so ubiquitous that just about every audit has an IT component. Operational and business process auditors must embrace technological advances rather than resist them in order to perform audits in an effective and efficient manner. This webinar will provide all auditors with a foundational understanding of application controls and data reliability.