Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Votre proxy gagne en agilité grâce à l’isolation web
    Votre proxy gagne en agilité grâce à l’isolation web Hervé Doreau, Directeur Technique, Symantec France Live 45 mins
    Saviez-vous que des millions d’hôtes (domaines, sous-domaines ou adresses IP) apparaissent chaque jour et que, dans bien des cas, leur durée de vie ne dépasse pas 24 heures ?
    De nombreuses entreprises choisissent d’instaurer des politiques de passerelles web sécurisées afin d’empêcher les utilisateurs d’accéder à des sites non classifiés à cause du risque qu’ils représentent, même si la plupart sont tout à fait légitimes dans le cadre d’un usage professionnel.
    De la même façon, beaucoup d’entreprises décident de bloquer des sites dès lors que le niveau de risque est fort, sans être totalement avéré.
    En découle un blocage excessif des sites web qui nourrit l’insatisfaction des utilisateurs.
    Certains sites sont réputés pour leur fiabilité, d’autres pour leur dangerosité. Les sites qui posent vraiment problème sont ceux qui se situent entre les deux, lorsqu’il n’y a pas suffisamment de recul ou d’informations.
    Principaux thèmes abordés :
    - Découvrez le plus grand réseau civil d’intelligence sur les menaces au monde et la protection qu’il peut vous apporter face aux attaques de malware.
    - Apprenez à définir des politiques permettant d’isoler tout le trafic dont le risque est indéterminé ou non classifié par le Global Intelligence Network.
    - Sachez comment booster la productivité de l’entreprise sans créer de risques supplémentaires.
    Inscrivez-vous dès aujourd'hui.
  • What Your Vulnerability Scanner is Not Telling You
    What Your Vulnerability Scanner is Not Telling You Anand Paturi and Barry Cogan Recorded: Dec 14 2017 41 mins
    A recent, significant data breach in 2017 has caused people to take a deeper look into Apache Struts vulnerabilities. This weakness emphasized the impending risks for Apache Struts-based applications. Even today, scanners do not detect all known vulnerabilities. As of November 2017, the leading scanners still missed 14 total unique Common Vulnerabilities and Exposures (CVEs).

    In this webinar, we will analyze Apache Struts-related vulnerability weaponization patterns spanning the last decade. We will also provide insight into exploit patterns through a live exploit demonstration and explain how these patterns can define an organization’s risk management strategy.

    Hear from RiskSense’s Anand Paturi (VP of Research and Development) and Barry Cogan (Senior Security Analyst) as they guide us through the live demonstration and provide insights into exploit patterns
    and how attacks can be avoided.
  • 2018 RI Planning for AWS and Azure
    2018 RI Planning for AWS and Azure Marit Hughes, Billing Solutions Architect/SME and Todd Bernhard, Product Marketing Manager Recorded: Dec 14 2017 34 mins
    As 2017 comes to a close, you may have budget that falls under “use it or lose it.” If so, consider purchasing a credit towards discounted Reserved Instances for 2018 and beyond! RIs from AWS and more recently Microsoft Azure are a great way to save up to 75% compared to On Demand rates, as long as you know you’ll have a long-term need. You can use that end-of-year budget surplus to make an up-front payment towards a one or three year commitment, making your monthly cloud spend much less.

    In this webinar, attendees will:
    -Learn how to decide between the various types of RIs including Standard and Convertible
    -Understand the terms and payment options
    -Explore the tools available to make informed recommendations
  • IDC FutureScape: Worldwide Services 2018 Predictions
    IDC FutureScape: Worldwide Services 2018 Predictions Rebecca Segal, Group Vice President, Worldwide Services Recorded: Dec 14 2017 34 mins
    In this IDC FutureScape presentation, IDC's Rebecca Segal will lead a team discussion covering the key predictions that will impact the global services market over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their IT investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three-year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • 2018 Cyber Security Predictions: The Identity-Aware Perimeter Comes to the Fore
    2018 Cyber Security Predictions: The Identity-Aware Perimeter Comes to the Fore Chris Sullivan (SecureAuth+Core Security) & Garrett Bekker (451 Research) Recorded: Dec 14 2017 61 mins
    Join 451 Research and SecureAuth+Core Security for a peek into the emerging trends in cyber security and identity in 2018. Register today and learn how these trends will impact your strategy, organization, and job in the coming year.

    Security experts Garrett Bekker, 451 Research and Chris Sullivan, SecureAuth+Core Security will share insight on these trends and more:

    •Why network-based approaches to security are no longer sufficient in the age of cloud and IoT
    •Why identity is the new gating factor for access to sensitive resources
    •How various methods for securing cloud resources – CASB and IDaaS - need to converge
    •The need for risk-based approaches to authenticating users – and machines
  • Let's talk about OSSTMM with Pete Herzog from inside out
    Let's talk about OSSTMM with Pete Herzog from inside out Pete Herzog, Managing Director at ISECOM Recorded: Dec 14 2017 60 mins
    In early 2000, the Open Source Security Testing Methodology Manual (OSSTMM) was released with the primary objective of improving how the enterprise conducted security testing. Key sections of this methodology include operational, human, physical, wireless, telecommunication, and data network security testing. Today, OSSTMM is widely regarded as a methodology for penetration testing world-wide, offering a standard approach to conducting security testing. Frank Shirmo of ITPG Secure Compliance, a Cyber Security Boutique in Northern Virginia will be joined by Pete Herzog, the creator of OSSTMM, to answer key questions, and provide clarifications on OSSTMM for CTOs, CISOs, CIOs, Security Engineers and Analysts, and all other stakeholders interested in the topic of security testing.
  • Lean Cloud Security: Your Guide to SecOps Efficiency in the Cloud
    Lean Cloud Security: Your Guide to SecOps Efficiency in the Cloud Chris Gervais, VP of Engineering at Threat Stack, Sabino Marquez, CISO, at Allocadia Recorded: Dec 14 2017 42 mins
    You’re a security professional, or not, but sometimes get asked to sort of be one? You don’t have enough people, you don’t have enough budget, and you don’t have enough time. But you know that’s not an acceptable excuse now that we are all running fast in the cloud.

    Tune into our webinar to learn how you can make the most of your people, processes, and technology:
    - Despite security talent shortage, leverage your small team and other resources most effectively.
    - Make sure automated processes handle 99% of the noise, so you’re left to manage real threats.
    - Buy and manage the least amount of tools to do the most
  • Rideshare to the Cloud: Cloud Security & the Shared Responsibility Model
    Rideshare to the Cloud: Cloud Security & the Shared Responsibility Model Ananda Rajagopal, VP, Products, Gigamon, Dan Watson, Managing Consultant CyberSecurity, IBM, Glenn Hernandez, Frm USCG CISO Recorded: Dec 14 2017 61 mins
    Public clouds provided by services like AWS and Azure continue to surge in popularity with organizations small and large. However, the security of these services and how the responsibility for it is shared can be murky. Organizations want to assure that the public cloud is being used properly by everyone in the enterprise and to run mission-critical applications while meeting compliance and security controls. Join Gigamon and (ISC)2 on Thursday, December 14, 2017 at 1:00PM Eastern for a roundtable discussion on public clouds and the shared responsibility model and how that can help to secure and protect your organization.
  • Oracle Town Hall
    Oracle Town Hall Theo Gray (PwC), Abhi Joshi (PwC), Kevin Cardenas (Snow Software) Recorded: Dec 14 2017 55 mins
    Moderator:
    Abhi Joshi - PwC Forensic Services, Partner & US Software Asset Management Leader

    Speakers:
    Theo Gray - PwC Forensic Services, Sr. Associate - Former Oracle Licensing Consultant
    Kevin Cardenas - Snow Software - Oracle Licensing Consultant

    Join Snow Software and PwC for a lively and informative conversation about managing your Oracle software footprint.

    Topics of discussion will include:
    1.Oracle Licensing
    2.Oracle Policy
    3.Oracle ULA Renewals
    4.Oracle Certification
    5.Oracle and VMware Observations
  • 2018 GRC Predictions
    2018 GRC Predictions Tom Garrubba, Santa Fe Group; David Grazer, Tevora; Peter Tessin, Discover Financial Services; Christina Whiting, Tevora Recorded: Dec 14 2017 60 mins
    “It was the best of times, it was the worst of times,” wrote Dickens. 2017 has been a tumultuous year for governance, risk management, and compliance (GRC). 2018 could be just as stormy with cybersecurity, GDPR, and new risks caused by the shift to digital business. In this webinar, our panel of industry experts will recap the year’s highlights and offer their thoughts on what to expect in 2018.

    Discussion topics include:

    • Ramifications of major data breaches in 2017
    • The continuing shift in risk perspective from department to enterprise
    • Navigating third-party risk management on the road ahead
    • The role and influence of the board in 2018
    • GDPR and the trend toward data privacy and security

    Plan now to attend this special webinar on 2017 trends and 2018 predictions for GRC.
  • Black Duck Container Security MasterClass - Deploying Containers at Scale
    Black Duck Container Security MasterClass - Deploying Containers at Scale Tim Mackey, Sr. Technology Evangelist, Black Duck Recorded: Dec 14 2017 58 mins
    IT operations teams are now deploying and running hundreds or even thousands of containers at any given time. This rapid deployment surfaces challenges in validating the contents and security of container images being deployed. In this session, Black Duck container and virtualization expert Tim Mackey will provide an overview of technologies and solutions such as Red Hat OpenShift that enable organizations to deploy containers at scale securely.

    In this webinar, Tim Mackey explores this new era of large scale container deployments and how to manage and secure them.

    Attend and you'll learn:

    - How to maintain visibility and control for the open source deployed in hundreds of containers
    - How to help your development and operations teams work together to maintain the security of containers in production
    - How to build security into your deployment of container orchestration platforms
    - Measures you can take to proactively identify risks and remediate risks on containers in production
    - How you can use Black Duck OpsSight to scan containers being created, updated or deployed through their container orchestration platforms
  • Symantec Monthly Threat Briefing - 2017 in review, 2018 ahead
    Symantec Monthly Threat Briefing - 2017 in review, 2018 ahead Jeff Barto and Angelique Pereira, Trust Strategists at Symantec Recorded: Dec 14 2017 42 mins
    As we wrap up another year, let's take a moment to discuss what 2017 brought to the industry, and what we should expect to see next year.
  • IDC FutureScape: Worldwide Hospitality/Travel/Transportation 2018 Predictions
    IDC FutureScape: Worldwide Hospitality/Travel/Transportation 2018 Predictions Jaideep Thyagarajan, Senior Market Analyst, IT Spending/Solutions, IDC Retail Insights Recorded: Dec 14 2017 46 mins
    In this IDC FutureScape presentation, IDC's Worldwide Hospitality, Travel and Transportation Team discusses the key predictions that will impact organizations and their ability to digitally transform over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their digital transformation investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • GDPR - Inside a Data Breach
    GDPR - Inside a Data Breach Patrick McGrath, Director of Solutions Marketing, Commvault Recorded: Dec 14 2017 50 mins
    Many headlines for the General Data Protection Regulation (GDPR) mention the eye-watering fines for a data breach, but what happens when you realize you have actually been the victim of one? How hard will it really be to comply with a 72-hour breach notification? In this session, an insider will describe the data breaches, the approaches used to manage these incidents, key lessons learned and considerations for handling data breaches in a world with GDPR expectations.
  • How to Stop a Security Breach Becoming a PR Disaster
    How to Stop a Security Breach Becoming a PR Disaster Adrian Davis, Managing Director, (ISC)² EMEA, Neil Stinchcombe, Director, Eskenzi PR Recorded: Dec 14 2017 62 mins
    Your CEO has just called your mobile because a reporter from the BBC wants to know how many customers are affected by a hack into your payment database.
    How should you respond?
    What is the one thing you should not say to avoid turning a cyber incident into an event that has to be reported under GDPR?
    Why is Crisis Comms so different from all other types of PR?
    What things do you need to demonstrate that will limit the damage?
    Do you have a tried and tested Crisis Comms plan?
    Does everyone know who is on the Crisis Comms team?
    What they have to do?
    Who they need to inform?
    What they can and cannot say, and how they should say it?
    What type of skills do you need to manage media communications and prevent a cyber incident becoming a crisis?
  • Filling the GDPR Compliance Gap
    Filling the GDPR Compliance Gap Adenike Cosgrove, Sr. Product Marketing Manager, Proofpoint Recorded: Dec 14 2017 30 mins
    Join this session to discuss: How your organization can drive towards compliance, how to embed "privacy by design" to your development lifecycles, and how to protect all identified EU personal data and prevent data breaches.
  • Your Proxy Just Got Smarter with Web Isolation
    Your Proxy Just Got Smarter with Web Isolation Timothy Chiu - Senior Director of Product Marketing, Symantec Recorded: Dec 14 2017 33 mins
    Did you know millions of hosts (Domains, Subdomains, or IP Addresses) pop up every day and many of these have lifespans of less than 24 hours.

    Many organizations choose to set Secure Web Gateway policies to block users from going to uncategorized sites because of the risk they represent, even though many may be legitimate destinations for business purposes.

    In a similar fashion, many enterprises choose to block sites that have a heightened risk rating, but are not conclusively risky. This leads to website over-blocking and unhappy end users. Some sites are known to be good, others are known to be bad, the problem comes for those in the middle where insight/information is lacking.

    Key Learning Objectives:

    •Learn about the world’s largest civilian threat intelligence service and how it will protect you from Malware attacks

    •Learn how to set policies to send any traffic with inconclusive risk or uncategorized by Global Intelligence Network down a Web Isolation path.

    •Learn how to boost productivity for businesses without incurring any additional risk.

    Register Today
  • Cyber Security Predictions: What is in store for the EMEA region
    Cyber Security Predictions: What is in store for the EMEA region Jens Monrad, Senior Intelligence Account Analyst, FireEye iSIGHT Intelligence Recorded: Dec 14 2017 40 mins
    2017 was an eventful year in cyberspace, especially in Europe and the surrounding areas. We saw politically motivated industrial espionage attacks, changes in cyber legislation, a constantly adapting criminal ecosystem targeting various industries throughout the region – and that’s not even the half of it.

    Join us for our webinar on Dec. 14, 11am GMT, as Jens Monrad, Senior Intelligence Account Analyst with FireEye, discusses various aspects about the cyber threat landscape in the EMEA region in 2018, including:

    •Continued political tension in the region
    •Upcoming elections
    •Mixed security maturity
    •The effect of new compliance and data protection laws

    Register today to learn what lies ahead, and stay one step ahead of cyber security threats.
  • 【パートナー様向けWebセミナー】 FireEye NX 最新バージョン OS 8.0のご紹介と 提案のポイント
    【パートナー様向けWebセミナー】 FireEye NX 最新バージョン OS 8.0のご紹介と 提案のポイント FireEye Japan Recorded: Dec 14 2017 38 mins
    ファイア・アイ製品の販売に携わるパートナー、リセラーの皆様
    日頃より、ファイア・アイの製品およびサービスの販売、サポートのご支援を賜り誠にありがとうございます。

    このたび、Web脅威対策製品である「FireEye NX シリーズ」の最新バージョン「OS 8.0」 がリリースされました。今回のバージョンでは、侵害後の水平展開の動きを検知できる「スマートビジョン」やアナリストの解析を支援するアラート画面の刷新など、他社製品と比べ格段に強力なセキュリティ機能が搭載されています。また、OS 8.0の性能を最大限に引き出す最新ハードウェアプラットフォームも合わせてリリースされます。
    つきましては、下記の通り、OS 8.0の新機能について詳細、および導入例やキャンペーン情報などをご紹介するWebセミナーを開催いたします。
    12月のお忙しい中とは存じますが、ぜひ本Webセミナーにご参加ください。また、当開催情報につきましては社内で共有いただき、より多くの営業ご担当またはSEの方にもご案内いただけましたら幸いです。
  • 【最新機能が満載】ファイア・アイWeb脅威対策製品「FireEye NX」まるわかりWebセミナー
    【最新機能が満載】ファイア・アイWeb脅威対策製品「FireEye NX」まるわかりWebセミナー FireEye Japan Recorded: Dec 14 2017 41 mins
    セキュリティご担当の皆様

    昨今のセキュリティ攻撃は、ますます高度化が進んでいます。企業、組織のお客様がこうした脅威に対抗するべく、ファイア・アイのWeb脅威対策製品「FireEye NX」はどんどん進化をしています。


    この10月にリリースされた最新バージョンでは、侵害後の水平展開の動きを検知できる「スマートビジョン」やアナリストの解析を支援するアラート画面の刷新など、他社製品と比べ格段に強力なセキュリティ機能が搭載されています。また、新バージョンの性能を最大限に引き出す最新ハードウェアプラットフォームも合わせてリリースされます。


    つきましては、下記の通り、FireEye NXの最新機能で何ができるようになり、どういった脅威対策が可能になるのかを紹介するWebセミナーを開催いたします。

    本セミナーでは、ファイア・アイの会社概要、サンドボックス技術について、FireEye NXの基本機能を紹介した後、最新機能をわかりやすく解説します。標的型攻撃対策のポイントやファイア・アイの優位性などもお話させていただきますので、新たにセキュリティ担当になられた方、最新の脅威対策について知りたい方に最適な内容となっています。ふるってご参加ください。
  • Which Cyber/Cloud Security Certification Should I Obtain?
    Which Cyber/Cloud Security Certification Should I Obtain? Dr. Victor Berlin, Mission Critical Institute Recorded: Dec 14 2017 21 mins
    We will be reviewing the Certifications in the Cyber/Cloud Security industry and explaining the benefits of each.
  • IDC FutureScape: Worldwide Customer Experience (CX) 2018 Predictions
    IDC FutureScape: Worldwide Customer Experience (CX) 2018 Predictions Alan Webber, Research Director, Digital Strategy & Customer Experience Recorded: Dec 13 2017 34 mins
    In this IDC FutureScape presentation, IDC's Alan Webber will discuss covering the key predictions that will impact how enterprises address the customer experience over the next one to three years. Senior IT leaders and line-of-business executives will come away with guidance for managing the implications these predictions harbor for their IT investment priorities and implementation strategies.

    About IDC FutureScape
    IDC FutureScape reports are used to shape enterprise IT strategy and planning by providing a basic framework for evaluating IT initiatives in terms of their value to business strategy now and in the foreseeable future. IDC's FutureScapes are comprised of a set of predictions designed to identify a range of pending issues that CIOs and senior technology professionals will confront within the typical three-year business planning cycle. Each prediction is assessed on the basis of its complexity, organizational impact, and time frame to expected mainstream adoption.
  • IoT Security Overview: Threat Detection vs. IoT Device Protection
    IoT Security Overview: Threat Detection vs. IoT Device Protection Keao Caindec, Vice President of Marketing at Mocana Corporation Recorded: Dec 13 2017 22 mins
    Protecting connected networks and the Internet of Things (IoT) is critical to ensuring data privacy and security of systems. In this webinar, you'll learn about hacking scenarios and defending against common cyber attack vectors. You'll also learn about the important differences between IoT threat detection and device protection and how to reduce your cyber risks.
  • Machine Learning in Black and White
    Machine Learning in Black and White Chris Poulin, Principal/Director, Booz Allen Hamilton and Staffan Truvé, CTO and Co-Founder of Recorded Future Recorded: Dec 13 2017 58 mins
    Machine learning is no longer just the tool of tech companies. While it is now being baked into most security protection technologies, threat actors are a step ahead — adopting machine learning to conduct increasingly sophisticated attacks, and to circumvent AI-based defenses. In this webinar, Chris Poulin, Principal/Director with Booz Allen Hamilton and Staffan Truvé, CTO and Co-Founder of Recorded Future will show the good and bad of AI and machine-learning technologies, including:

    • How the collection and analysis of open source and technical data at unprecedented scale allows proactive decision making.
    • What humans can do — but beyond human scalability.
    • Examples of successful threat actor campaigns utilizing AI techniques.