Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • [Webinar] Shifting Left Without Sacrificing Security and Compliance
    [Webinar] Shifting Left Without Sacrificing Security and Compliance Maya Ber Lerner, VP of Product, Quali Recorded: Dec 15 2017 25 mins
    Deliver Production-like Environments Early in the Dev/Test Lifecycle
    As a growing number of financial enterprises look into adopting Cloud and DevOps, environment complexity is often cited as one of the top barriers for such initiatives. Focusing on a Shift Left philosophy to deliver production-like environment access early on in the dev/test lifecycle can tremendously increase quality, cut down the cost to fix issues and, more importantly, increase innovation speed. This webinar will cover an example of using cloud sandboxes for allowing access to authentic replicas of production environments, allowing financial firms to focus on release software faster without sacrificing security and compliance.
  • How Cryptocurrencies are Changing the Face of Financial Services
    How Cryptocurrencies are Changing the Face of Financial Services Eric Larchevêque, CEO at Ledger and Joe Pindar, CTO Office Director of Strategy Recorded: Dec 15 2017 61 mins
    Joint webinar with Ledger and Gemalto discussing how cyrptocurrencies have the potential to revolutionize the financial industry and what needs to be done to secure the digital assets.
  • Paysage des menaces : tendances cyber sécurité 2017 et au-delà
    Paysage des menaces : tendances cyber sécurité 2017 et au-delà Laurent Heslault, Directeur des Stratégies de Sécurité, Symantec France Recorded: Dec 15 2017 56 mins
    L’année qui s’achève a été essentiellement marquée par des attaques coûteuses, des fuites de données retentissantes et plusieurs cas de ransomwares et d’espionnage économique. La cyber criminalité a gagné en ampleur et en audace, avec des retombées financières bien plus élevées. Les cyber attaques sont désormais régulièrement citées dans les médias.
    Ce webcast aborde les points suivants :
    • Le paysage des menaces en 2017
    • Les personnes ou les erreurs qui ont conduit à ces incidents
    • Les enseignements à tirer de cette année pour les professionnels de la sécurité comme vous
    • Les solutions qui peuvent renforcer votre sécurité à l’approche de 2018
    Inscrivez-vous
  • Votre proxy gagne en agilité grâce à l’isolation web
    Votre proxy gagne en agilité grâce à l’isolation web Hervé Doreau, Directeur Technique, Symantec France Recorded: Dec 15 2017 27 mins
    Saviez-vous que des millions d’hôtes (domaines, sous-domaines ou adresses IP) apparaissent chaque jour et que, dans bien des cas, leur durée de vie ne dépasse pas 24 heures ?
    De nombreuses entreprises choisissent d’instaurer des politiques de passerelles web sécurisées afin d’empêcher les utilisateurs d’accéder à des sites non classifiés à cause du risque qu’ils représentent, même si la plupart sont tout à fait légitimes dans le cadre d’un usage professionnel.
    De la même façon, beaucoup d’entreprises décident de bloquer des sites dès lors que le niveau de risque est fort, sans être totalement avéré.
    En découle un blocage excessif des sites web qui nourrit l’insatisfaction des utilisateurs.
    Certains sites sont réputés pour leur fiabilité, d’autres pour leur dangerosité. Les sites qui posent vraiment problème sont ceux qui se situent entre les deux, lorsqu’il n’y a pas suffisamment de recul ou d’informations.
    Principaux thèmes abordés :
    - Découvrez le plus grand réseau civil d’intelligence sur les menaces au monde et la protection qu’il peut vous apporter face aux attaques de malware.
    - Apprenez à définir des politiques permettant d’isoler tout le trafic dont le risque est indéterminé ou non classifié par le Global Intelligence Network.
    - Sachez comment booster la productivité de l’entreprise sans créer de risques supplémentaires.
    Inscrivez-vous dès aujourd'hui.
  • What Your Vulnerability Scanner is Not Telling You
    What Your Vulnerability Scanner is Not Telling You Anand Paturi and Barry Cogan Recorded: Dec 14 2017 41 mins
    A recent, significant data breach in 2017 has caused people to take a deeper look into Apache Struts vulnerabilities. This weakness emphasized the impending risks for Apache Struts-based applications. Even today, scanners do not detect all known vulnerabilities. As of November 2017, the leading scanners still missed 14 total unique Common Vulnerabilities and Exposures (CVEs).

    In this webinar, we will analyze Apache Struts-related vulnerability weaponization patterns spanning the last decade. We will also provide insight into exploit patterns through a live exploit demonstration and explain how these patterns can define an organization’s risk management strategy.

    Hear from RiskSense’s Anand Paturi (VP of Research and Development) and Barry Cogan (Senior Security Analyst) as they guide us through the live demonstration and provide insights into exploit patterns
    and how attacks can be avoided.
  • IDC FutureScape: Worldwide Services 2018 Predictions
    IDC FutureScape: Worldwide Services 2018 Predictions Rebecca Segal, Group Vice President, Worldwide Services Recorded: Dec 14 2017 34 mins
    In this IDC FutureScape presentation, IDC's Rebecca Segal will lead a team discussion covering the key predictions that will impact the global services market over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their IT investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three-year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • 2018 RI Planning for AWS and Azure
    2018 RI Planning for AWS and Azure Marit Hughes, Billing Solutions Architect/SME and Todd Bernhard, Product Marketing Manager Recorded: Dec 14 2017 34 mins
    As 2017 comes to a close, you may have budget that falls under “use it or lose it.” If so, consider purchasing a credit towards discounted Reserved Instances for 2018 and beyond! RIs from AWS and more recently Microsoft Azure are a great way to save up to 75% compared to On Demand rates, as long as you know you’ll have a long-term need. You can use that end-of-year budget surplus to make an up-front payment towards a one or three year commitment, making your monthly cloud spend much less.

    In this webinar, attendees will:
    -Learn how to decide between the various types of RIs including Standard and Convertible
    -Understand the terms and payment options
    -Explore the tools available to make informed recommendations
  • 2018 Cyber Security Predictions: The Identity-Aware Perimeter Comes to the Fore
    2018 Cyber Security Predictions: The Identity-Aware Perimeter Comes to the Fore Chris Sullivan (SecureAuth+Core Security) & Garrett Bekker (451 Research) Recorded: Dec 14 2017 61 mins
    Join 451 Research and SecureAuth+Core Security for a peek into the emerging trends in cyber security and identity in 2018. Register today and learn how these trends will impact your strategy, organization, and job in the coming year.

    Security experts Garrett Bekker, 451 Research and Chris Sullivan, SecureAuth+Core Security will share insight on these trends and more:

    •Why network-based approaches to security are no longer sufficient in the age of cloud and IoT
    •Why identity is the new gating factor for access to sensitive resources
    •How various methods for securing cloud resources – CASB and IDaaS - need to converge
    •The need for risk-based approaches to authenticating users – and machines
  • Lean Cloud Security: Your Guide to SecOps Efficiency in the Cloud
    Lean Cloud Security: Your Guide to SecOps Efficiency in the Cloud Chris Gervais, VP of Engineering at Threat Stack, Sabino Marquez, CISO, at Allocadia Recorded: Dec 14 2017 42 mins
    You’re a security professional, or not, but sometimes get asked to sort of be one? You don’t have enough people, you don’t have enough budget, and you don’t have enough time. But you know that’s not an acceptable excuse now that we are all running fast in the cloud.

    Tune into our webinar to learn how you can make the most of your people, processes, and technology:
    - Despite security talent shortage, leverage your small team and other resources most effectively.
    - Make sure automated processes handle 99% of the noise, so you’re left to manage real threats.
    - Buy and manage the least amount of tools to do the most
  • Let's talk about OSSTMM with Pete Herzog from inside out
    Let's talk about OSSTMM with Pete Herzog from inside out Pete Herzog, Managing Director at ISECOM Recorded: Dec 14 2017 60 mins
    In early 2000, the Open Source Security Testing Methodology Manual (OSSTMM) was released with the primary objective of improving how the enterprise conducted security testing. Key sections of this methodology include operational, human, physical, wireless, telecommunication, and data network security testing. Today, OSSTMM is widely regarded as a methodology for penetration testing world-wide, offering a standard approach to conducting security testing. Frank Shirmo of ITPG Secure Compliance, a Cyber Security Boutique in Northern Virginia will be joined by Pete Herzog, the creator of OSSTMM, to answer key questions, and provide clarifications on OSSTMM for CTOs, CISOs, CIOs, Security Engineers and Analysts, and all other stakeholders interested in the topic of security testing.
  • Rideshare to the Cloud: Cloud Security & the Shared Responsibility Model
    Rideshare to the Cloud: Cloud Security & the Shared Responsibility Model Ananda Rajagopal, VP, Products, Gigamon, Dan Watson, Managing Consultant CyberSecurity, IBM, Glenn Hernandez, Frm USCG CISO Recorded: Dec 14 2017 61 mins
    Public clouds provided by services like AWS and Azure continue to surge in popularity with organizations small and large. However, the security of these services and how the responsibility for it is shared can be murky. Organizations want to assure that the public cloud is being used properly by everyone in the enterprise and to run mission-critical applications while meeting compliance and security controls. Join Gigamon and (ISC)2 on Thursday, December 14, 2017 at 1:00PM Eastern for a roundtable discussion on public clouds and the shared responsibility model and how that can help to secure and protect your organization.
  • Oracle Town Hall
    Oracle Town Hall Theo Gray (PwC), Abhi Joshi (PwC), Kevin Cardenas (Snow Software) Recorded: Dec 14 2017 55 mins
    Moderator:
    Abhi Joshi - PwC Forensic Services, Partner & US Software Asset Management Leader

    Speakers:
    Theo Gray - PwC Forensic Services, Sr. Associate - Former Oracle Licensing Consultant
    Kevin Cardenas - Snow Software - Oracle Licensing Consultant

    Join Snow Software and PwC for a lively and informative conversation about managing your Oracle software footprint.

    Topics of discussion will include:
    1.Oracle Licensing
    2.Oracle Policy
    3.Oracle ULA Renewals
    4.Oracle Certification
    5.Oracle and VMware Observations
  • 2018 GRC Predictions
    2018 GRC Predictions Tom Garrubba, Santa Fe Group; David Grazer, Tevora; Peter Tessin, Discover Financial Services; Christina Whiting, Tevora Recorded: Dec 14 2017 60 mins
    “It was the best of times, it was the worst of times,” wrote Dickens. 2017 has been a tumultuous year for governance, risk management, and compliance (GRC). 2018 could be just as stormy with cybersecurity, GDPR, and new risks caused by the shift to digital business. In this webinar, our panel of industry experts will recap the year’s highlights and offer their thoughts on what to expect in 2018.

    Discussion topics include:

    • Ramifications of major data breaches in 2017
    • The continuing shift in risk perspective from department to enterprise
    • Navigating third-party risk management on the road ahead
    • The role and influence of the board in 2018
    • GDPR and the trend toward data privacy and security

    Plan now to attend this special webinar on 2017 trends and 2018 predictions for GRC.
  • Symantec Monthly Threat Briefing - 2017 in review, 2018 ahead
    Symantec Monthly Threat Briefing - 2017 in review, 2018 ahead Jeff Barto and Angelique Pereira, Trust Strategists at Symantec Recorded: Dec 14 2017 42 mins
    As we wrap up another year, let's take a moment to discuss what 2017 brought to the industry, and what we should expect to see next year.
  • Black Duck Container Security MasterClass - Deploying Containers at Scale
    Black Duck Container Security MasterClass - Deploying Containers at Scale Tim Mackey, Sr. Technology Evangelist, Black Duck Recorded: Dec 14 2017 58 mins
    IT operations teams are now deploying and running hundreds or even thousands of containers at any given time. This rapid deployment surfaces challenges in validating the contents and security of container images being deployed. In this session, Black Duck container and virtualization expert Tim Mackey will provide an overview of technologies and solutions such as Red Hat OpenShift that enable organizations to deploy containers at scale securely.

    In this webinar, Tim Mackey explores this new era of large scale container deployments and how to manage and secure them.

    Attend and you'll learn:

    - How to maintain visibility and control for the open source deployed in hundreds of containers
    - How to help your development and operations teams work together to maintain the security of containers in production
    - How to build security into your deployment of container orchestration platforms
    - Measures you can take to proactively identify risks and remediate risks on containers in production
    - How you can use Black Duck OpsSight to scan containers being created, updated or deployed through their container orchestration platforms
  • GDPR - Inside a Data Breach
    GDPR - Inside a Data Breach Patrick McGrath, Director of Solutions Marketing, Commvault Recorded: Dec 14 2017 50 mins
    Many headlines for the General Data Protection Regulation (GDPR) mention the eye-watering fines for a data breach, but what happens when you realize you have actually been the victim of one? How hard will it really be to comply with a 72-hour breach notification? In this session, an insider will describe the data breaches, the approaches used to manage these incidents, key lessons learned and considerations for handling data breaches in a world with GDPR expectations.
  • IDC FutureScape: Worldwide Hospitality/Travel/Transportation 2018 Predictions
    IDC FutureScape: Worldwide Hospitality/Travel/Transportation 2018 Predictions Jaideep Thyagarajan, Senior Market Analyst, IT Spending/Solutions, IDC Retail Insights Recorded: Dec 14 2017 46 mins
    In this IDC FutureScape presentation, IDC's Worldwide Hospitality, Travel and Transportation Team discusses the key predictions that will impact organizations and their ability to digitally transform over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their digital transformation investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • How to Stop a Security Breach Becoming a PR Disaster
    How to Stop a Security Breach Becoming a PR Disaster Adrian Davis, Managing Director, (ISC)² EMEA, Neil Stinchcombe, Director, Eskenzi PR Recorded: Dec 14 2017 62 mins
    Your CEO has just called your mobile because a reporter from the BBC wants to know how many customers are affected by a hack into your payment database.
    How should you respond?
    What is the one thing you should not say to avoid turning a cyber incident into an event that has to be reported under GDPR?
    Why is Crisis Comms so different from all other types of PR?
    What things do you need to demonstrate that will limit the damage?
    Do you have a tried and tested Crisis Comms plan?
    Does everyone know who is on the Crisis Comms team?
    What they have to do?
    Who they need to inform?
    What they can and cannot say, and how they should say it?
    What type of skills do you need to manage media communications and prevent a cyber incident becoming a crisis?
  • Filling the GDPR Compliance Gap
    Filling the GDPR Compliance Gap Adenike Cosgrove, Sr. Product Marketing Manager, Proofpoint Recorded: Dec 14 2017 30 mins
    Join this session to discuss: How your organization can drive towards compliance, how to embed "privacy by design" to your development lifecycles, and how to protect all identified EU personal data and prevent data breaches.
  • Your Proxy Just Got Smarter with Web Isolation
    Your Proxy Just Got Smarter with Web Isolation Timothy Chiu - Senior Director of Product Marketing, Symantec Recorded: Dec 14 2017 33 mins
    Did you know millions of hosts (Domains, Subdomains, or IP Addresses) pop up every day and many of these have lifespans of less than 24 hours.

    Many organizations choose to set Secure Web Gateway policies to block users from going to uncategorized sites because of the risk they represent, even though many may be legitimate destinations for business purposes.

    In a similar fashion, many enterprises choose to block sites that have a heightened risk rating, but are not conclusively risky. This leads to website over-blocking and unhappy end users. Some sites are known to be good, others are known to be bad, the problem comes for those in the middle where insight/information is lacking.

    Key Learning Objectives:

    •Learn about the world’s largest civilian threat intelligence service and how it will protect you from Malware attacks

    •Learn how to set policies to send any traffic with inconclusive risk or uncategorized by Global Intelligence Network down a Web Isolation path.

    •Learn how to boost productivity for businesses without incurring any additional risk.

    Register Today
  • Cyber Security Predictions: What is in store for the EMEA region
    Cyber Security Predictions: What is in store for the EMEA region Jens Monrad, Senior Intelligence Account Analyst, FireEye iSIGHT Intelligence Recorded: Dec 14 2017 37 mins
    2017 was an eventful year in cyberspace, especially in Europe and the surrounding areas. We saw politically motivated industrial espionage attacks, changes in cyber legislation, a constantly adapting criminal ecosystem targeting various industries throughout the region – and that’s not even the half of it.

    Join us for our webinar on Dec. 14, 11am GMT, as Jens Monrad, Senior Intelligence Account Analyst with FireEye, discusses various aspects about the cyber threat landscape in the EMEA region in 2018, including:

    •Continued political tension in the region
    •Upcoming elections
    •Mixed security maturity
    •The effect of new compliance and data protection laws

    Register today to learn what lies ahead, and stay one step ahead of cyber security threats.
  • 【パートナー様向けWebセミナー】 FireEye NX 最新バージョン OS 8.0のご紹介と 提案のポイント
    【パートナー様向けWebセミナー】 FireEye NX 最新バージョン OS 8.0のご紹介と 提案のポイント FireEye Japan Recorded: Dec 14 2017 38 mins
    ファイア・アイ製品の販売に携わるパートナー、リセラーの皆様
    日頃より、ファイア・アイの製品およびサービスの販売、サポートのご支援を賜り誠にありがとうございます。

    このたび、Web脅威対策製品である「FireEye NX シリーズ」の最新バージョン「OS 8.0」 がリリースされました。今回のバージョンでは、侵害後の水平展開の動きを検知できる「スマートビジョン」やアナリストの解析を支援するアラート画面の刷新など、他社製品と比べ格段に強力なセキュリティ機能が搭載されています。また、OS 8.0の性能を最大限に引き出す最新ハードウェアプラットフォームも合わせてリリースされます。
    つきましては、下記の通り、OS 8.0の新機能について詳細、および導入例やキャンペーン情報などをご紹介するWebセミナーを開催いたします。
    12月のお忙しい中とは存じますが、ぜひ本Webセミナーにご参加ください。また、当開催情報につきましては社内で共有いただき、より多くの営業ご担当またはSEの方にもご案内いただけましたら幸いです。
  • 2018 Predictions & Recommendations: Financial Services
    2018 Predictions & Recommendations: Financial Services Lawrence Chin, Security Market Architect, Palo Alto Networks Dec 18 2017 2:00 pm UTC 30 mins
    Join Lawrence as he looks into the SWIFT mandatory security controls and what that means for financial institutions in 2018.

    Discover more by reading the blog in the attachments.
  • How to Prepare for GDPR: A Gemalto Case Study
    How to Prepare for GDPR: A Gemalto Case Study Jean-Pierre Mistral, Director of Global Data Privacy and Alex Hanway, Encryption Product Marketing Dec 18 2017 4:00 pm UTC 60 mins
    Join us for a new webinar in our series focused on helping companies prepare for the upcoming global government regulations, like European General Data Protection Regulation (GDPR). Data sovereignty, especially for cloud-first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.

    This webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our Director of Global Data Privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Alex Hanway, Product Marketing, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.

    Join us to hear more about:
    •What is GDPR?
    •Case Study: A look at how Gemalto has prepared for GDPR
    •The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
  • How to Stop All Impostor Threats Coming Into, and Going Out of Your Organization
    How to Stop All Impostor Threats Coming Into, and Going Out of Your Organization Ryan Terry, Product Marketing Manager and Ash Valeski, Sr. Manager Product Managemen Dec 19 2017 11:00 am UTC 60 mins
    The cost of Impostor email has risen to $5.1B. Business email compromise (BEC) is impacting employees, business partners and customers of organizations around the world.

    Proofpoint Email Fraud Defense (EFD) extends the security already offered by Email Protection to block criminals that spoof your trusted domains to trick victims, both inside and outside of your organization, into sending money and other sensitive information to the attacker.

    Join us for a live webinar on Tuesday, June 6th at 10am PST where you will learn:
    • Latest impostor email trends including BEC and consumer phishing
    • How to extend your current protection to stop all impostor threats
    • Upcoming product integration with Email Protection to secure your entire email ecosystem
  • [ARABIC] 2017 - How FireEye can help MEA organisations to protect against APTs
    [ARABIC] 2017 - How FireEye can help MEA organisations to protect against APTs Yazan Hammoudah, Director of System Engineers, Middle East and Africa Dec 19 2017 11:00 am UTC 45 mins
    From cyber criminals who seek personal financial information and intellectual property to state-sponsored cyberattacks designed to steal data and compromise infrastructure, today’s advanced persistent threats (APTs) can sidestep cyber security efforts and cause serious damage to your organisation. 2017 is already one of the most prolific years in terms of APT activity. Indeed, since the beginning of the year, there have been several examples of major cyberattacks across EMEA and more specifically in the Middle East. How can FireEye help your organisations protect against these persistent threats?

    Join this live webinar in Arabic as we will discuss the following topics:
    - FireEye Adaptive Defense
    - Technology
    - Intelligence
    - Expertise

    https://www.fireeye.com/
  • Cyber Security Webinar:  Strategies to protect your data in the cloud
    Cyber Security Webinar: Strategies to protect your data in the cloud Justin Harris, Public Cloud Architect and Jason Montgomery, EMEA Manager for Palo Alto Networks Aperture Dec 19 2017 11:00 am UTC 60 mins
    Join Justin Harris, Public Cloud Architect at Palo Alto Networks and Jason Montgomery, EMEA Manager for Palo Alto Networks Aperture to understand:

    - Why organisations are moving to the cloud and the obstacles getting there
    - The role of Cloud Access Security Brokers (CASB) and a simpler approach to securing SaaS applications
    - How a Next-Generation Firewall compliments and enhances AWS/ Azure's built in security tools
    - Automation and how to move quickly with cloud security
    - Key strategies to ensure your organisation's data remains protected
    - Questions and Answers

    We do hope you can join us for this exclusive webinar to understand new cloud security challenges and strategies for protecting your data.
  • APT34 - New Targeted Attack in the Middle East
    APT34 - New Targeted Attack in the Middle East Dan Caban, Principal Consultant; Stuart Davis, Regional Sales Director Dec 19 2017 1:30 pm UTC 60 mins
    Recent investigations by FireEye’s Mandiant incident response consultants combined with FireEye iSIGHT Threat Intelligence analysis have given us a more complete picture of a suspected Iranian threat group, that we believe has been operating since at least 2014.

    APT34 are involved in long-term cyber espionage operations largely focused on the Middle East. This threat group has conducted broad targeting across a variety of industries, including financial, government, energy, chemical, and telecommunications.

    Join us in a live webinar as we discuss this threat group whom we assess to be working on behalf of the Iranian Government, with a mission that would benefit nation-state geopolitical and economic needs. APT34 uses a mix of public and non-public tools, often conducting spear phishing operations using compromised accounts from trusted third parties, sometimes coupled with social engineering tactics.

    Register today to gain deeper insights into this threat group!
  • 2018 Predictions & Recommendations: ICS/SCADA
    2018 Predictions & Recommendations: ICS/SCADA Del Rodillas, Dir. Product Marketing, Palo Alto Networks Dec 19 2017 2:00 pm UTC 30 mins
    Prediction Number 1: In 2018 we will start seeing large-scale deployments of Automated Threat Response by leading operators of ICS in critical infrastructure and manufacturing environments.

    Find out more predictions about where Security and IOT will be in 2018 by watching the video.

    Discover more by reading the blog in the attachments.
  • 4 Steps to Risk Ranking Your Vulnerabilities
    4 Steps to Risk Ranking Your Vulnerabilities Mike Pittenger, VP Security Strategy, Black Duck Software Dec 19 2017 4:00 pm UTC 30 mins
    Vulnerabilities are an inevitable part of software development and management. Whether it’s open source or custom code, new vulnerabilities will be discovered as a code base ages. A 2017 Black Duck analysis of code audits conducted on 1,071 applications found that 97% contained open source, but 67% of the applications had open source vulnerabilities, half of which were categorized as severe. As the number of disclosures, patches, and updates grows, security professionals must decide which items are critical and must be addressed immediately and which items can be deferred.
     
    Join Black Duck’s VP of Security Strategy, Mike Pittenger, for a 30-minute discussion of best practices in open source security and vulnerability management. You’ll learn:
     
    - Methods for determining which applications are most attractive to attackers, and which pose the greatest risk
    - Ways to assess the risk associated with a disclosed open source vulnerability
    - Strategies to minimize the impact of open source security vulnerabilities when immediate fixes can’t be made
  • How to Approach a Cyber Security Review with Your Eyes Wide Open
    How to Approach a Cyber Security Review with Your Eyes Wide Open Matthew Rogers, Security Director at Freudenberg IT Dec 19 2017 4:00 pm UTC 15 mins
    Cybersecurity disasters dominated the news in 2017. WannaCry alone bashed hundreds of thousands of targets. Now is the time for CIOs and CSOs to scrutinize multiple components of their security because, let’s face it, attackers are busy working up new creative ways to hijack your data in 2018.

    Attend this webinar to learn what it takes to build an in-depth defense. This straightforward presentation will cover:

    • Security KPIs with risky validation processes (far more common than you think)

    • A checklist of security points that need tight inspection (and where to drill down)

    • New security services that streamline the process
  • IDC FutureScape: Worldwide SMB 2018 Predictions
    IDC FutureScape: Worldwide SMB 2018 Predictions Ray Boggs, Vice President, Small and Medium Business Research Dec 19 2017 4:00 pm UTC 60 mins
    In this IDC FutureScape presentation, the IDC Worldwide SMB team discusses the key predictions that will impact CIOs and IT professionals in the worldwide industry over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their IT investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • DFLabs IncMan Product Overview
    DFLabs IncMan Product Overview Oliver Rochford, VP of Security Evangelism at DFLabs, Steven Ditmore Senior Sales Engineer at DFLabs Dec 19 2017 4:00 pm UTC 45 mins
    Learn how DFLabs IncMan can help you automate, orchestrate and measure your incident response and security operations.

    By joining this webinar you will have the opportunity to discover DFLabs IncMan and how our solution can help you to:

    - Minimize Incident Resolution Time by 90%
    - Maximize Analyst Efficiency by 80%
    - Increase the amount of handled Incidents by 300%
  • OT Security and the Next Generation of Industrial Cyber-Attacks
    OT Security and the Next Generation of Industrial Cyber-Attacks Andrew Tsonchev, Director of Technology, Darktrace Industrial & Simon Fellows, Head of Security, Darktrace Dec 19 2017 5:00 pm UTC 30 mins
    2017 left us with little doubt that attacks against our national critical infrastructure are real. The U.S. government and EU both released rare public statements for energy and utility firms, warning that sophisticated threat-actors are targeting industrial control systems at a never-before-seen rate.

    Operational Technology (OT) systems present a unique cyber challenge that traditional technologies fail to meet. Reliant on bespoke legacy systems, industrial environments are increasingly connected to IT environments, a challenge compounded by remote maintenance repair operations and connected industrial devices.

    Darktrace turns the OT security problem on its head, by leveraging AI to identify and neutralize threats to critical infrastructure in real time. Powered by machine learning, Darktrace’s Industrial Immune System understands the normal ‘pattern of life’ for every operator and device without requiring agents or knowledge of operating system – ensuring that cyber-attacks across OT and IT are stopped before they escalate into a crisis.

    Join Darktrace Industrial’s Director of Technology, Andrew Tsonchev, and Darktrace’s Head of Security, Simon Fellows, for a discussion on the evolving OT threat landscape, and how immune system technology helps industrial organizations fight back.
  • IDC FutureScape: Worldwide 3D Printing 2018 Predictions
    IDC FutureScape: Worldwide 3D Printing 2018 Predictions Keith Kmetz, Program VP, Imaging, Printing & Document Solutions Dec 19 2017 7:00 pm UTC 60 mins
    In this IDC FutureScape presentation, IDC's Keith Kmetz will lead a discussion covering the key predictions that will impact the 3D printing market over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their IT investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three-year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • Automate the Detection and Response of Phishing Attacks
    Automate the Detection and Response of Phishing Attacks Greg Foss (LogRhythm), Paul Asadoorian (Security Weekly), John Strand (Black Hills Information Security) Dec 20 2017 12:00 am UTC 75 mins
    Phishing campaigns are among the most common and damaging cyberattacks. Despite how common and successful phishing attacks are, often times organizations and their employees are ill-prepared to handle these threats.

    In this webinar, Greg Foss, LogRhythm Manager of Global Security Operations, Paul Asadoorian, Security Weekly CEO and Founder, and John Strand, Black Hills Information Security Owner and Security Analyst, discuss phishing attacks and how you can protect yourself from them. Additionally, the three go on to discuss how LogRhythm’s open-source Phishing Intelligence Engine (PIE), can help streamline and automate the entire process of tracking, analyzing, and responding to phishing emails.

    Watch now to learn how LogRhythm is helping to automate the detection and response to phishing attacks.
  • 万能なエンドポイントセキュリティを目指して
    万能なエンドポイントセキュリティを目指して Presenter: 株式会社シマンテック エバンジェリスト 髙岡 隆佳 / Moderator: (ISC)2 Director of Business Development, Japan小熊慶一郎 Dec 20 2017 7:00 am UTC 60 mins
    ~多様なモバイル環境と多角的な脅威に対応するために~

    昨今では高度な脅威は境界線をすり抜け、または公衆にさらされたモバイル環境から直接ユーザのエンドポイントを脅かし続けています。クラウドシフトや働き方改革により今まで以上にエンドポイントの保護が求められる中、多角的で高度な脅威からエンドポイントを包括的に保護するための最新の技術動向(機械分析・EDR・要塞化・詐称など)について解説いたします。
  • Is DNS a Part of Your Cyber Strategy?
    Is DNS a Part of Your Cyber Strategy? Adrian Davis, Managing Director, (ISC)² EMEA, Gary Cox, Technology Director, Infoblox Dec 20 2017 12:00 pm UTC 60 mins
    Detecting malware, helping to prevent and disrupt command and control communication, ransomware and phishing attacks, being part of a data loss prevention program – DNS can help with this and much more, but are you leveraging it as part of your security controls and processes?

    DNS is the perfect choke point to stop not just data exfiltration through it, but also detect and stop malware from spreading and executing

    In this webinar you’ll learn:
    •The value of DNS as part of your cyber strategy
    •How DNS can provide your SIEM with actionable intelligence
    •How DNS can add value to other security controls, such as vulnerability scanners and end point protection

    Join Infoblox and (ISC)² for a discussion on this often overlooked topic.
  • 2018 Predictions & Recommendations: Automotive & Connected Cars
    2018 Predictions & Recommendations: Automotive & Connected Cars Dharminder Debisarun, Industry Security Architect , Palo Alto Networks Dec 20 2017 2:00 pm UTC 30 mins
    Cloud is transforming many industries, and the automotive industry is no exception. Gartner predicts that, by 2020, we will have a quarter of a billion connected cars on the road, and new cars will rely heavily on innovative cloud-based technology. Find out how Cloud is pushing this industry forward and what the security concerns and predictions will be for 2018 in this video.

    Discover more by reading the blog in the attachments.
  • IDC FutureScape: Worldwide Social and Experiential 2018 Predictions
    IDC FutureScape: Worldwide Social and Experiential 2018 Predictions Wayne Kurtzman, Research Director, Social and Experiential Solutions Dec 20 2017 4:00 pm UTC 60 mins
    In this IDC FutureScape presentation, IDC's Wayne Kurtzman and John Jackson will discuss the key predictions that will impact the evolution of social media and customer experiences over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their IT investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three-year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • Manage application risk with policy-based scanning
    Manage application risk with policy-based scanning Glenn Whittemore, CA Veracode Solution Architect Dec 20 2017 5:00 pm UTC 30 mins
    Ensure that all your applications are accurately assessed with policy-based scanning.
    Join this 20 minute webinar to see how Veracode can help you protect your organization against data breaches and meeting regulations and policies addressing cybersecurity and information security controls in a timely manner.
    See how the Veracode Platform provides built-in, automated compliance workflows to reduce communication overhead and provide a secure audit trail of your compliance processes, including notifications about policy changes. Veracode’s unified platform can also help you address OWASP security issues by integrating security seamlessly into software development and eliminating vulnerabilities at the most efficient and effective points in the development/deployment chain.
  • Logging Service Overview
    Logging Service Overview Jayant Thakre, Sr. Product Marketing Manager Dec 20 2017 5:00 pm UTC 45 mins
    The recent release of our Cloud-Based Logging Service marks the next step in Palo Alto Networks’ evolution towards a consumption model that complements the dynamic nature of today’s IT infrastructure. In this brief 30-minute webinar we will discuss how Logging Service provides an alternative for Palo Alto Networks next-generation security infrastructure and why it is a cornerstone of our strategy. We will show how the Cloud-Based Logging service will help to offload CAPEX and operational overhead while also increasing data retention and intelligence.
  • Assessing the Cyber Performance of the Financial Services Supply Chain
    Assessing the Cyber Performance of the Financial Services Supply Chain Tom Montroy, Data Scientist, BitSight; Noah Simon, Product Marketing Manager, BitSight Dec 20 2017 5:30 pm UTC 60 mins
    An increasing number of data breaches begin with the compromise of a key vendor or business partner. This was evident with the spread of NotPetya ransomware this past June, which highlighted to the world the importance of updating systems within corporate networks to prevent susceptibility to breach. Now more than ever, it’s critical that organizations are aware of both the vulnerabilities within their own networks and those within their supply chain.

    Join Noah Simon (Product Marketing Manager, BitSight) and Tom Montroy (Data Scientist, BitSight) as they analyze BitSight’s findings on common security issues found within the supply chain of the Financial Services industry, and what any organization managing third-party risk needs to know. In this webinar, they will discuss:

    - The security performance of over 5,200 Legal, Technology, and Business Services companies monitored by hundreds of Financial Services firms on the BitSight Security Rating platform.

    - BitSight’s research on botnet infections, outdated systems, and peer-to-peer file sharing within the Financial Services industry.

    - Best practices for managing third-party cyber risk and analyzing weak links in your supply chain.
  • Detecting Human Cyber Attackers Already Within Your Networks
    Detecting Human Cyber Attackers Already Within Your Networks John Bradshaw, Sr. Director, Solutions Engineering at Acalvio Technologies and Rick Moy, CMO, Acalvio Technologies Dec 20 2017 6:00 pm UTC 60 mins
    This session will discuss the ongoing problem of identifying attackers who have successfully evaded prevention technologies such as firewalls, IPS and antivirus, otherwise known as prevention failure detection. It will focus on deception technology and its practical approaches to quickly detecting attackers already inside your network. Special attention will be given to working with SIEMs to validate alerts, as well as incident response and forensic procedures.
  • 2018 Predictions & Recommendations: Threat Landscape
    2018 Predictions & Recommendations: Threat Landscape Ryan Olson, Snr Dir. Threat Intelligence, Palo Alto Networks Dec 21 2017 2:00 pm UTC 30 mins
    Join Ryan Olson, Senior Director of Threat Intelligence for Palo Alto Networks as he looks at the multiple instances of compromises we make within the Software Supply Chain, and get this predictions of what to expect from 2018.

    Discover more by reading the blog in the attachments.
  • Career Conversations w/ Kristi Horton  - Threat Intel and Forensics Expert
    Career Conversations w/ Kristi Horton - Threat Intel and Forensics Expert Kristi Horton and Jessica Gulick Dec 22 2017 12:00 am UTC 60 mins
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!

    Guests: Kristi Horton, Threat Intelligence and Forensics Expert, Founder of Horton Technologies, LLC

    Hosted by Jessica Gulick, VP of the Women's Society of Cyberjutsu

    About the Speaker:
    Kristi Horton is a pioneer with an entrepreneurial spirit. She challenges conventional thinking and encourages peers, team members, and students to seek solutions from other disciplines and leverage any resources at their disposal to overcome barriers to success. Kristi has built and led cyber threat intelligence programs for a top 10 US financial institution, founding and running a commercial digital forensic practice for a Fortune 500 firm, developing new courses and training modules in cyber security, intelligence, and digital forensics along with developing assessment exercises, and serving as an evaluator and coach for forensic professionals. Kristi has mobilized collaborative groups in the financial services industry to develop a common lexicon to enhance threat information sharing among cyber security peers, and initiated a forum for the discussion cyber intelligence strategies. Kristi is active in the community through presentations, panel discussions, and organizing training for intelligence analysts on topics ranging from "what is intelligence", to "Applying Analytic Tradecraft to Overcome Bias". Her work has been recognized by government agencies and commercial firms alike.