Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
In the new world of IoT, smart cities, smart cars and home, our personal devices are more connected than ever before. Learn about predicting the future by looking at the past with insights on how to improve the world of IoT that is coming into our homes.
Wer sich mit der Frage beschäftigt, wie man ein effektives und effizientes Security Operations Center (SOC) aufbauen sollte, steht vor einer großen Herausforderung, denn neben den Investitionen der physischen Sicherheitsmaßnahmen, Hard- und Software ist besonderes Augenmerk auf die Analysten zu setzen, die hochkonzentriert – einem Mitarbeiter der Flugüberwachung ähnlich – das Geschehen beobachten und auf den „Ernstfall“ eines Angriffs vorbereitet sind.
Diese Mitarbeiter befinden sich persönlich als auch technisch kontinuierlich im "Alarmzustand", denn jede Anomalie ist für geübte IT-Sicherheitsspezialisten bereits eine potenzielle Cyberbedrohung, die es zu analysieren und abzuwehren gilt. Damit ein SOC wirksam sein kann, bedarf es eines soliden Fundaments aus:
• Schlanke Prozessabläufe und eindeutig festgelegte und vernünftige Befugnisse der Beteiligten
• Hocheffiziente und moderne Technologien und Technologiepartnerschaften mit eingespielten Eskalationsstufen
• Hochmotivierte und vertrauensvolle Mitarbeiter und vertraute Partner, die in Engpässen das eigene SOC Team unterstützen können
In diesem Seminar zum Thema SOC, wird der SOC grundlegend erläutert und diese Grundsäulen eines schlanken SOC beschrieben. Außerdem gibt das Webinar einen Ausblick darauf, was auf die Unternehmen zukommt und welche Herausforderungen die einzelnen (n>1) Phasen begleiten und welche Services man outsourcen kann.
The rapid adoption of enterprise cloud-based solutions brings data integration as one of the greatest challenges. The challenge grows on increasingly numerous SaaS applications with lack of suitable connectors that fit your business needs. Join this webinar led by Primitive Logic team to see how data integration can be simplified for your cloud. This talk introduces the generic declarative zero-coding approach using Informatica Cloud Rest Connector as an example and illustrates its practical features, as well as best practices and hidden gems.
Moderator: Jill Reber, CEO, Primitive Logic
Panelists: JayJay Zheng, Technical Director & Eric Greenfeder, Chief Architect, Primitive Logic
The move to requiring encryption on all websites is picking up speed, with browsers starting to show UI warnings for unencrypted websites. Roughly 60% of internet page loads already "https", and the number of sites switching to encryption grows every month. This trend is helped by the availability of anonymous, free Domain Validated (DV) SSL certificates from several Certification Authorities (CAs), which include no identity information about the website owner.
While increased encryption is good for connection security and combating “man-in-the-middle” (MITM) attacks, many phishing and malware fraudsters are using DV certificates to imitate login pages for top sites such as PayPal.com, banking sites, etc. and steal user information. Unfortunately, these fake DV login pages receive a favorable green padlock “Secure” security indicator in the Chrome UI, causing some users to believe Chrome is vouching for the phishing website as safe or trustworthy.
Join Entrust Datacard's Chris Bailey and Kirk Hall as they discuss:
• The difference between DV, OV, and EV
• The issues with current browser UIs to do with certificate information
• A proposed new UI security indicator to help users and enhance security
Solving the most sophisticated security challenges requires an advanced approach that is built upon a proxy-based architecture. This approach allows you to leverage best of breed security technologies to provide a safe and confident cloud and network experience.
Symantec secure web gateway solutions deliver strong proxy-based security in the form factor your organization needs: on-premises appliance, virtual appliance, in the cloud, or in a unified hybrid combination of these solutions.
The solution’s unique proxy architecture allows it to effectively monitor, control, and secure traffic to ensure a safe web and cloud experience.
In this webinar learn:
• Why Proxy architecture is more important than ever as a critical security component of your network
• How a web proxy can serve as a platform for advanced threat detection and data protection
• Why pre-filtering your sandbox with proxy architecture is a smart move for both your SOC and your bottom line.
The Gartner 2017 Market Guide for Privileged Access Management (PAM) reviews 24 vendors across various categories. This comprehensive information can help you find an ideal solution for your unique business needs. Yet, selecting the right PAM solution is a pivotal decision; it is critical to weigh your options.
Make an informed decision. Join Suresh Sridharan, Director Privileged Access Management at CA Technologies, as he guides you through report recommendations, evaluates the latest tools and technologies, and compares and contrasts industry choices.
A current increasingly uncertain and complex regulatory environment has made it challenging for firms tasked with creating and maintaining a “culture of compliance”. The business demands access to new forms of communications to increase engagement with employees, partners and customers, only increasing the quantity and complexity of the data you manage. Join Proofpoint to gain an understanding of the challenges that compliance faces and the consequences of not meeting the expectations of the regulators
Join us to
•Develop insight into the rapidly changing regulatory environment
•Hear how new forms of communications are bringing about the digital revolution
•Discover how to protect your organization from reputational risk and stay out of the cross hairs of the regulators
Creating a culture of cybersecurity is critical for all organizations. Join the conversation with our own security pros to learn how they keep employees ahead of phishing attacks, share best practices for phishing education and explain how to use innovative technologies to strengthen cyber resilience.
Cloud Security Protection is improving, but how can we protect against Evolving Security Threats? How can we win?
In this session we will delve into some of the security risks associated with cloud environments and what can be done to protect your applications and data that reside in the cloud by utilizing a new technology known as Software-Defined Perimeter (SDP) as well as encryption and tokenization.
Join Ulf Mattsson, CTO of Atlantic BT, and his special guests David Morris, Security Scorecard, and Juanita Koilpillai, CEO, Waverley Labs, in this dynamic panel discussion and live Q&A.
The use of Information Technology in business has become so ubiquitous that just about every audit has an IT component. Operational and business process auditors must embrace technological advances rather than resist them in order to perform audits in an effective and efficient manner. This webinar will provide all auditors with a foundational understanding of application controls and data reliability.
The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.
In this joint webinar with 451 Research, we will cover topics including:
-Building a multi-cloud security strategy for encryption and key management
-Best practices, benefits and pitfalls of managing your own security
-Impact of regulations on data protection in the next few years
-Understanding the different CSP requirements for key management:
oCustomer-Supplied Encryption Key (CSEK)
oBring Your Own Key (BYOK)
oHold Your own Key (HYOK)
oGeneral cloud service provider key management services overview
Brought to you by Entrust Datacard and IDG Research
As organizations expand on legacy infrastructures and build new digital business models, what is the role of trusted identity? This webinar will illustrate how trusted identity technologies — including authentication and PKI — are essential as organizations capitalize on the full potential of cloud and mobile technologies. We will also discuss how to avoid the pitfalls of misaligned identity strategies.
DevOps teams are building applications faster than ever before, and utilizing large amounts of open-source software to increase agility. However, that introduces the possibility of open-source security risk. The landscape of attacks has changed in recent years, with cyber-attacks increasingly happening on the application layer. This means DevOps teams need to be involved in the security process.
This task is made more daunting as modern applications are a mix of custom code and open source in their applications. How do you protect your DevOps? Register for this webinar where security experts from Micro Focus Fortify and Black Duck discuss:
- Understanding the mindset of an attacker
- Ways to automate the process of risk identification
- The ability to gate builds when finding risk elements
The care and handling of personal information is a top concern for consumers and governments alike. Unlike many issues which gain public attention and struggle to keep it, an endless stream of publicised data breaches serves to keep data privacy in the public eye. As a result we’re seeing increasingly onerous regulation coming into effect in an effort to improve the data management practices of organisations and protect the confidential information of citizens. Major Internet players are also weighing in in an effort to make the user experience more secure.
For organisations with a large digital presence, identifying all the places that personal information, or in the case of GDPR, personally identifiable information, is collected can be a daunting task. Are those forms collecting data securely? Are they accompanied by compliant statements and controls? Research carried out by RiskIQ suggests that there is much more to do in this area.
Join us for a closer look at the security and compliance issues surrounding the collection of personal information on the Internet and learn how you can automatically discover and assess all forms and persistent cookies across your web presence.
With the greatest shake-up of data protection regulation in a generation looming, CISOs, DPOs and IT Administrators are busy planning for the changes needed for their organisations to be compliant. But with 60% of IT executives suggesting staff as their biggest threat to adherence (Bluesource, 2017) and 90% of staff admitting to violating policies designed to prevent security incidents (BSI, 2017), have they really addressed the issue of friendly fire?
In this live, informative and interactive webinar led by Amar Singh, Global CISO & CEO of Cyber Management Alliance. A panel of data security and policy experts will discuss, why staff remain such an active threat to GDPR compliance, why policies are being ignored and how to ensure that your staff are on-board with the GDPR before May 2018.
Amar Singh, Global CISO & CEO, Cyber Management Alliance
Chris Payne, Data Privacy Expert & Managing Director, Advanced Cyber Solutions
Dominic Saunders, CTO and Co-Founder, NETconsent
Joe Lee – UK and Ireland Commercial Manager, NETconsent
Introduced in 2016, the General Data Protection Regulation (2016/679)—or GDPR—was created for the purpose of strengthening the European Union’s (EU) procedures and practices related to data protection. GDPR will impact organisations worldwide and implement maximum fines of up to €20,000,000 (or 4% of global turnover) if they fail to ensure compliance. Join BitSight’s Philip East and Metro Bank’s Julian Parkin as they discuss:
- The checklist organisations should review to align their business with GDPR.
- Noteworthy articles within GDPR and how they affect data governance/usage.
- BitSight’s recommendations for monitoring the GDPR alignment of third parties.
The February 2018 deadline for complying with PCI DSS 3.2 is fast looming. Most of the new requirements in the latest PCI DSS guidelines are focused on the need to extend multi-factor authentication (MFA) to additional use cases and user groups within organisations who handle Credit Card Data. From February 2018 onwards, all individuals who access systems such as databases, network modules and email servers which hold credit card data will be required to authenticate themselves with MFA.
Join (ISC)² EMEA and Gemalto to learn:
- What’s new in PCI DSS 3.2
- How to effectively map PCI DSS MFA requirements to business use cases and user groups in your organisations
- Best practices for organisations that need to extend their MFA footprints to additional use cases, and for those that are starting to think about how to comply with PCI DSS’s authentication requirements.
More and more enterprises are moving their applications into public and private cloud infrastructure. The cloud is becoming more appealing for enterprises as it facilitates business growth due its agility, resiliency and scalability. The advent of a variety of technologies and processes such as containers, micro-services, and DevOps has made rolling out new applications into the cloud very quick and desirable for development teams. Join Imperva and (ISC)2 for an examination of how enterprises move applications to the cloud without forgetting to put security first.
With the proliferation of cloud deployment options and platforms, management of application security across platforms has become a major problem for security teams. In this webinar, we address challenges posed by cloud proliferation, and how to approach development of a consistent security posture across platforms to better manage risks.
By now, the majority of us have likely been inundated with stories about third party data breaches and how one vendor’s vulnerability can cost your organization millions. But how do you know if you’re doing enough to stop third party risk?
As we enter 2018, new U.S. and European cyber regulations are going into effect, and organizations can no longer check the box when it comes to their vendors’ cybersecurity. You are not only liable for knowing where you are most at-risk, but now you must also understand how that risk affects your organization and identify a solution for mitigating that risk.
This webinar features guest speaker Nick Hayes, Senior Analyst at Forrester and LookingGlass VP of Intelligence Operations Eric Olson. They will delve into the third party risk landscape: our current state of affairs, and where the industry is moving, as well as how you can take a different approach to third party risk prevention, including:
• How to see where your vendors are already compromised
• The importance of actionable intelligence for real-time mitigation
• Why a continuous monitoring solution is the future of third party risk
Security operations center (SOC) teams are continually faced with new alerts and events. Security information and event management (SIEM) solutions such as Splunk help by making it easier to collect and analyze data generated by your technology infrastructure, security systems, and business applications. However, working with this volume of data risks SOCs being overloaded and rapidly available and readable information is vital to prioritize how you respond.
See how a pre-integrated solution between Recorded Future and Splunk gives you full context of emerging threats from the widest breadth of open, technical, and dark web sources. Join this webinar to:
• Alleviate alert fatigue and speed decision making with machine and human-analyzed threat context.
• Identify threats already in your system by correlating network traffic with known bad from outside your network.
• Get a live walkthrough of how to utilize real-time threat intelligence in Splunk Enterprise.
Join Rick Howard, CSO at Palo Alto Networks to learn about must-read books for all cybersecurity practitioners – be they from industry, government or academia — where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.
From the first time that criminal charges were files against a known state actor for hacking in 2014 to the recent US Senate Intelligence Committee hearing on Russian influence on the 2016 US Election, FireEye has been integral to investigations where cyber attacks resulted in the most significant impact on governments around the world. We will highlight some of the most public investigations, look to key government leaders to understand their perspective on the impact of cyber, and lastly review the top strategic mistakes that organizations make when trying to address cyber risk.
This 3 part webinar series will give show you the 3 key pillars to achieving social success in sales. Learn how to create the ultimate profile, build a winning personal brand, create great and consistent content and build a winning strategy. The final session will be packed with the best industry tips and tricks to make social work for you.
Part 1 - Becoming The Brand & Selling YOU
You're not just selling your product anymore, you're selling YOU. More and more of your prospects are looking at your social media profiles and this will influence buying decisions. Find out the best personal branding tips and how to build a profile that will generate opportunities, not scare them away.
If your processing and data is in the cloud, how can you deliver assurance, compliance and governance? How do you find the flaws and soft spots that criminals will exploit? From browser to database, through human factors and end points, this presentation will take a threat-based approach to securing the cloud.
Securing Web Access & Protecting Data with Cloud-Delivered Enterprise Security
Increased cloud adoption, mobile device use, and the dramatic growth in the number of remote and home workers is putting pressure on existing security infrastructures.
In this environment, enterprise security teams are wrestling with questions like:
- How can I consistently enforce policies governing the use of the web and cloud?
- How can I effectively protect my users from web-based threats?
- How can I secure my sensitive data and comply with legal regulations?
Enterprises are turning to a comprehensive cloud-delivered security solution to tackle these challenges.
Join us to learn how Symantec’s Cloud Security Services can be leveraged to protect users, data and devices, addressing the challenges of the cloud generation.
Identifying effective threat intelligence is not easy. Learn what it means to have timely, relevant and actionable threat intelligence and how it can help you respond to threats quickly and decisively.
This webinar explains:
· Why do organisations require Cyber threat intelligence?
o To aid technical and business decision making
o To identify and manage risks
o To efficiently deploy capital against the threats that matter to enterprise
· The key requirements for establishing a cyber threat intelligence function
· Basic cyber threat intelligence workflows
· Resource and training requirements to support a Cyber Threat intelligence function
Technology will underpin all aspects of modern society by 2019, profoundly impacting the way people live and work. Business leaders face a stark dilemma; should they rush to adopt new technology and risk major fallout if things go wrong; or wait and potentially lose ground to competitors. Organisations that are well informed about emerging technologies and corresponding threats will be best placed to make winning decisions.
In this webinar, Steve Durbin, Managing Director, ISF, will examine the threats that organisations will be dealing with over the next two years and will provide advice on the best ways of handling them.
Policies are critical to organizations to reliably achieve objectives while addressing risk and uncertainty and act with integrity. Policies set the boundaries and expectations for behavior of individuals, processes, transactions, and relationships of the organization. High performing organization rely on policies to provide consistent behavior and outcomes. This is particularly true in privacy, compliance, and information security management. However, policies fail if they are poorly written, not understood, or are just paper documents that are not followed in the organization. This webinar delivers guidance and best practice in engaging users on policies to ensure they are clearly understood and followed.
Key takeaways from this webinar are to learn how:
User engagement is a critical part of a successful policy management system
Consistency is critical to define clear rules of approach to Policy creation
Policy awareness enable a dialogue on important issues that can typically be forgotten in a day to day running of the business
Policy management has become a critical part of organisational oversight
Cloud adoption is a reality today, every company is moving applications and businesses in the cloud to get more flexibility, agility and to potentially reduce their costs.
Security operations need to enable this transformation and help the business to activate capabilities in the cloud infrastructure. Risks exist and cannot be ignored if companies want to provide a sustainable and secure environment for themselves and their customers.
During this webinar, we will describe the main risks associated with cloud adoption and cover how to mitigate those risks.
With so many high-profile cyber attacks and breaches in the news, it is no wonder security is cited as the biggest concern of storing data in the cloud. The amount of critical data being sent to the cloud is on the rise. In fact, more than half of business-critical data is likely to reside there by 2019.
Join this keynote panel of experts as they discuss:
- The state of cloud storage and security in 2017
- The biggest threats to data security in the cloud
- How organizations are solving these security challenges
- Ted Harrington, Executive Partner, Independent Security Evaluators
- Paula Greve, Principal Engineer, Data Science McAfee Labs
- Ken Hosac, VP, Cradlepoint
- Akhil Handa, EMEA Leader - Public Cloud Channel Partnerships, Palo Alto Networks
2017 has been another year of endless headlines featuring words like "breached," "hacked," and "cyberattack" – many of which were avoidable. Enforcing security policy across the legacy physical network is already challenging, and the addition of virtualized networks including the SDN and public cloud introduce new risks to organizations.
Join this webinar to learn how to avoid the headlines by making security policy continuously enforceable. Having served in network security roles at Wells Fargo, General Dynamics, St. Jude Medical, and the Army National Guard, Tufin's Senior Solutions Engineer, Christofer Sears, CISM, will share his insight garnered throughout 10 years of experience.
Key topics include how to:
• Develop and deploy an enforceable security policy
• Mitigate the inherent risk of DevOps’ CI/CD agility
• Contain malware outbreaks like WannaCry
• Effectively design implementation
• Create time for proactive security projects
Evaluating Managed Detection and Response Vendors: Key Considerations that Cut Through the Hype
You’re fighting an asymmetric battle. You’ve invested millions in protection technologies but unknown attackers still find a way in. SIEMs and MSSPs provide event monitoring - but in 85% of incident response engagements conducted by Mandiant consultants last year, the client had an existing MSSP or SIEM.
A new class of managed detection and response services (MDR) has emerged to help organizations improve their threat detection and incident response capabilities. However, solution providers offer varied approaches and capabilities making it challenging for security leaders to understand and compare offerings.
In this webinar, you will learn:
•Why standard cyber security solutions still leave you vulnerable and why the market is transitioning to MDR
•Which capabilities are critical to improving threat detection and response
•What to consider when evaluating managed detection and response service providers
Welcome to the Cloud Generation, where employees demand flexibility and access wherever they are, but can expose your most sensitive data to risk.
Distributed environments—like mobile and distributed workforces—introduce new attack surfaces that must be protected and increased use of SaaS Cloud Apps are driving the need for new compliance and security controls. The result? Security and IT teams are being forced to rethink network designs to better answer questions like:
- How do we effectively govern access to data, apps and systems?
- How can we combat advanced threats targeting our business through the web, cloud and e-mail?
- How should we secure information that is moving between our network, endpoints and the cloud?
Join Gerry as he discusses the key Cloud Generation security challenges facing Symantec’s enterprise customers and learn how Symantec’s Cloud-delivered security solutions can be used to protect users, devices and corporate data, wherever it resides.
Today’s security operations are frequently disjointed and plagued by limited visibility and false alerts. As a result, organizations are unable to quickly and cost-effectively prioritize and respond to threats. FireEye can help deliver advanced security operations to any organization while disrupting the economics of security. In this live webinar:
- Learn about how a centralized security operations platform:
o Improves visibility across your entire cyber security infrastructure
o Surfaces and provides context for the most critical alerts
o Empowers decision making to decrease the time from detection to response
-See a demo of how Helix identifies and responds to an alert
-Have the opportunity to ask questions in a live Q&A session
According to some analysts, 25 billion connected devices will be part of the Internet of Things (IoT) by the year 2020. Every one of these devices on the Internet of Things (IoT) ecosystem may be malicious or a threat vector. What are enterprises and manufacturers doing to make IoT a safe place?
Attend this webcast to:
-Find out about the latest trends and challenges in securing IoT devices
-Discover best practice and solutions to mitigate security risks
-Learn about how the cable industry transformed itself to meet the challenges with IoT
Our presenters for this session:
-Robert Westervelt, Research Manager, IoT Security, Data Security
-Mitch Ashley, President and General Manager of Kyrio, Inc.
-Srinivasa Padmanabha, Senior Product Manager, Symantec Website Security
The risk from software vulnerabilities has historically been an IT Operations concern, but no longer. A more integrated approach centralizing vulnerability data, and decision making, is necessary to provide a holistic view of organizational risk up the executive chain. The ability to prioritize asset risk, communicate with stakeholders, and make rapid, informed decisions, will be the difference between success, and failure, for many modern enterprises.
Join this live Q&A with guest speaker, Forrester Senior Analyst Serving Security & Risk professionals, Josh Zelonis and Bay Dynamics VP of Strategy, Steven Grossman, as they answer your questions and cover:
- Why is vulnerability risk management more that scanning?
- How do you prioritize risks beyond CVE and CVSS scores?
- How can a preemptive approach elevate vulnerability risk management to the core enterprise-wide risk management item it should be?
-What are the common challenges in moving to a vulnerability risk management model?
Register for this webcast for insight into the changing demands on vulnerability management programs.
Cloud Security- Protection Against Evolving Security Threats
Cloud Security Protection is improving, but how can we protect against Evolving Security Threats? How can we win?
In this session we will delve into some of the security risks associated with cloud environments and what can be done to protect your applications and data that reside in the cloud by utilizing a new technology known as Software Defined Perimeter (SDP) as well as encryption and tokenization.
In spite of all the spectacular news stories about advanced persistent threats and targeted hacks from nation-states, the most common security challenge facing enterprises today continues to be social engineering. Successful hackers understand that the user is the weakest link in the security chain. Email phishing campaigns have proven to be the path of least resistance to get unsuspecting individuals to download and install their malicious software. Getting users to identify phishing attacks and training them not to click on links in email messages is not a trivial task.
In this webinar, you’ll learn the strategies and techniques that social engineers are finding success with. You’ll also learn how to implement these techniques, to create real-world simulated phishing emails to test your employees and see how phish-prone they really are.
Key topics covered in this webinar:
- Latest phishing attacks strategies and techniques
- Some of the top-clicked phishing emails from Q3-2017
- How to use these tactics when creating simulated phishing emails to test your user
As traditional cybersecurity perimeters dissolve, the HUMAN POINT – the intersection of users, data & networks, and where your data is BEST protected – is what remains.
Most of your employees have adopted the cloud. And while your BYOD policy has increased productivity and lowered operating costs, cloud-based apps like Office 365, Dropbox and Salesforce need protection to prevent account-centric threats, meet compliance requirements and protect critical data. How can companies maintain their productive pace while maintaining regulatory and security controls?
Join Shan Zhou, Sr. Director of CASB Sales Engineering at Forcepoint,, as he shares with you an overview and tool that help answer:
• What are the gaps in cloud app security and how does CASB address them?
• How do you understand the normal rhythm of users’ behavior?
• How do you respond to risks in real-time?
• Are there assessments currently in place that can help me identify individuals within my organization that pose the most risk, security incidents and overall risk?
Faster time-to-market and business value driven application functionality are the biggest drivers for DevOps. With DevOps, more frequent releases require shorter development and test cycles creating a higher risk of breaches exploiting the application layer. The last couple of years have shown business value can take a significant hit with security breaches. Building security features at the speed of DevOps, and reducing risk with the right security architecture, processes, and collaboration is key to staying in business. This is the genesis of DevSecOps.
In this Webinar, Derek Brink from Aberdeen Research describes how the shift towards rapid application delivery methods creates new opportunities for improving application security and reducing risk. MicroFocus’ James Rabon (Product Manager, Fortify Software Security Center and Tools) and Paladion's Vinod Vasudevan (Co-founder and CTO) discuss how MicroFocus and Paladion are helping customers integrate security and compliance into DevOps processes.
Key Takeaways from the Webinar:
- Trends in application delivery: from waterfall, to Agile and DevOps
- How characteristics of Agile, DevOps provide a high-level blueprint for what application security in that environment should look like
- Capabilities you should be looking for to improve application security at the speed of DevOps
- How to adopt non-disruptive and continuous application security processes
- Bringing in around-the-clock security monitoring for cloud assets
Personal data is essential for your business - to enable trust and safety, to enable personalization of services, to enable growth of your business and to enable verification of identities. While obtaining and managing personal data is necessary, it can be extremely complicated, time consuming and risky. Handling or holding sensitive data can lead to major security threats. Companies are investing more time and energy to effectively acquire, manage and protect the personal information of their users and workforce to the detriment of their own business focus. Additionally, the regulatory requirements and liability that accompany any interaction with personal data continue to increase, putting additional strain on businesses to stay updated and compliant.
From a user perspective, as individuals are asked to provide their information more broadly, security concerns and a loss of control become more prevalent, putting once-standard interactions at risk. These put even more pressure on businesses to protect their communities’ information as well as their brand equity.
This presentation will discuss what challenges are faced by companies dealing with personal data related issues. We will cover best practices, real world examples and lessons learned as businesses look to increase their access to the answers they need, while reducing their risk and liability.
- Best practices for how to share and secure personal information
- Pitfalls to avoid as you grow your organization and expand offerings
- Hear real world examples on how businesses engage with their communities and personal data
This presentation details how to leverage technologies such as Hadoop, MapReduce, Pig and Sqoop to massively scale cloud integrations to services such as Salesforce.com. Attendees will learn how to overcome API limitations, throughput latency and infrastructure scaling challenges to significantly increase integration performance.