Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • [GERMAN] DSGVO - sind Sie bereit?
    [GERMAN] DSGVO - sind Sie bereit? Per Stritich, RVP bei Box Hendrik A. Reese, Senior Manager bei Pricewaterhouse Coopers Recorded: Jul 20 2018 16 mins
    Der Moderator Detlef Korus diskutiert mit Box und PriceWaterhouseCoopers zum Thema DSGVO und Strategien zu deren Umsetzung.
  • I tuoi dati su Office 365 sono protetti?
    I tuoi dati su Office 365 sono protetti? Tristano Ermini, Systems Engineer Recorded: Jul 20 2018 41 mins
    Applicazioni SaaS come Microsoft® Office 365® sono molto apprezzate e sempre più diffuse nelle aziende, ma lo stesso può dirsi delle minacce che si nascondono in queste offerte:

    • Esposizione accidentale dei dati con SharePoint®
    • Uso non controllato di account personali di OneDrive®
    • Violazioni alla sicurezza dei dati in Exchange

    Sì, anche applicazioni SaaS affidabili come Office 365 possono far crescere il rischio di violazioni e problemi di conformità.

    La nostra Security Operating Platform può offrirti supporto. Registrati al webinar e scopri come soddisfare le tue esigenze CASB e proteggere i dati sul cloud da malware ed esposizione accidentale.

    Scopri anche come ottenere visibilità completa e reporting, classificazione dei dati e controllo granulare delle attività per utente, cartella e file, per una protezione efficace dei dati business-critical su Office 365.
  • [GERMAN] Wird AI auch das Content Management revolutionieren?
    [GERMAN] Wird AI auch das Content Management revolutionieren? Edwin Klimkeit, Large Enterprise Account Executive bei Box Recorded: Jul 20 2018 15 mins
    Alle sprechen über AI, aber wo und wie kann AI schon heute eingesetzt werden? In dieser Präsentation wird AI auch im Kontext von intelligentem Content Management beleuchtet.
  • Sysdig & SANS Institute: Forensics and Incident Response in Containers
    Sysdig & SANS Institute: Forensics and Incident Response in Containers Knox Anderson, Sysdig and Jake Williams, SANS Analyst Recorded: Jul 20 2018 61 mins
    Almost 5 years, 48,000+ github stars, and tens of thousand of production deployments later we can safely say containers are a technology that is a here to stay. They’re developer friendly, easy to operationalize, and allow organizations to provide stable and secure services to their customers.

    While there are clear best practices for what it takes to build and run containers, there isn't as much knowledge around the performing forensic analysis of incidents that occur inside your containers.

    In this webinar we'll cover:
    - How containers change incident response and forensics
    - Best practices around forensic data collection in container environments
    - Compare opensource and commercial forensics options
    - A live demo of multiple forensics investigations using Sysdig Inspect: an opensource container forensics tool
  • Career Conversations w/ Twitter Queens Tracy and Amanda
    Career Conversations w/ Twitter Queens Tracy and Amanda Jessica Gulick, MBA | PMP | CISSP Recorded: Jul 19 2018 59 mins
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!

    Guest:
    Amanda Berlin, MCITP
    Tracy Maleeff, Masters in Library and Information Science
  • Applying Data Science to Measure Your True Risk
    Applying Data Science to Measure Your True Risk Michael Roytman, Chief Data Scientist at Kenna Security Recorded: Jul 19 2018 47 mins
    There’s a difference between threat data and threat intelligence, and while the former may give you a better understanding of malicious data sources, IPs, websites, and domains, what it fails to do is give you and your security team the context to remediate a threat. When CVEs are responsible for tens of millions of attacks, simply having threat data won’t cut it.

    When it comes to cybersecurity, knowledge is power. And as cyber criminals gain more sophisticated tactics, protecting yourself requires a more intelligent approach.
  • Impersonation: The Many Masks of Email Threats
    Impersonation: The Many Masks of Email Threats Ken Bagnall, Vice President, Email Security, FireEye Recorded: Jul 19 2018 50 mins
    You can’t always trust that the sender of your email truly sent it. Impersonation threats are becoming more popular and difficult for end users to spot.

    Ken Bagnall, Vice President, Email Security, presents “Impersonation: The Many Masks of Email Threats,” a FireEye webinar that digs into the details behind impersonation attacks:

    • What psychological authentication involves
    • How attackers prey on recipients’ imagination and emotions
    • How impersonation attacks are evolving
    • What is in the future for impersonation
    • How threat intelligence and the speed of email security impact cyber risk
  • Containers At-Risk: A Review of 21,000 Cloud Environments
    Containers At-Risk: A Review of 21,000 Cloud Environments Dan Hubbard, Chief Security Architect | Lacework Recorded: Jul 19 2018 40 mins
    Securing workloads in public clouds requires a different approach than that used for traditional data centers. The need to operate security at cloud speed, respond to continuous change, and adapt at scale all require a dramatic shift in the type of security solution required by today’s operation.

    This webcast will deliver a detailed analysis of the threats and risks discovered by recent research done by Lacework when it comes to deploying containers and orchestration services like Kubernetes running on AWS.
  • 3 Challenges of Distributed Agile Retrospectives & How to Solve Them
    3 Challenges of Distributed Agile Retrospectives & How to Solve Them Michael Ball-Marian, Agile Expert at CA Technologies Recorded: Jul 19 2018 58 mins
    Of all the Agile practices, none is more foundational than the inspect & adapt cycle of the retrospective. Even if you struggle with every other aspect of Agile, if you consistently engage in productive retrospectives, you will get better.

    Industry surveys and studies suggest that 80% or more of Agile organizations have at least some distributed teams. Most of the traditional retrospective methods assume that all team members are co-located.

    Running effective retrospectives for distributed teams presents unique challenges, but also, potentially, some great advantages. In this webinar, Agile coach and Instant Agenda co-founder Michael Ball-Marian will discuss the three greatest challenges to running distributed Agile retrospectives and how to solve them. Michael will share a variety of tips and techniques that you can use in any retrospective, co-located or distributed. Finally, he’ll present a few ways in which a distributed retrospective can actually be better than a co-located one.
  • The Public Sector Guide to FISMA Accreditation
    The Public Sector Guide to FISMA Accreditation Jeff Valentine, Chief Product Officer, CloudCheckr, and Matt Jordan, VP Corporate Development, JHC Technology Recorded: Jul 19 2018 47 mins
    FISMA is the all-embracing legislative framework for protecting the security, integrity, and availability of federal information and information systems. To meet FISMA compliance requirements, governmental agencies and private contractors that handle federal data must maintain full visibility over their information system inventory.

    Attendees will learn:
    - How to leverage existing documentation
    - Shared responsibility
    - Gaining an ATO without FedRAMP assessed infrastructure
  • The Practitioner’s Guide to Security Monitoring in the Cloud
    The Practitioner’s Guide to Security Monitoring in the Cloud Danielle Russell, Group Product Marketing Manager & Brian Bledsoe, Sr. Technical Manager, Sales Enablement for NA, AlienVault Recorded: Jul 19 2018 61 mins
    Cloud computing continues to transform the way organizations use, store, and share data, applications, and workloads, but has also introduced a host of new security threats and challenges. With so much data going into the cloud—and into public cloud services in particular—these resources become natural targets for bad actors. And, contrary to what you may think, the primary responsibility for protecting corporate data in the cloud lies with the cloud customer, not with the service provider.

    AlienVault is at the leading edge of cloud security with AlienVault USM Anywhere. Whether you are looking to secure your AWS & Azure cloud environments, cloud applications like Office 365 and G Suite or on-premises assets, USM Anywhere delivers essential security capabilities in a single SaaS platform.

    Join this webcast to learn more about cloud security challenges and how to address them with USM Anywhere. You'll learn:

    - What the shared responsibility model means for the security of your cloud assets
    - Challenges with trying to use traditional on-prem security monitoring tools in your cloud environments
    - How USM Anywhere gives you visibility into all assets across your cloud and on-premises environments
    - Benefits of an all-in-one security solution for threat detection, incident response and compliance management

    Hosted By
    Danielle Russell
    Group Product Marketing Manager
    Danielle is a Group Product Marketing Manager at AlienVault, responsible for product messaging and positioning, go-to-market strategy, and sales enablement.

    Brian Bledsoe
    Sr. Technical Manager, Sales Enablement for North America
    Brian is a member of AlienVault's Sales Enablement team. He was previously a Sales Engineer, and then Sales Engineering manager at AlienVault.
  • SEC Guidance - Cyber Security Disclosures
    SEC Guidance - Cyber Security Disclosures Aseem Rastogi CEO & Founder - CloudOptics Recorded: Jul 19 2018 32 mins
    Information / Discussion on SEC Guidance On Public Company Cyber Security Disclosures

    The Securities & Exchange Commission, in Feb-2018 has published a guidance to assist public companies in handling Cyber Security Risks and Incidents. In this webinar, participants will learn about -
    - Context Of SEC Guidance
    - Purpose Of SEC Guidance
    - Disclosure Approach
    - Steps to Adhere to Guidelines
    - Technology & Operational Considerations
  • The Evolution of Mobile Threat Actors
    The Evolution of Mobile Threat Actors Michael Flossman, Head of Threat Intelligence, Lookout Recorded: Jul 19 2018 37 mins
    Cybercriminals and nation states are consistently using mobile threat tooling as part of their espionage or financially motivated attacks and campaigns. The Lookout Threat Intelligence team has noticed this increase as we research and protect against these adversaries. These actors are increasingly seeing value from having an offensive mobile capability in their toolkit and we have even seen low sophistication groups break into this space and successfully steal gigabytes of data from compromised devices. As BYOD and the prevalence of mobile devices in corporate environments continue to blur the traditional enterprise perimeter, the ability to understand the risks to mobile endpoints is critical.

    Join Michael Flossman, Head of Threat Intelligence at Lookout, for this informative webinar as he covers the evolution of threat actors on mobile, discusses several recent high-profile cases, and explains why gaining visibility into your mobile endpoints and proactively securing them is key for today’s organizations."
  • The Fast and the Fraudulent
    The Fast and the Fraudulent Iain Swaine, Head of Cyber Strategy, EMEA, BioCatch Recorded: Jul 19 2018 60 mins
    The world of payments is rapidly-changing. The rise of P2P payments in the U.S, Canada and Australia along with dramatic regulatory changes in Europe (PSD2), has created new opportunities across the ecosystem. New third-party payment providers (TPP​'​s) in the EU and P2P apps in other regions are entering th​e arena​​​ by supporting the rapid rise in demand and associated adoption rates. Banks are enabling direct access to accounts via APIs. Consumers now get to pick which apps they use, how they want to pay, and when, making the user experience paramount to win their loyalty. At the same time, however, the speed and “openness” makes the ecosystem vulnerable to several types of threats including malware, social engineering, remote access Trojans, SIM swapping, call forwarding and other techniques. Using these techniques, the fraudsters are able to exploit various points of potential weakness: at the account creation stage, the bank account linking process and payment authentication.

    Join us as Iain Swaine, explores this fast-changing landscape, leveraging real world experience that stems from his days as eCrime Fraud Prevention Manager of the Royal Bank of Scotland, which was on the front lines of the initial faster payments adoption in the UK, and his current work as Head of Cyber Strategy, EMEA at BioCatch. He will explain how fraudsters see the this new world, what some of their techniques are and some of the techniques that are being used by leading enterprises around the world to address the risks in the P2P and PSD2 ecosystems.
  • Cryptojacking: Who/What/Why/When & How to Prevent Computer Power Being Stolen
    Cryptojacking: Who/What/Why/When & How to Prevent Computer Power Being Stolen Jay Kelley, Senior Product Marketing Manager, Menlo, Lindsay Drabwell, Head of Member Services EMEA, (ISC)² Recorded: Jul 19 2018 58 mins
    As users become savvier and increasingly use ad blockers, advertising revenue is declining. Crypto coin mining is emerging as a new way for websites to monetise visitor traffic. But, there is a “dark side” to cryptomining: Cryptojacking, which includes, among other misdeeds, cryptomining without a website visitor’s permission or knowledge. While cryptojacking may seem like a victimless crime, since all that is being “stolen” is visitors’ computing and graphics processing power, it is anything but, and can lead to serious consequences. This session will focus on the differences between safe, legal cryptomining and dangerous cryptojacking, what it is, who is using it, why it is being used, when, how it is being abused, and how web browser isolation eliminates 100% of the cryptojacking risk.

    • How crypto coin mining is being used today
    • Why websites are moving away from advertising to crypto coin mining
    • How and why web browsers are being used to steal users’ compute power away without consent in most cases
    • How businesses can stop wide scale use of cryptojacking across all browsers and devices in their network through isolation
  • What would you do if you lost all your data…?
    What would you do if you lost all your data…? Ben Searle, EMEA Alliance Manager @ WinMagic Recorded: Jul 19 2018 32 mins
    Data is the cornerstone of every organisation. Join WinMagic and Bechtle at this webinar where we’ll discuss how to protect your data from endpoint to cloud. You’ll learn the steps you need to take to ensure you’re confident that your data is secure.
  • Reimagine Data Governance: Become a Data Quality Detective!
    Reimagine Data Governance: Become a Data Quality Detective! Andy Joss, Head of Solutions & Data Governance , Informatica & Dagmar Hillmeister-Mueller, Data Governance, Informatica Recorded: Jul 19 2018 57 mins
    Businesses deal with the impacts of data quality issues on a constant basis, yet the understanding of what data quality means is still improperly understood. In this webinar we’ll explore some of these impacts and how new approaches to data quality are changing the way organisations utilise data. We’ll also be exploring how new technology solutions are helping organisations investigate and diagnose the causes of various data quality problems and how fixing these issues makes a material impact to the health of the organisation. Data quality has become critical to the success of many business initiatives, so we’ll help you understand what items your detective toolkit needs to contain
  • VeriSM™ - Exploring the New (Service Management) Kid in Town
    VeriSM™ - Exploring the New (Service Management) Kid in Town Simon Dorst, Michelle Major-Goldsmith - Kinetic IT Recorded: Jul 19 2018 45 mins
    Michelle Major-Goldsmith and Simon Dorst of Kinetic IT will discuss the role of VeriSM in digital transformation, and its relation to ITIL and other service management practices.
  • Managing Cybersecurity Risk and Delivering Business Value
    Managing Cybersecurity Risk and Delivering Business Value Craig Saunderson, Reliance acsn & Amardeep Sachdev, LogRhythm Recorded: Jul 19 2018 40 mins
    Your job is to protect your organisation from the risk associated to cyberattacks. Resources may be tight, you may be struggling with too many alerts, and you may not be getting the visibility you need. As such, constantly evolving threats can slip through the cracks and the risk of suffering a damaging breach could be causing you to lose sleep.

    Join LogRhythm and Reliance ascn to discover what managing cyber risk really means and how the right approach can help you deliver continuous value to the business. We’ll outline how you can reduce your organisation’s cyber risk with a smarter approach to cybersecurity that maximises the efficiency and effectiveness of your security operations centre.

    Join us to:

    • Understand the challenges our customers are facing & how they’re overcoming them
    • Discover the technologies & processes you can use to manage and reduce cyber risk
    • Understand how NextGen SIEM enables measurably faster threat detection and response
    • Learn how automation and orchestration boosts efficiency and productivity
    • Hear how machine learning and true AI capabilities can enhance your security analytics
  • Rethinking Security
    Rethinking Security Adrian Rowley, Technical Director EMEA Recorded: Jul 19 2018 38 mins
    This webinar looks at how to eliminate complexity, increase efficiency of security tools, and improve confidence in the overall security posture of your organisation.
    Adrian Rowley, Gigamon’s Technical Director for EMEA, will discuss todays challenges in network security and how these can be resolved.
    Attendees will learn how you can:
    •Maximise network availability and operational simplicity of security tool upgrades with its integrated inline bypass technology
    •Deliver unmatched depth and breadth of traffic intelligence that is essential to increasing efficiency of overburdened security and networking tools, while decreasing complexity
    •Minimise Total Cost of Ownership and increase ROI by an average of 153%
    Join Adrian Rowley to see why only Gigamon provides a full solution for networking tools and inline and out-of-band security tools across on-premises, remote, virtual and cloud environments.
  • The New Frontier Of Hybrid IT
    The New Frontier Of Hybrid IT Scott Mathewson, Data Center Practice Lead, North America, Softchoice Recorded: Jul 18 2018 52 mins
    The journey to the cloud had just had a major breakthrough.
     
    With VMware software now available on the global AWS Cloud, there is now a single, consistent, pervasive connectivity and a secure platform for apps and data. Whether that is in the Datacenter or in the AWS Cloud. This gives you the power to move existing applications seamlessly to the cloud and back as needed.
     
    You’ll understand how you can quickly get workloads on the cloud without having to re-engineer your applications. Keep applying the skills you've developed on the VMware platform, backed by the large array of services in the AWS platform. This allows you to be agile, reduce capital costs and increase availability for innovations.
     
    In this webinar, we will show you: 
    - How, as a VMware customer, you can go into the cloud without retraining, reconfiguring your apps, refactoring and more
    - What it will mean to have immediate access to the AWS platform and services and how it'll accelerate innovation
    - Immediate value Business Cases related to increased agility, disaster recovery, and stretch networking for high availability.
     
    Presenter Info:
     
    Scott Mathewson, Data Center Practice Lead, North America, Softchoice
    As Practice Lead for Softchoice North America, Scott has over 25 years of Datacenter experience with EMC, VMWare and Cisco, he is responsible for defining Softchoice assessments and services offerings for VM ware and SDN. Scott works with customers to develop solid solutions as it relates to SDS, SDN, Cloud, management and automation solutions.
  • Anatomy of a Hack: Learning From Successful Law Firm Cyberattacks
    Anatomy of a Hack: Learning From Successful Law Firm Cyberattacks Jake Bernstein, Eli Wald, Kip Boyle Recorded: Jul 18 2018 61 mins
    Law firms are increasingly a high-value target for hackers, a “one stop shop” for sensitive data. And as dozen of examples show, the hackers are often successful. How do these cybercriminals infiltrate law firms and what can be done to prevent them?

    Join our panel of experts as they dissect the anatomy of a successful law firm cyberattack and explain how you can protect yourself, and your clients, from a similar fate.

    Attend this webinar to learn:
    -Why hackers are increasingly targeting legal professionals
    -What vulnerabilities make law firms easy prey for hackers
    -The ethical implications of law firm cybersecurity
    -How to protect yourself, your clients, and your data

    Featuring:
    - Jake Bernstein: An attorney with Newman Du Wors, Jake Bernstein’s practice focuses on counseling clients on cybersecurity issues. A former Washington State Assistant Attorney General and a frequent speaker and advisor on cybersecurity legal issues, Bernstein has significant experience with regulatory compliance, privacy, and cybersecurity law.

    - Eli Wald: A professor of legal ethics at the University of Denver’s Sturm College of Law, Eli Wald was one of the first academics to investigate the ethical implications of law firm cybersecurity. A frequent author and speaker on ethics and professional responsibility, his work has been cited in ABA ethics opinions and excerpted in legal ethics casebooks.

    - Kip Boyle: A 20-year information security expert and founder of Cyber Risk Opportunities, Kip Boyle advises global companies in the logistics, technology and financial services industries. He is a nationally recognized analyst, lecturer and thought-leader in cyber risks and has been featured in Entrepreneur magazine, Chief Executive magazine and others.
  • Protecting IoT Endpoint Devices and Communications – Mocana TrustPoint
    Protecting IoT Endpoint Devices and Communications – Mocana TrustPoint Srinivas Kumar, Vice President of Engineering, Mocana and Keao Caindec, Vice President of Marketing, Mocana Recorded: Jul 18 2018 40 mins
    Part 1 - Securing the Boot Process

    When people think about cybersecurity today, they typically think about securing data in motion and at rest or analyzing threats. But when you move into this new IoT connected world, you need to think about more than just the data and monitoring hackers. How do you ensure you can trust the actual IoT endpoint device? This 3-part webinar series will focus on approaches for making devices trustworthy and enabling secure device-to-cloud communications.
  • Operationalizing DevSecOps: 7 Best Practices for Cloud Native Applications
    Operationalizing DevSecOps: 7 Best Practices for Cloud Native Applications Keith Mokris, Product Marketing Lead, Twistlock Recorded: Jul 18 2018 30 mins
    Modern enterprises are implementing both the tools and the cultural changes required to embrace a DevSecOps mindset and approach.

    This webinar will highlight:

    •Risks you can avoid by embracing DevSecOps
    •DevSecOps as it relates to your container development pipeline
    •How to integrate and automate key steps of the process

    Join Twistlock Product Marketing Manager Keith Mokris for a presentation and platform demonstration.
  • Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Take the Industry’s Most Authentic Cyber Range for a Security Test Drive Mike Cooper, Sr. Security Manager Recorded: Jul 18 2018 24 mins
    Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.

    Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.

    We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.

    Sign up to test drive CMD+CTRL!
  • Scaling for the future: Evolving your intelligence-driven digital investigations
    Scaling for the future: Evolving your intelligence-driven digital investigations Stuart Clarke, Global Head of Security & Intelligence Jul 23 2018 1:00 pm UTC 45 mins
    Investigative teams are under increasing pressure to respond to challenges caused by greater volumes of data and a more diverse range of digital devices.

    Key facts are often spread across multiple evidence sources, making it difficult to understand the bigger picture and often requiring an investigator to manually correlate their findings and identify connections. This places an increasing burden on overstretched teams, who need to respond faster and with more accuracy.

    Join Stuart Clarke, Global Head Security & Intelligence at Nuix who will introduce collaborative and intelligence driven investigations that can augment human investigative skills and expose the hidden relationships across people, objects, locations and events.

    Key takeaways:

    • Learn how a single pane of glass can help expose hidden relationships in the data
    • Understand the importance of efficient workflows that can make best use of technology
    • Find out how the latest technology can augment your investigative teams to enable you to make timely and informed decisions

    The presenter: Stuart Clarke, Global Head of Security & Intelligence Solutions

    Stuart is an internationally respected information security expert who is responsible for the overall security and intelligence strategy and delivery at Nuix. During his time at the company, Stuart has advised the United Nations’ peak cybersecurity body ITU and provided cybersecurity training for over 60 computer emergency response teams. He led the development of Nuix Investigation & Response, an innovative investigative tool used to delve into the causes and scope of data breaches.
  • TEMP.Periscope Surfaces in Cambodia: A Chinese espionage operation
    TEMP.Periscope Surfaces in Cambodia: A Chinese espionage operation Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst Jul 24 2018 4:00 am UTC 60 mins
    Earlier this month, FireEye revealed an extensive cyber espionage carried out by China-linked TEMP.Periscope which targeted Cambodia’s political system. The effort—which was covered by Bloomberg, Time, Associated Press and others—compromised multiple ministries, diplomats and opposition members. It was carried out by China’s second most active cyber espionage groups, which has previously targeted US-, Europe- and Asia-based organizations.

    Join Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst for the webinar to learn more about TEMP.Periscope’s mission, and its attacker tactics, techniques and procedures.
  • Your Office 365 data & apps secured
    Your Office 365 data & apps secured Jason Montgomery, SaaS Security Expert Jul 24 2018 8:30 am UTC 60 mins
    SaaS applications like Microsoft® Office 365® are wildly popular, and adoption across enterprises continues to grow, but so do the hidden threats lying within these offerings, such as:

    • Accidental data exposure with SharePoint®
    • Uncontrolled use of personal OneDrive® accounts
    • Data security violations in Exchange

    Yes, even trusted SaaS applications like Office 365 can increase your risk of breaches and noncompliance.

    Our Security Operating Platform can help. Sign up for our webinar and learn what you need to meet your CASB needs as well as secure your cloud-based data against malware and accidental exposure.

    You’ll also find out how to achieve complete visibility and reporting, data classification, and fine-grained enforcement across users, folders and file activities to protect your business-critical data in Office 365.
  • Repenser la sécurité
    Repenser la sécurité Yann Samama, Consutlant Solutions de Sécurité Jul 24 2018 8:30 am UTC 45 mins
    Les évolutions technologiques, les nouvelles normes, l’augmentation constante du trafic, la complexité des infrastructures réseau au sein desquelles l’information est de moins en moins visible, ainsi que les cyber-menaces de plus en plus sophistiquées ont un impact majeur sur les entreprise et les obligent à repenser l’architecture de sécurité.

    Yann Samama discutera des défis actuels en matière de sécurité et comment ils peuvent être surmontés en abordant les sujets majeurs tels que :

    * Augmenter la disponibilité du réseau tout en simplifiant la  connectivité des outils grâce à une solution de module bypass
    * Disposer d’une visibilité en tout point réseau afin d’améliorer de l’efficacité de l’ensemble des outils connectés  tout en réduisant la complexité de leur exploitation
    * Diminuer les coûts OPEX et CAPEX via un  ROI très court-termisme

    Découvrez les raisons pour lesquelles Gigamon propose la solution la plus complète et efficace pour la connectivité des outils en mode « inline et Out of band » au sein des environnements physiques, virtuels et de cloud public.
  • Phishing – Sensibilisez vos utilisateurs par la simulation et la formation
    Phishing – Sensibilisez vos utilisateurs par la simulation et la formation Mickael Omer, Sales Engineer Jul 24 2018 9:00 am UTC 45 mins
    Le phishing reste l’une des plus grandes menaces pour les entreprises. Ce type d’attaque ciblée exploite le facteur humain plutôt que la technologie, ce qui la rend plus difficile à détecter par les solutions de sécurité traditionnelles. Nous vous ferons découvrir comment réduire le risque d’hameçonnage en permettant la simulation de phishing et la formation pour aider vos utilisateurs finaux à détecter, signaler et se prémunir de cette menace.

    Durant cette session, nous couvrirons les sujets suivants :

    • Comment évaluer la vulnérabilité de vos utilisateurs aux attaques de phishing et de spear phishing
    • Sensibiliser et former vos utilisateurs pour qu’ils reconnaissent et évitent les attaques de phishing et autres escroqueries d'ingénierie sociale
    • Comment permettre à vos employés de signaler les messages suspects en un seul clic.
  • Hacker Powered Cloud Security Testing
    Hacker Powered Cloud Security Testing Andy Condliffe, Solution Architect EMEA, Synack Jul 24 2018 9:00 am UTC 60 mins
    Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:

    The shared model for cloud security
    What cloud providers protect...and what they don’t
    How to migrate securely to the cloud
    What penetration testing for cloud environments does differently
  • How to Build a Powerful Partner Sales Channel & The 13 Mistakes to Avoid
    How to Build a Powerful Partner Sales Channel & The 13 Mistakes to Avoid Marcus Cauchi, ISM Fellow Jul 24 2018 10:00 am UTC 60 mins
    Are setting up a new channel or trying to revitalise an old or underperforming sales channel?

    Have you invested time and money recruiting partners but feel disappointed they aren’t producing or have fallen silent?

    Do partners bring you requests for duck-shoot demos that result in sales cycles that seem never to close?

    Channel Partner Sales Managers have one of the toughest jobs in sales or sales management. They have to:

    * Lead and manage without power
    * Carry large targets and are responsible for key accounts
    * Recruit partners who produce predictably & consistently
    * Get the best out of partners
    * Create and maintain engagement across partner organisations (sales, technical & management)
    * Help partners make good money and stay committed & loyal

    If you want to gain marketshare and expand quickly, identifying and selecting the right Channel Partner Sales Managers can be the key. Providing them with the correct tools and resources is essential.

    Join us on 10th July for a webinar introducing a radical new approach to channel sales development.

    Ideal for:

    * Startup businesses looking to build a channel from scratch
    * Established business experiencing erratic or disappointing channel performance
    * Companies looking to launch new products and services
    * Companies launching into new markets
    * Direct sales organisations looking to reduce their sales costs & headcount without a loss of earnings or quality
  • How to Deploy Your Service Desk Your Way - Seamlessly, Flexibly and Quickly
    How to Deploy Your Service Desk Your Way - Seamlessly, Flexibly and Quickly Nev Ward and Noel Hopkinson, Senior Solutions Architects Jul 24 2018 10:00 am UTC 60 mins
    While ITSM is often delivered via software as a service (SaaS), businesses today are looking for different deployment options. The world is in flux, and strategies evolve. Businesses using SaaS today may need to migrate to a private cloud in the future. Similarly, some companies have strict security and compliance policies around data sovereignty, making on-premises deployment mandatory. That’s why it’s important to factor deployment flexibility into your evaluation of modern ITSM solutions.

    This webinar will cover:
    1.How Flexible Container Technology provides Portability, Faster Time to Value, and Lower TCO
    2.How seamless upgrades can be achieved in conjunction with Codeless Configuration
    3.How you can now consume new and innovative capabilities with equal speed, whether the solution is on premise, in a SaaS model, or in the public cloud.
  • How to Get the Most Bang for your Buck out of your AppSec Programme
    How to Get the Most Bang for your Buck out of your AppSec Programme John Smith, Snr. Principal Consultant Solutions Architect @ CA Veracode Jul 24 2018 10:00 am UTC 45 mins
    To invest, or not to invest? That is the question. An effective Application Security programme takes a lot of initial investment, particularly of time and effort, not to forget the money.

    In this session, John Smith - Principal Solutions Architect @ CA Veracode - will help you understand how to get the most out of your time, effort and financial investment that has gone into your Application Security Programme.

    You will leave this webinar understanding…

    - Why invest in AppSec?
    - How can you generate the largest ROI on your investment?
    - What positive business outcomes, come from an AppSec Investment?

    Join us on the 24th of July to find out how to get the most bang for your buck with Application Security!
  • Building a Collaborative Phishing Defense
    Building a Collaborative Phishing Defense Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Darrel Rendell, Mollie Holleman, Jul 24 2018 11:00 am UTC 60 mins
    What’s keeping you up at night? Ransomware? Phishing? Spyware? Malware? Data Breaches? A malicious email typically opens the door to those threats. Organizations spend great energy (and budget) preventing users from falling prey, but threat actors continue to find ways to get past automated controls, staying one step ahead of artificial intelligence tools. Cofense believes solving the phishing problem is more than just awareness: it’s about empowering humans to become instinctual nodes on the cyber defense network and feeding their real-time intelligence to security teams for immediate action.
    Speakers:
    Darrel Rendell, Principal Intelligence Analyst, Cofense
    Mollie Holleman, Senior Intelligence Specialist, Cofense
  • Applying AI to Unstructured Content
    Applying AI to Unstructured Content Anthony Tate, Head of Product Marketing EMEA Box & Mike Schwartz, Senior Product Marketing Manager, Box Jul 24 2018 2:30 pm UTC 60 mins
    AI and machine learning technologies are rapidly maturing and becoming more enterprise ready — but 83% of organisations don't yet know how to leverage AI/ML in their business.

    Join us to learn how the new Box Skills makes all your business-critical unstructured content easier to find, organise, manage and protect by automating mundane processes to get to your most impactful work faster.

    During this live webinar you'll learn how you can:
    - Use Box Skills to manage and tap the potential inside unstructured content like videos, photos, audio and more
    - Reap the value from your unstructured content — without recruiting a team of data scientists to build AI/ML from scratch
    - Apply ML to your content to increase employee productivity, improve customer experience, accelerate or automate business processes, and mitigate risks
  • [US/UK] Network security at the speed of DevOps
    [US/UK] Network security at the speed of DevOps Anner Kushnir, VP Technology Jul 24 2018 3:00 pm UTC 60 mins
    DevOps methodologies have become extremely popular to enable agile application development and delivery.
    Unfortunately, when it comes to the associated network connectivity, such as whenever a new application needs to connect to an external resource, the process breaks. The application developer then needs to open change requests and wait for approvals which effectively breaks the continuous delivery cycle. As a result security is in the uncomfortable position of being a bottleneck and an impediment to innovation.

    In this webinar, Anner Kushnir, AlgoSec’s VP of Technology will describe how the innovative 'Connectivity as Code' approach can be implemented to overcome these challenges, and seamlessly weave network security into the existing CI/CD pipeline in order to fully automate the application delivery process end-to-end.

    Attend this webinar to learn how to:
    •Seamlessly manage network connectivity as part of the DevOps process for faster, more agile and problem-free application delivery
    •Avoid external out-of-band network connectivity problems that require separate and manual handling
    •Ensure continuous compliance and auditability throughout the application delivery process
    •Get clearly documented application connectivity requirements which help prevent disruptions to the business
    •Bridge the gap between application developers and network security throughout the entire application lifecycle
  • Securing the Expanding Enterprise Cloud Footprint
    Securing the Expanding Enterprise Cloud Footprint Rich Campagna, CMO & VP of Product Management at Bitglass. Bill Hudson, VP IT at John Muir Health. Thomas August, CISO, JMH Jul 24 2018 4:30 pm UTC 60 mins
    For John Muir Health (JMH) and other leading healthcare firms, Office 365 is often IT's first foray into the public cloud and the start of a broader initiative to migrate from premises-based applications to cloud. Most are now looking to deploy cloud messaging, file sharing, collaboration apps, and more. Deploying this "long-tail" of SaaS applications shares a great deal with platforms like Office 365, but some considerations are different.

    In this webinar, learn how John Muir Health journeys to secure these lesser known cloud applications and gain actionable advice that you can bring to your organization to protect data in Office 365 and beyond.
  • 2018 Security Congress Preview – Cloud Security
    2018 Security Congress Preview – Cloud Security Mike Brannon, Dir, Infrastructure & Security, National Gypsum; Tim Sills,Accudata; Tyler Smith, IT Analyst, John Deere Jul 24 2018 5:00 pm UTC 75 mins
    (ISC)2 will hold its Security Congress 2018 in New Orleans, LA, October 8th – 10th. This conference will bring together 2000+ attendees and over 100 educational sessions. One of the 13 tracks that are being offered with focus on Cloud Security and challenges practitioners face when dealing with all things cloud. On July 24, 2018 at 1:00PM Eastern, join (ISC)2 and several of the speakers who’ll be presenting in the Cloud track as we preview their sessions, get an idea of what will be discussed and discuss the state of cloud security today.
  • Weighing the Cost of Data Security: Why It’s Important for All Business Sizes
    Weighing the Cost of Data Security: Why It’s Important for All Business Sizes Chase Cunningham, Forrester Analyst and John Macintosh, Enterprise Systems Engineer with Comodo Cybersecurity Jul 24 2018 5:00 pm UTC 60 mins
    The digital landscape is doubling in size every two years. By 2020, the data we create and copy annually will reach 44 zettabytes, or 44 trillion gigabytes.* With so much data to manage, one of the biggest challenges is knowing where sensitive data resides – on an endpoint? On a file server? In transit? Or possibly in the hands of a competitor or a bad actor. Only by building context around your most sensitive data will you gain a better understanding of how to protect, prioritize, lock down, and monitor your data, and to avoid damaging data breaches.
    Join Chase Cunningham, Analyst with Forrester and Kevin Santarina, Senior Systems Engineer with Comodo Cybersecurity as they discuss why data protection is a necessary addition to every organization’s security portfolio. Learn how you can:
    •Understand the structure and location of your organization’s high value data
    •Analyze the movement and storage of sensitive data across your network and beyond
    •Protect sensitive information from exposure by employees and third parties
    •Build an action plan to enforce a least privileged model and remediate when sensitive data is overexposed

    *Source: IDC Study 2014
  • Open source Kubernetes run-time security with Falco
    Open source Kubernetes run-time security with Falco Michael Ducy Jul 24 2018 5:00 pm UTC 30 mins
    Effective security requires a layered approach. If one layer is comprised, the additional layers will (hopefully) stop an attacker from going further. Much of container security has focused on the image build process and providing providence for the artifacts in a container image, and restricting kernel level tunables in the container runtime (seccomp, SELinux, capabilities, etc). What if we can detect abnormal behavior in the application and the container runtime environment as well? In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security. We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. Finally we will show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics. Attendees will leave with a better understanding of the container security landscape, what problems runtime security solves, & how Falco can provide runtime security and incident response.
  • Penetration Testing or Vulnerability Scanning - Aren’t they the same thing?
    Penetration Testing or Vulnerability Scanning - Aren’t they the same thing? Mike Larmie, Federal Solutions Architect, Synack Jul 24 2018 5:00 pm UTC 60 mins
    Take a look behind the curtain and decide for yourself. Join government security expert Mike Larmie as he breaks down the key differences. He will share what your agency needs to know to make sure your security program is both identifying vulnerabilities and reducing risk of exploit. He will cover the techniques, tools, and tradecraft of each, as well as common questions such as:

    -Who performs the services?
    -How often do they run in a network environment?
    -What’s covered in their data output and reporting?
    -What’s their value?

    Mike will present how government agencies are reinventing how they conduct security testing to achieve greater efficiency and ROI. Learn how your agency’s security team CAN achieve security without compromise.

    BIO: Mike Larmie, Federal Solutions Architect at Synack has more than 20 years of IT Security Experience, and has been involved with countless missions within the DoD, Intel and Civilian Federal Agencies. He has a wealth of experience having worked at companies such as Tenable, Sourcefire, Rapid7, Infoblox, G2 and others.
  • Get Started: Security and Compliance in the Cloud
    Get Started: Security and Compliance in the Cloud Todd Bernhard, CloudCheckr Product Marketing Manager Jul 24 2018 6:00 pm UTC 30 mins
    When choosing a Cloud Management Platform (CMP), enterprises should be looking for Security and Compliance capabilities in addition to Cost Management and Cloud Governance. CloudCheckr is a full-service CMP that delivers "all of the above".

    Additionally, enterprises need to understand their role in the Shared Responsibility Model, in order to fully meet security standards like FedRAMP, HIPAA, PCI and more. CloudCheckr's new Total Compliance module can now automatically and continuously monitor your infrastructure for compliance with 37 different standards, such as HIPAA, PCI, and NIST 800-53.

    Join us for a hands-on demonstration of some of the popular security and compliance features CloudCheckr offers.

    Attendees will learn:
    - Best Practice Checks as it relates to cloud usage
    - Our *New* Total Compliance module
    - Automated "Fix Now" capabilities that can save time and effort
  • What Most Computer Security Defenses Are Doing Wrong and How to Fix It
    What Most Computer Security Defenses Are Doing Wrong and How to Fix It Roger Grimes, Data-Driven Defense Evangelist Jul 24 2018 6:30 pm UTC 60 mins
    Most companies have huge gaps in their computer security defenses, and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”.

    But it doesn’t have to be that way!

    Join Roger A. Grimes, a 30-year computer security consultant and author of 10 books, for this on-demand webinar where he explores the latest research on what’s wrong with current network defenses and how they got this way. Roger will teach you what most organizations are doing wrong, why, and how to fix it. You’ll leave this webinar with a fresh perspective and an action plan to improve the efficiency and effectiveness of your current computer security defenses.

    Roger will teach you:

    - What most companies are doing wrong, why, and how to fix it
    - An action plan to improve the effectiveness of your computer security defenses
    - How to create your “human firewall”
  • How to Recognize Malicious DNS with Free Network Monitoring Tools
    How to Recognize Malicious DNS with Free Network Monitoring Tools Randy Franklin Smith | UWS, Rob McGovern | LogRhythm, Erika Noerenberg | LogRhythm Jul 25 2018 12:00 am UTC 90 mins
    DNS is woven into the fabric of both the Internet and corporate intranets. It works so well that you might even forget it exists—until it is used against you.

    Hackers are using DNS to find Command and control (C2) servers, control compromised systems, and exfiltrate your data.

    In this free training webinar, a group of security experts from LogRhythm and Ultimate Windows Security team up to show you how to spot threatening DNS activity with LogRhythm NetMon Freemium.

    You’ll learn about the malicious use of DNS and how to detect:

    - Domain-generation-algorithm (DGA) queries
    - C2 data tunneled through DNS
    - Data exfiltration via tunneled DNS

    Watch now to learn how to stop hackers from exploiting DNS to infiltrate your network.
  • Защищены ли ваши данные в Office 365?
    Защищены ли ваши данные в Office 365? Denis Batrankov, Systems Engineer Jul 25 2018 7:00 am UTC 60 mins
    Приложения SaaS, например Microsoft® Office 365®, набирают популярность. Всё больше компаний используют их в своей работе. Однако такая модель предоставления приложений таит в себе определенные угрозы:

    • случайное раскрытие данных через SharePoint®
    • неконтролируемое использование личных учетных записей OneDrive®
    • нарушение безопасности данных в Exchange

    Даже надежные приложения SaaS, такие как Office 365, повышают риск нарушения безопасности и несоблюдения нормативных требований.

    Наша платформа Security Operating Platform поможет избежать таких проблем. Зарегистрируйтесь для участия в вебинаре и узнайте, как обеспечить соответствие требованиям брокеров CASB и защитить облачные данные от вредоносного ПО и случайного раскрытия.

    Вы также узнаете, как обеспечить полную визуализацию, создание отчетов, систематизацию данных и гибкое применение правил для всех пользователей, папок и действий с файлами, чтобы защитить важные для бизнеса данные в Office 365.
  • ¿Están a salvo sus datos en Office 365?
    ¿Están a salvo sus datos en Office 365? Carlos Corbacho, Systems Engineer Jul 25 2018 8:00 am UTC 60 mins
    Las aplicaciones de software como servicio (SaaS), como Microsoft® Office 365®, tienen mucho éxito y cada vez más empresas las utilizan. Sin embargo, también están aumentando los peligros que conllevan, como los siguientes:

    • Revelación accidental de datos con SharePoint®
    • Uso descontrolado de cuentas personales de OneDrive®
    • Violación de la seguridad de la información en Exchange

    Sí, incluso las aplicaciones SaaS de confianza como Office 365 pueden hacer que aumente el riesgo de sufrir fugas de datos y de incumplir las normativas de seguridad.

    Nuestra solución, Security Operating Platform, ayuda a combatir estos peligros. Inscríbase en nuestro seminario web e infórmese sobre el CASB que necesita para proteger sus datos en la nube frente al código dañino y las fugas fortuitas.

    Descubrirá cómo disfrutar de plena visibilidad y completas funciones de elaboración de informes y clasificación de datos, junto con la posibilidad de realizar ajustes detallados a nivel de usuarios, carpetas y operaciones de archivo, todo ello con el objetivo de proteger los datos cruciales alojados en Office 365.
  • Open Source Code - a Blessing or a Curse?
    Open Source Code - a Blessing or a Curse? Andrew Kanikuru - Senior Digital Sales @ Veracode & Nabil Bousselham - Principal Consultant Solutions Architect @ Veracode Jul 25 2018 9:30 am UTC 45 mins
    Join Andrew Kanikuru - Senior Digital Sales @ Veracode & Nabil Bousselham - Principal Consultant Solutions Architect @ Veracode - to discuss how fine the line is between a blessing and a curse in terms of Open Source Code Security.
     
    In the technologically advanced era that we live in, organisations rely on fast software delivery to gain the competitive advantage. Using open source and 3rd party components in the SDLC can help companies be first to market with new services and solutions. When you consider that almost 93% of organisations use external snippets of code during development, not only is this now the norm but it is fast becoming best practice.
     
    But what about the risks?
     
    Although using Open Source code allows fast deployment, faster doesn’t always mean better. As the origin of the code is unknown it means it is unsecure. The largest data breach in history occurred due to an exploitation in Open Source Code, leading to huge financial payouts.
     
    Fast & Secure -  how does an organisation juggle these positive outcomes to best enable themselves to get to market quickly and safely?
     
    Join our live webinar on the 25th of July to find out how.
  • Webinar: An Actionable Plan for Segmenting Your Network
    Webinar: An Actionable Plan for Segmenting Your Network Erez Tadmor,Sr. Product Manager, Tufin & Dan Rheault, Sr. Product Marketing Manager, Tufin Jul 25 2018 3:00 pm UTC 60 mins
    A segmented network operationalizes your network security policy, enables a demonstrable state of continuous compliance, and provides mitigation options for cyberattacks.

    Our advice: organizations must go back to the basics to accomplish this crucial project.

    This webinar will cover actionable tips for network segmentation based on the experience of over 2,000 organizations. We will share:
    •Common pitfalls to avoid
    •How to start segmenting your network today
    •Tips for applicable enforcement
    •Q&A from the attendees