Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
A SIEM is costly and complex, IDS/ IPS are not enough, threat intelligence is overwhelming, and a SOC takes years to build and an army of security staff to manage. So where do I start with security? How should I prioritize? How can I integrate all the tools? How many security staff will I need? How do I integrate a SOC and a NOC?
Managed Detection and Response is the answer to all these questions. With a focus on detecting and responding to threats, the service configures the right combination of tools and provides the people and process to help you quickly implement the best security within your budget. With a simple subscription-based model, you will pay a fixed price that is not dependent on your data volume. It is time to throw your SIEM, IPS, and other point solutions out and move forward with MDR.
This webinar covers how you can implement three years worth of work on your security roadmap in just 60 min.
Cloud app security is a top priority for many enterprises. Whether securing data in the Office 365 suite, ensuring compliance in ServiceNow, or getting control over shadow IT, information security leaders are exploring how Cloud Access Security Brokers can make an impact in their organizations.
Join Bob Gilbert, chief evangelist of Netskope, for a session on the top five CASB use cases that have the highest impact on cloud-consuming enterprises.
Attendees will learn:
•Industry-specific data that’s foundational to any cloud security business case;
•The five highest-impact CASB use cases from our customers, demonstrated from the perspective of users and security professionals; and
•How those use cases translate to “must have” requirements for any CASB evaluation.
Despite the fact that third party breaches have been on the rise, organizations may not be doing enough to manage the cybersecurity of all of their critical vendors. Law firms, in particular, are one of the most widely used third parties, yet the Legal sector may be getting overlooked in vendor security discussions.
In fact, the latest BitSight Insights Industry Index report revealed that although companies in the Legal sector have high security ratings and low rates of vulnerabilities, the industry remains a key target for cyber criminals. Therefore, it’s crucial for organizations in this space to understand their cybersecurity posture and improve their vendor risk management techniques.
Join Jake Olcott, VP at BitSight, and Jay Jacobs, Sr. Data Scientist at BitSight as they discuss data security in the Legal sector and beyond. In this webinar, you’ll learn:
- How the cybersecurity posture of the Legal sector has changed over time
- How the Legal sector stacks up against six other industries
- The importance of cybersecurity in the Legal sector
CTO and co-founder, Amichai Shulman provides valuable insight into cyber security trends and best practices to protect your organization.
Data breach after DDoS attack after insider threat… hackers upped their game with all signs pointing to more threats, not less. What does this mean for 2017? Attend this webinar and learn:
· What top 3 cyber security trends will have the largest impact in 2017
· Why cyber attacks are on the rise and multiplying quickly
· How to combat the increasing number of breaches
· What to consider in building a security plan that is right for your organization
Open-minded, collaborative, and engaged, Millennials embrace values that can be effectively directed to reduce risk across an organization. While some may view the Millennial spirit as a security liability, with the right support, their views and priorities can actually help cultivate a stronger security mindset within their teams.
In this talk, MJ Kelly explores how to develop security programs that resonate with Millennials. She presents practical approaches that incorporate deeply held priorities of the new generation, while ensuring that experienced team members remain included and engaged. Strategies include determining appropriate incentives, varying motivational focus, and testing new tactics such as gamification and novel information distribution channels to foster a strong security culture throughout the entire organization.
What does “high availability” mean in practical terms? Join our free webinar detailing what it takes to make your Git deployment highly available, including some of the trade-offs to expect. If you’ve got questions, this webinar is your chance to get answer from our Senior Product Manager and resident expert Doug Robinson.
Proxy deployments today have outlived their usefulness and practicality with limited security functionality against today’s advanced threats. Today's security must consider new applications, access options and capabilities within our networks. This webinar provides insights on a next generation security approach to today's networks that considers the changing nature of our networks without compromising the protection of our data and the integrity of our networks.
You can't secure what you can't see and not knowing what's on your network can be damaging. While security is about proactively detecting and mitigating threats before they cause damage, it is also about gaining deep visibility into today's complex networks which may include diverse platforms and architectures. A truly enterprise grade DNS, DHCP and IPAM (DDI) platform can provide that visibility because of where it sits in networks. On the downside, DNS is a top threat vector but it can be used as strategic control points to block malicious activity and data exfiltration. Join Infoblox and (ISC)2 on January 19, 2017 at 1:00PM Eastern for a round table discussion featuring Cricket Liu, a well known authority on the Domain Name System and the co- author of all of O'Reilly & Associates' Nutshell Handbooks on DNS, as we examine how strategic DNS can be used for visibility and security.
Ransomware has become extremely popular with cyber criminals because it’s easy and very profitable. Organizations can defend themselves and lower the risk of ransomware or other common threats costing them time and money.
Key Learning Objectives:
- A look at the current state of ransomware
- Simple and inexpensive steps that can advance state and local government security posture
- Better understanding of the cyber security landscape
- Best practices to take in cyber defense
Join us for a review on simple ways, state and local government can protect themselves against ransomware attacks.
The challenge with detecting malware is that it easily gets past traditional security solutions, placing your DNS infrastructure in harm’s way before you even notice it’s there. Hear how DNS operates and malware utilizes the DNS protocol to communicate with outside threats and exfiltrate data from an enterprise.
This webinar is ideal for IT and security managers who have limited experience with DNS or malware but are interested in how threats use this often overlooked protocol.
Viewers will learn:
•Practical strategies to protect your enterprise from bad DNS traffic
•Best practices for securing your DNS infrastructure
Increase security effectiveness and maintain dev agility
Three certainties in 2017: organizations worldwide will continue to increase their use of open source software; new open source security vulnerabilities will be discovered; exploits of open source vulnerabilities will occur.
With dev teams under constant pressure to accelerate application delivery and with security resources often scarce, organizations need more effective ways to determine which open source vulnerabilities to fix first and the options available to reduce risk during remediation.
Join Black Duck VP of Security Strategy Mike Pittenger as he discusses strategies and emerging best practices for risk-ranking open source vulnerabilities. He will cover:
- the most important considerations in prioritizing open source security issues
- ways to determine the risk associated with a discovered open source vulnerability
- options for dealing with open source security vulnerabilities beyond simply replacing the component
High speed and autonomous transportation, remote surgical procedures, and mixed reality experiences are just a few of the upcoming Internet of Things (IoT) technological game changers that require high speed and low latency communications infrastructure. 5G Radio Access Network (RAN) technologies continue to evolve to meet the complex and continually evolving network requirements of IoT applications.
This webcast will explore the latest advances in RAN, including:
• Which technologies will see the earliest deployments?
• How important will the 3.5 GHz band networks (also known as the Citizen’s Broadband Radio Service (CBRS)) be in future 5G applications?
• Will mmWave networks change the game in the last mile?
• How far will the industry advance in real deployments in the next year or two?
• Where are companies participating in this ecosystem investing their money?
• Are there concerns for Return on Investment (ROI) that companies are trying to resolve?
Brian Daly, Director - Core & Government/Regulatory Standards, AT&T Access Architecture & Devices
Adam Drobot, Chairman, OpenTechWorks, Inc.
Steven Glapa, VP of Marketing, Tarana Wireless
Two themes emerge from 451 Research's recent study of the organizational dynamics of enterprise information security teams: that security teams are understaffed and potentially incorrectly positioned in organizations. Join us to review the the study's results based on more than 930 online surveys and 20 live interviews with enterprise security leaders.
Most modern malware operates as part of a system. Whether it’s a multi-part kill chain with droppers and payloads, a botnet with command and control servers, or ransomware encrypting files, the malware on the compromised system talks to other systems over the internet.
If you have been compromised, and didn’t catch malware on the way in, you can often find it by monitoring outbound network connections.
In this webinar, Randy Franklin Smith, Windows Security Subject Matter Expert, and Rob McGovern, Sr. Technical Product Manager at LogRhythm, discuss the top 8 things to analyze in outbound connections from your network to the Internet.
The duo also shows you how Network Monitor tools can help you improve your network analysis and forensics capabilities.
Join this webcast to learn how monitoring your network can help you detect and investigate potential malicious behavior within your IT environment.
In this episode we will review the Top 5 Accelerators Defining the Business Landscape in 2020. What follows is a discussion of the accelerators primarily identified by Forrester and their impact on IT.
We are now three plus years into widespread adoption across industries of public SaaS apps like Office 365. Despite this momentum, security and compliance remain top challenges. This webinar, featuring Matt Hollcraft, CISO for Maxim Integrated, Dave Ruedger, Chief Security Architect for Maxim Integrated, and Rich Campagna, SVP of Products for Bitglass, will help you build a 2017 action plan to embrace public cloud without sacrificing security and compliance.
While offering practical, actionable advice for major apps like Office 365, Matt, Dave and Rich will address your top concerns, such as unmanaged device access, external sharing, and mitigating controls. They also will provide real world examples of how other organizations have securely navigated the public cloud.
The tables have been stacked against storage buyers for decades, but a change is coming. Forget the endless refresh treadmill of monolithic storage systems, and licensing models that are not just inflexible, but also force you to pay again and again for the same technology. Join this webinar to learn how to liberate your storage budget, and pay for storage the way that suits your business rather than the vendors, with 451 Research senior analyst Tim Stammers, and NetApp SolidFire’s Vice President & General Manager, Dave Wright.
National security agencies face significant challenges today. From new and unknown threats, to operating tempo and budget challenges, having the right technology in place is key to ensuring security in an increasingly evolving threatscape.
What if technology could help you:
Gain a common operating picture through shared awareness and visualization of unfolding events
Harness and validate new and existing sources of data to unlock key patterns and insights
Align and modernize systems for improved anytime, anywhere command and operations communication
Improve operational readiness and impact through the use of devices and apps tailored to specific roles and missions
In this webcast, we begin with the end in mind: the need for the optimization of data insights through analytics, the alignment of platforms and devices for enhanced security and readiness, and the enablement of command and operations within an agile, data-driven national security ecosystem.
Join this discussion to:
- Discuss current trends that are presenting significant challenges to protecting US citizens from terrorism and crime
- See how advancements in technology are empowering national security and federal law enforcement agencies to meet these challenges
- Learn how agencies are implementing a digital transformation strategy to enhance how they better protect citizens
A critical element to the success of an identity management deployment is the user experience, but it’s often overlooked, or not given high enough priority. An identity management deployment without a seamless, convenient user experience could be the make or break point for success.
This webcast will highlight critical components of a convenient and secure user experience. Attendees will learn:
Current trends in identity management and governance
Essential characteristics of employee, partner, and customer identity management
Key attributes of a successful identity management user experience with examples
Recommendations for a successful identity management deployment
Over the past year, we have seen data breaches shift towards identity-based breaches, targeting personal information of either employees or consumers. The access to the information is used to craft and construct highly organized attacks on enterprises and is a growing contributor to identity theft. The problem is compounded by the convergence of personal and work place identities, ultimately creating major security challenges for companies.
Our 2016 Authentication and Access Management survey found 90% of enterprise IT professionals are concerned that employee reuse of personal credentials for work purposes could compromise security. During the webinar, we’ll be discussing this and other trends in the strong authentication and access management market, including:
-The status of the two-factor authentication market and what we can expect in the years to come
-The enterprise risk issues of using social media credentials to access to corporate resources
-The role the cloud is playing in the enterprise especially as it relates to single sign on and application management and access
-The ongoing challenges enterprises cite as barriers to mass adoption of a mobile workforce
Key network infrastructure devices are overlooked yet they provide critical functionality. Exploiting web application weaknesses and service buffer overflows is exciting, but the housekeeping of network infrastructure is not. Issues in network infrastructure devices can lead to network wide problems that would cause system admininstration nightmares. This presentation provides a review of key security devices, often side-lined when looking at security. It covers the value of these devices to "Blue Teams", issues "Red Teams" can highlight, desired outcomes and auditing practices.
There’s a new threat in town – Jackpotting. It utilises malware directly infected onto ATMs, requiring no card skimmers that can be easily detected, no time needed to steal credentials, and grants access to every single dollar held in the machine.
ATM machines may not follow the strict patch management regimes that corporate machines do, leaving their operating system potentially much more vulnerable to malware attacks. Beyond the monetary loss, being Jackpotted can also negatively impact the brand, and expose the bank to regulatory action from lack of due diligence in risk management.
Hear how Symantec Cyber Security Services can help deliver a solution for these types of attacks. Through the combination of Data Center Security (DCS) and Managed Security Services (MSS) monitoring, you will receive prompt validated detection of both pre and post compromise attempts in near real-time, allowing faster responses and remediation.
With the large possibility amount of personal data availably, Data protection impact assessments are crucial to identify, understand and address any privacy issues that might arise when developing new products and services or undertaking any other new activities that involve the processing of personal data.
The objective of this webinar is to provide a pragmatic approach to such type of assessments in the context of the GDPR and IoT.
Growing exposure to IT risks has made organizations across industries volatile. Recent IT vendor incidents like data and security beaches, violation of privacy guidelines, which caused substantial fines, penalties, brand value, highlight that IT vendor risks are business risks and require focus from the leadership. An immature ITVRM programs limits the insights which are necessary for strengthening vendor relationships and building a robust ERM program. Rather than treating each risk in isolation, organizations need to have an integrated approach to manage risks holistically and in line with their business operations and objectives. With the growing dependency on IT and IT vendors, organizations need to align enterprise and IT VRM objectives to build a resilient framework suitable for today’s environment.
During the session, panelists will discuss how organizations can strengthen vendor management in the current landscape and improve business performance.
- Causes of Vendor Risks incidents and the impact on the enterprise
- Best approach to align IT vendor risk to enterprise risk
- Building mature VRM Program
- Role of technology in integrating Vendor risk to Enterprise risk management
With more security threats than ever before, organizations are looking to new ways to secure, manage and monitor their environments. The cost and scope associated with this issue are huge. Security environments have traditionally been closed, sealed and ‘secured’ by nature; but as organizations look to solve problems, they are embracing the idea of adopting open standards and architectures.
By embracing new, innovative and open standards, security organizations can look to solve complex problems in a modern new way. Explore how you can expand and grow your capabilities with simplicity, and more importantly in a predictable and cost-effective way.
This webinar will cover the evolving approach to help you solve security issues with modern open architecture solutions. Using the right approach and the right technologies are important to addressing requirements of log data storage, analysis, analytics and advanced security monitoring. Learn why integration is key and where ArcSight comes in.
The endpoint market is one that everyone seems to be talking about these days. With all that hype and buzz comes a confusing vendor landscape filled with nearly identical marketing speak from each and every vendor. How can the security professional make sense of all this noise? While certainly not an exhaustive list, here are seven questions to get you started.
The GDPR comes into force 25 May 2018 and this will have a significant impact on the way in which organisations collect, process and share data. Companies that fail to prepare for the GDPR risk incurring hefty fines of 20m euros or 4% of world-wide revenues, whichever is greatest. As such all organisations need a strategy for GDPR. By implementing a structured approach through the use of cloud-based applications, organisations will be able to effectively achieve and maintain compliance.
In this webinar we will: explore the key provisions of GDPR, examine the challenges organisations are facing with the new rules, provide guidance for Risk Managers, Compliance Leaders and other IT Professionals on how to approach these challenges, then demonstrate how our cloud-based GDPR Applications Suite can provide effective solutions that ensure your business can achieve and maintain compliance
Financial organizations are entrusted with the some of the most sensitive data and face a constant onslaught of attempts by insiders and hackers to steal incredibly valuable and easily monetized data. In this informative webinar, Kim Ellery, Director Product Marketing at Absolute, will discuss the increasing risk from both advanced attacks and insider threats. Attendees will gain actionable insights on how to balance the emphasis between detecting threats and preventing them in the first place, starting with visibility and actionable intelligence, to gain complete visibility and control of every endpoint device … no matter if they’re on or off the network.
Join the Absolute team on January 25th for an informative webinar on improving your visibility, get actionable insights and strategies to help you detect threats faster or prevent them entirely
You may have heard the terms Deep and Dark web, but do you understand what they mean? There is a lot of confusion over these terms, this webinar will help give you a good understanding of the different layers of the world wide web.
Richard Cozart, Technology administrator for IIA Detroit Chapter and Senior Security Architect at Securely Yours LLC will explain the secrets of deep dark web. He will clarify the terminology and will provide information on how to access it and what is generally available within the deep dark web.
Enterprises use value at risk metrics to drive most strategic decisions, except when it comes to cyber risk. Prioritizing cyber risk response and remediation is typically a guessing game that requires experts to work with the cyber and business teams to try to guesstimate probabilities of particular events and their ability to compromise each application's confidentiality, integrity and availability. Without calculating a dollar amount impact to which the business is exposed, stakeholders enterprise-wide have no way of knowing the most potentially damaging vulnerabilities and threats within their environment.
This webinar will discuss why enterprises must embrace quantifying cyber risk as they do in all other parts of the business and how they can calculate the financial impact metrics needed to drive faster and more effective decision making.
Taking your Security Operations Center (SOC) to the next level has never been more critical. Organizations around the globe are investing heavily in cyber defense capabilities to protect their most critical assets. Don’t miss this webinar to explore key findings from the 2017 State of Security Operations report on cyber defense organizations’ capabilities and maturity.
Learn what the most successful SOCs in the world are doing right, regional trends in the maturity of cyber defense capabilities and best practices to apply within your organization. Get the latest information on:
• Opportunities in automation
• Threat hunt teams and whether they are working
• New compliance regulations impacting SOCs
Register now and gain insight on the next steps your business can take to mature security operations in 2017.
Managing discovery is more complicated and expensive than ever, with more data and documents to manage, new sources and types of data to consider, and changing Federal and State rules. As an attorney, what do you need to know today to stay on top of it all? This CLE-approved* webcast session will cover key terms, rules, duties, and case law to give you the tools and resources necessary to efficiently and effectively meet the challenging discovery obligations that attorneys will face in 2017.
+ Key Terms
+ Phases of the EDRM
+ Rules Regarding Electronically Stored Information (ESI)
+ Competency Ethical Duties of Attorneys Regarding eDiscovery
+ Top Ten Important Cases in the Evolution of eDiscovery Best Practices
+ Useful Resources for eDiscovery Continued Education
Doug Austin: Doug is the VP of Operations and Professional Services for CloudNine. At CloudNine, Doug manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing legal technology consulting, technical project management and software development services to numerous commercial and government clients.
Doug is also the editor of the CloudNine sponsored eDiscovery Daily blog, which has become a trusted resource for eDiscovery news and analysis.
Karen DeSouza: Karen is the Director of Review Services, In-House Counsel, and a Professional Services Consultant for CloudNine. Also, Karen helps attorneys with CloudNine's software and Pre-Litigation Consulting Services. Karen is a licensed attorney in Texas and has over 15 years of legal experience. She also has a Bachelor of Science in Legal Studies - American Jurisprudence. Before CloudNine, Karen worked as an E-Discovery Director, Project Manager, and as an Associate at various law firms in Houston area where her primary focus was litigation.
*Approved for MCLE in TX and FL (and selected states based on approval at time of webcast delivery).
Bug Bounty programs are critical to the security programs of thousands of organizations, but many still have not embraced them. Join security leader Johnathan Hunt, VP Information Security at InVision, Paul Ross, SVP of Marketing at Bugcrowd to discuss why that situation must change, through topics including:
- How a security expert changed his mind about bug bounties
- Why no bug bounty means missed vulnerabilities
- How Bugcrowd finds a P1 bug every 27 hours
We will explore InVision’s bug bounty experience from conception to being critical to their customers’ confidence in their security.
*Register for the webinar now*
“Whether or not you’re going to have the good guys working for you or not, doesn’t mean the bad guys are going to stop working”
Harnessing the Power of Agile at Scale with Big Room Planning
Many organisations are already using agile methodologies like Scrum, but largely at an individual team level.
But how do you ensure correlation and coordination between different agile teams? How do you ensure alignment between business strategy and execution level? And how do you provide business stakeholders with visibility to track the progress of ongoing projects and programmes – traditional and agile?
The secret to succeeding with Enterprise Scale Agile is Big Room Planning; real-time collaboration, where teams identify risks early, untangle dependencies, and effectively plan their work aligned to business priorities and customer needs.
In this webinar, Jonas Högstrand and Andrew Sales, will discuss:
•What benefits organisations can achieve with greater levels of business agility
•Why Big Room Planning is a core activity for succeeding with agile at scale and the agile behaviours it drives
•How Big Room Planning works, who participates, what you do and why it’s worthwhile
•How CA Agile Central supports Big Room Planning and provides visibility to track and steer the plans that are created
Learn how to achieve faster time to market, improved quality, strategic alignment between IT and the business, and predictable delivery of features that delight customers.
With application security rapidly moving towards a DevSecOps approach, it's important to understand from each team's perspective how to be the successful in the new agile process.
Join this webinar to understand from a Developer's perspective both the challenges and benefits of a DevSecOps approach, and how to integrate with the rest of the security and operations teams.
With over 4,000 new open source vulnerabilities discovered since 2014, developers need new tools in their arsenals to guide, enforce, and monitor their use of open source code throughout the SDLC.
Join Mike Pittenger, VP of Security Strategy at Black Duck Software, where he’ll discuss how your organization can:
· Automate identification of all open source you’re using and map against known and newly identified vulnerabilities
· Accelerate remediation
· Take action today to better enforce open source security without impacting an agile SDLC