Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Career Conversations w/ Mary Chaney - Expert in Cybersecurity Law
    Career Conversations w/ Mary Chaney - Expert in Cybersecurity Law Mary Chaney, Expert in Cybersecurity Law and WSC VP Jessica Gulick Recorded: Feb 16 2018 60 mins
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!

    Guests: Mary Chaney, Attorney At Law, The Law Offices of Mary N. Chaney, P.L.L.C.
    Threat Intelligence and Forensics Expert, Founder of Horton Technologies, LLC

    Hosted by Jessica Gulick, VP of the Women's Society of Cyberjutsu

    About the Speaker:
    Mary N. Chaney, Esq., CISSP, has 20+ years of experience within the fields of Law, Information Security, Privacy and Risk Management. She graduated from Xavier University in Cincinnati, Ohio with her B.S.B.A in Information Systems and received her J.D. degree from Thurgood Marshall School of Law. She spent several years practicing law in Washington, DC focusing primarily on anti-trust and intellectual property rights infringement cases. She then transitioned to serve by becoming a Special Agent for the FBI where she investigated cybercrime as their Information Systems Security Officer.
    Ms. Chaney obtained her Certified Information Systems Security Professional (CISSP) certification in 2008. She has held senior level information security roles with Comcast, Johnson & Johnson and GE Capital. As an adjunct professor with the University of Cincinnati, she assisted with the establishment of their Cybersecurity Certificate program.
    Currently, Ms. Chaney practices cyber security law for her own firm, The Law Offices of Mary N. Chaney, P.L.L.C. where she specializes in helping the CIO, CISO and General Counsel understand each other to legally protect the enterprise from cyber security risk.
  • Accounting for the Endpoint in Your GDPR Strategy
    Accounting for the Endpoint in Your GDPR Strategy Josh Evans, product manager, Code42; Abhik Mitra, product marketing manager, Code42 Recorded: Feb 15 2018 45 mins
    The EU General Data Protection Regulation (GDPR) deadline of May 2018 is fast approaching! In the midst of preparing for the new regulation, it is equally important to understand how to provide visibility into endpoint data generated by your knowledge workers, and how to protect it.

    In this live webinar, Code42’s Josh Evans, product manager, and Abhik Mitra, product marketing manager, will discuss how Code42 addresses the endpoint gap and enables your GDPR strategy.
  • Discover the SIEMple Life with a Managed SOC
    Discover the SIEMple Life with a Managed SOC Narayan Makaram - Senior Director of Product Marketing & Louis Evans - Product Marketing Manager at Arctic Wolf Networks Recorded: Feb 15 2018 59 mins
    Most security information and event management (SIEM) customers are struggling to achieve meaningful success a year or more after initial deployment. This is especially true with mid-market companies, where shrinking IT security budgets and shortage of skilled cyber security resources have forced them to reconsider investing in a SIEM, and seriously look at managed security services options.

    Before CIOs/CISOs take a leap of faith into any kind of managed security service, they want to be able to measure ROI with an outsourced managed solution, as opposed to managing their own SIEM. In this webinar, hear from security experts on:
    - What does it take to build and manage your own SIEM in-house?
    - What security SIEM blind spots can you avoid with a managed security service?
    - How do you determine ROI of a managed service as compared to a SIEM?
  • Data Breach Survival Tactics: Building Actionable Incident Response Plans
    Data Breach Survival Tactics: Building Actionable Incident Response Plans Stephanie Ewing, Solutions Expert, and Ryan Clancy, Senior Consultant Recorded: Feb 15 2018 55 mins
    In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. It can clearly outline who’s in charge, what resources are available, and what options there are for detection and containment. Having a documented, tested process brings order to chaotic situations and keeps everyone focused on solving urgent issues.

    So, how can you test your incident response plan and ensure your team is ready to handle the next breach?

    Join our incident response experts for a 45-minute presentation plus Q&A to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.

    What you’ll learn:
    • Proper taxonomy for writing an incident response plan
    • Recommendations for developing and building in cyber exercises
    • How to use your knowledge management system to keep plans agile
    • Avoiding scope creep and identifying likely scenarios to test

    About the Speakers:
    Stephanie Ewing is a Solutions Expert with Delta Risk. She has 17 years of experience in information technology and information security leadership. Prior to joining Delta Risk, she spent several years working with leaders of critical infrastructure organizations across the nation to improve their security programs. Through workshops, training classes, and tabletop exercises, Stephanie has worked to educate executive level leadership and elected officials on security threats and risk management strategies.

    Ryan Clancy is a Senior Associate for Security Operations Services with Delta Risk. He has more than 15 years of experience in the IT and cyber security domain providing consulting services, hunt operations, threat intelligence, cyber exercises, enterprise defense assessments, and training in defensive and offensive network security operations.
  • How to Implement Trusted Platforms and EcoSystems
    How to Implement Trusted Platforms and EcoSystems Phil Tricca, Intel, and Lee Wilson, OnBoard Security Recorded: Feb 15 2018 56 mins
    Daily reports of attacks and breaches, from servers, PCs and data centers to IoT systems, mean that developers and OEMs must embed security at the foundation of their systems and ecosystem. This new webcast with long-time TPM and Trusted Software Stack expert Lee Wilson, OnBoard Security, and Philip Tricca, Intel Corporation, will review the key attributes of the TPM and how the new TCG TSS can be used for bottoms-up defense using a trust chain and improving overall platform security.

    Attendees will learn about the changes to TSS to make use much easier and more efficient, how to start developing applications and resources. Use cases including key storage and software measurement will be addressed along with strong device identity and authentication. Using the TPM and TSS for health monitoring also will be discussed.

    Wilson is business development engineer at OnBoard Security, where he is responsible for technical support and business development of OnBoard Security's TCG Software Stack 2.0 (TrustSentry 2.0) and OnBoard Security's post-quantum cryptography (NTRU and pqNTRUsign).

    Prior to joining OnBoard Security, Lee had a 35 year career with IBM. He currently chairs the Trusted Software Stack and Virtualized Platform Work Groups for Trusted Computing Group. Lee earned his BSEE work at Northwestern University and his MSEE work at Syracuse University and has been awarded TCG’s Key Contributor Award.

    Tricca is a software architect and engineer working in Intel’s platform security division. His career began with a 7-year stint in a U.S. Air Force research lab working with open source Linux security technology including mandatory access control systems like SELinux and measured boot using the TPM 1.2 devices. Most recently Philip has found his way to Intel where his current responsibilities include transforming Intel’s open source implementation of the TPM2 Software Stack (TSS2) from proof of concept to a vibrant and sustainable OSS project.
  • Will Artificial Intelligence Strengthen Your Security Stance?
    Will Artificial Intelligence Strengthen Your Security Stance? Chris Roberts, Acalvio | Chris Morales, Vectra | Vikram Kapoor, Lacework | Willy Leichter, Virsec Recorded: Feb 15 2018 59 mins
    The volume and frequency of cyber-attacks makes it impossible for security analysts to use manual threat analysis to keep up with a rapidly changing threat landscape.

    Innovations in artificial intelligence (AI) now make it possible to automate mundane security operations, and provide security analysts with access to large data sets. The benefits are significant: analyst time is freed-up, and they have access to better information enabling smarter, faster decisions about how to continually improve the security posture of their organization.

    Join this Q&A panel on how AI can help improve your organization's overall security.

    Speakers:
    - Chris Roberts, Chief Security Architect, Acalvio
    - Chris Morales, Head of Security Analytics, Vectra
    - Vikram Kapoor, Co-Founder and CTO, Lacework
    - Willy Leichter, Vice President of Marketing, Virsec
  • T-72 Hours to Report a Breach: Are you GDPR Ready?
    T-72 Hours to Report a Breach: Are you GDPR Ready? Paul-Johan Jean, GDPR Legal Consultant at Sphaerist Advisory and Hank Schless, Product Marketing Manager at Threat Stack Recorded: Feb 15 2018 44 mins
    May 25th, 2018, the day that Europe’s General Data Protection Regulations (GDPR) comes into effect, is fast approaching. Many US companies are behind the curve in determining whether and how GDPR applies to them and figuring out what to do about it.

    Paul-Johan Jean, a GDPR legal consultant at Sphaerist Advisory, works with US companies to cut through the ambiguity and paralysis and get ready. Tune in on 2/15 at 1 PM EST to learn from this GDPR expert on how to:

    -Dispel myths around the new regulation
    -Take a practical, manageable and cost-effective approach to dealing with GDPR
    -Identify resources that can help you comply with various requirements, such as record keeping or data breach notification
  • Next-Gen Directory Services: How CIAM and IoT Drive Security & Performance
    Next-Gen Directory Services: How CIAM and IoT Drive Security & Performance CA Technologies: Clayton Donley, SVP Software Engineering, Security & Rob Lindberg, Sr Principal Product Mngr, CA Directory Recorded: Feb 15 2018 38 mins
    The reality is that Consumer Identity and Access Management and the Internet of Things are fostering unprecedented change. The scale and types of devices and digital identities are increasing at a significant pace, driving huge security and performance concerns. These concerns have many companies asking:

    • How are potential risks being monitored and secured?
    • How are users and devices being managed?
    • How are directory services being configured?

    Learn to address these challenges, while shaping a more secure and cost-effective infrastructure.

    Join CA Technologies gurus Clayton Donley, SVP, Software Engineering, Security and Rob Lindberg, Sr Principal Product Manager, CA Directory to explore alternatives and recommendations. You'll also be able to compare performance results of leading next-gen directory services, tested and compiled by an independent, third-party.
  • Plan the Work & Work the Plan – Continuing the Move to the Cloud
    Plan the Work & Work the Plan – Continuing the Move to the Cloud Tom Thomas, Director of Enterprise Architecture, F5; Ryan Goode, Sr Mgr, Tech Ops, (ISC)2; Brandon Dunlap, Moderator Recorded: Feb 15 2018 58 mins
    Chances are, your organization has made a move to the cloud. In fact, most enterprises run approx. 45% of their applications and infrastructure in the cloud with that number sure to increase in the next 12 months. But as you relocate more into the cloud, what’s your strategy? What are you moving? What benefit are you seeking? Different businesses have different goals and objectives. Join F5 and (ISC)2 on February 15, 2018 at 1:00PM Eastern for a discussion on the continuing evolution of cloud migration and how organizations should prepare, strategize and execute their cloud journey while addressing operational needs, security concerns and the options that cloud-based services can bring.
  • Shadow Data Report: Top 5 Risks of Employee Cloud App Use and Abuse
    Shadow Data Report: Top 5 Risks of Employee Cloud App Use and Abuse Martin Johnson, Sr. Director of Outbound Product Management, Cloud from Symantec Recorded: Feb 15 2018 54 mins
    It’s not an illusion. The increase in cloud app adoption has increased the exposure to your most sensitive data. Our Shadow Data Report covers the key trends and challenges to consider so you can deal with the risks head-on and still maintain the benefits of moving to the cloud.

    Register for this webcast for insights on the top 5 threats from the report to consider as well as:

    •The hidden signs of looming data breaches and where to look for them

    •What kind of risky employee activity could expose your most sensitive data

    •Whether file sharing, email and social or a combination change your exploitation risks

    Register Today
  • The GDPR Deadline Readiness and Impact to Global Organizations Outside the EU
    The GDPR Deadline Readiness and Impact to Global Organizations Outside the EU Tim White, Director of Product Management, Qualys Recorded: Feb 15 2018 46 mins
    Learn how Qualys helps customers worldwide comply with the European Union General Data Protection Regulation (GDPR).
  • Creating Modern Business Foundations upon Hybrid IT Infrastructures
    Creating Modern Business Foundations upon Hybrid IT Infrastructures Todd Traver, Vice President, IT Optimization and Strategy, Uptime Institute Recorded: Feb 15 2018 50 mins
    Modern businesses are being transformed into digital businesses. To do so, IT is being re-imagined to span hybrid infrastructures; including multiple data centers, co-location facilities and cloud service providers. This hybrid approach has many benefits including cost savings, but can increase the overall difficulty in supporting such environments to deliver a predictable level of IT services. We’ll discuss one methodology designed to assess your current risk profile and spot vulnerabilities.
  • Achieving Compliance Agility with a Harmonized Controls Framework
    Achieving Compliance Agility with a Harmonized Controls Framework Lynn Heiberger - Unified Compliance; Sam Abadir - Lockpath Recorded: Feb 15 2018 60 mins
    In our uncertain regulatory climate, it’s essential for compliance to remain flexible. One way to achieve this is by implementing a harmonized controls framework. In this webinar, Lockpath and Unified Compliance will explore the growing need for harmonized controls and how this type of controls framework can bring agility to compliance--a necessity in a time of regulatory uncertainty.

    Attendees will learn:
    • The concept and reasons for using a single controls framework
    • How one organization quickly addressed updated regulatory guidance using a harmonized controls framework
    • How to achieve compliance agility with harmonized controls and an integrated risk management platform
  • Catalog your data as a crucial first step on the journey to self-service data
    Catalog your data as a crucial first step on the journey to self-service data Matt Aslett, 451 Research Director for Data Platforms & Analytics; Andy Sheldon, Vice President of Marketing Unifi Software Recorded: Feb 15 2018 61 mins
    Before an organization can benefit from a self-service data environment to reduce time to insight, an essential first step is to catalog your data so that business users can discover what’s important to them. Seamlessly wrapping other self-service data tools around a comprehensive data catalog is the remainder of the journey to faster business insights.

    This webinar will discuss approaches that enable self-service data for analytics, from discovery to insight, including making the most from a data lake and standing up new data processing pipelines for achieving business success.
  • Container Security at Scale - Best Practices for Secure Container Deployments
    Container Security at Scale - Best Practices for Secure Container Deployments Jay Dobies, Partner Technical Marketing Engineer, Red Hat; Tim Mackey, Sr. Technology Evangelist, Black Duck by Synopsys Recorded: Feb 15 2018 59 mins
    DevOps organizations are increasing turning to container environments to meet the demand for faster, more agile software delivery. Container orchestration presents the most effective way to manage the operational challenges as these production environments scale. However, large-scale container deployments present a new array of security challenges, including how to properly manage open source security risk. A 2017 451 research report recently identified security as the single biggest hurdle to container adoption.

    The challenges of managing security risk increase in scope and complexity with the size of your deployment and the number of open source software components that are a part of your application code base. In 2017, dozens of new CVEs were reported every day, making it essential to have good visibility into and control over the open source in use in order to understand if any known vulnerabilities are present.

    Join experts from Red Hat and Black Duck as they share the latest insights and recommendations for securing open source in your containers. You’ll learn:

    - The role of containers in addressing some of the problems faced by teams moving to DevOps
    - How OpenShift enhances that solution by answering questions of networking, image registries, deployment automation, application lifecycle, etc.
    - Why container environments present new application security challenges, including those posed by open source
    - How to scan applications running in containers to identify open source and map against known vulnerabilities
    - Best practices and methodologies for deploying secure containers with trust
  • 25 May 2018 is just the beginning for GDPR - what to expect next
    25 May 2018 is just the beginning for GDPR - what to expect next Steve Holt, Partner, EMEIA Financial Services Cybersecurity Leader, EY Recorded: Feb 15 2018 43 mins
    In anticipation of the 2018 GDPR implementation date, EY will host a live webinar focusing on immediate actions to take and building a long-term privacy strategy post May 2018.

    The webinar will be moderated by EY's Steve Holt, EMEIA Financial Services Cybersecurity Leader, who will be joined by the below three panelists. The panelists will be asked to contribute their views on the EU and non-EU impacts of GDPR for the financial services sector.

    Panelists include:
    •Torrin Stafford, Head of Data Privacy and Records Management, Lloyds Banking Group
    •Tony de Bos, Partner, EMEIA Financial Services Data Protection and Privacy Leader, EY
    •John Doherty, Partner, Americas Financial Services Data Privacy Leader, EY

    Topics for discussion will include:
    •Demonstrating compliance: the key GDPR program focus areas over the next few months
    •Defining and managing your risk exposure: what is your organizations risk reduction journey up to and post the May 2018 deadline
    •Compliance to business benefit: leveraging your GDPR strategy for commercial and business benefits

    Reach out to Steve Holt
    sholt2@uk.ey.com
  • Training Snapshot: Persistent Highlighting from CloudNine
    Training Snapshot: Persistent Highlighting from CloudNine Brian Kelley Recorded: Feb 15 2018 3 mins
    A snapshot demonstration of the process required to set up and view persistent highlight terms within CloudNine to ensure important terms are always highlighted during review, regardless of search criteria.

    Failing to spot highly relevant, hot or privilege terms during document review can lead to important documents being missed or inadvertent disclosure of privileged information. Persistent highlighting enables these important terms to be always highlighted – regardless of search criteria – enabling them to be more easily spotted during review, which improves the quality of the review process.

    Training Snapshot Presenter: Brian Kelley

    Brian is the Director of Customer Success for CloudNine. At CloudNine, Brian manages training, support and customer success efforts for CloudNine's Software-as-a-Service (SaaS) eDiscovery clients. Brian has extensive experience providing legal technology consulting and technical support services to numerous commercial and government clients ranging from multinationals corporations and large law firms to litigation support providers and governmental agencies.
  • Cyber Thursday: The Latest Challenges And Solutions To Cyber Threat
    Cyber Thursday: The Latest Challenges And Solutions To Cyber Threat Trevor Dearing, Cyber Security Solutions Product Marketing Manager & Andrew Shepherd, Senior Regional Marketing Manager Recorded: Feb 15 2018 30 mins
    Cyber Thursday is a regular monthly broadcast video which provides an update on the latest development in the field of Cyber Security. Every second Thursday of the month the programme will feature a number of contributors and panellists from both within Palo Alto Networks and third party thought leaders from the Security Industry.
    This first edition will focus on Next Generation EndPoint Security Solutions and the challenges that organisations face when a breach occurs. Among the things we will discuss are:
    - what we mean by endpoint
    - how come attacks go through despite all measures
    - what happens after a breach
    - what are the big challenges in endpoint protection and any specific to EMEA
    - what are the changes coming up
    - the big threat of ransomware
  • [VIDEO] Differencing attacks: An introduction
    [VIDEO] Differencing attacks: An introduction Charlie Cabot, Research Lead, Privitar Recorded: Feb 15 2018 2 mins
    What is a Differencing Attack? And how can you defend against it?

    Here you can find a short video interview with Charlie Cabot, Research Lead at Privitar, in which he talks about some of the risks of Differencing Attacks.
  • [VIDEO] Data as a Service (DaaS): Challenges and solutions
    [VIDEO] Data as a Service (DaaS): Challenges and solutions David Roberts, Technical Sales, Privitar Recorded: Feb 15 2018 4 mins
    What are some of the key challenges that organisations face when adopting a Data as a Service (DaaS) approach?

    How can Privacy Engineering help?

    Here you can find a short video interview with David Roberts, Technical Sales at Privitar, in which he talks about some of the challenges of adopting a Data as a Service (DaaS) approach, and how best to overcome them.
  • [VIDEO] Differencing attacks: Intro to reconstruction attacks
    [VIDEO] Differencing attacks: Intro to reconstruction attacks Theresa Stadler, Data Scientist, Privitar Recorded: Feb 15 2018 2 mins
    What is a reconstruction attack and what can organisations do to defend themselves against it effectively?
  • [VIDEO] Privacy and innovation within telecoms
    [VIDEO] Privacy and innovation within telecoms James Kenney, Senior Account Director for Telecoms, Privitar Recorded: Feb 15 2018 3 mins
    How can telecoms innovate with data and at the same time ensure the privacy of their customers' sensitive information?

    The vast quantities of customer data held by telecoms companies present a largely untapped opportunity for business intelligence, but how can telecoms innovate with data whilst ensuring the privacy of their customers' sensitive information?

    Watch this short video of Privitar Senior Account Director for Telecommunications, James Kenney, in which he talks about the privacy challenges facing telecoms companies today.
  • Endpoint Protection Beyond Antivirus
    Endpoint Protection Beyond Antivirus Steve Gerrard and Usman Durrani, Cyber Security Solutions, Palo Alto Networks Recorded: Feb 15 2018 45 mins
    It’s time to protect your users from threats that easily bypass antivirus.

    Join us for a live webinar on endpoint security

    •What hidden costs traditional AV imposes on your organization
    •How to determine the true value of any endpoint security solution
    •Which five capabilities are critical to protect your users, systems and endpoints
    •How Traps v3.4 prevents security breaches in your organization – without traditional AV.

    Protect yourself against antivirus.
  • Container troubleshooting with Sysdig
    Container troubleshooting with Sysdig Jorge Salamero Sanz, Technical Marketing Manager, Sysdig Recorded: Feb 15 2018 45 mins
    SSHing into a container for troubleshooting or burdening it with additional monitoring tools is kind of an anti-pattern. But… you still want to have full control, traceability and visibility right? Containers are highly volatile, how can you do this if your container doesn’t exist anymore?

    Sysdig uses Linux tracepoints to collect and then process and filter kernel system calls and events. Still this requires a deep knowledge on a tcpdump like filtering syntax and understanding on the syscalls involved. Sysdig Inspect makes our deep dive into system calls much more intuitive and visual though a graphical user interface that allows to correlate high level activities like containers, processes, containers, network or file I/O and commands, events or logs.

    In this webinar series you will get to know how Sysdig and Sysdig inspect works through a series of practical examples:

    -Exploration and performance analysis of container, processes, network and file activity on a typical Wordpress setup
    -Debug a 502 HTTP error on a load-balanced Python app with HAproxy
    -Troubleshoot a Kubernetes CrashLoopBackOff error

    Who should attend?

    If you're managing containers in production, using containers for development or just beginning our container exploration, you'll want to attend to understand the challenges of troubleshooting system or application errors when running inside containers.
  • HITRUST Compliance and Why it Matters
    HITRUST Compliance and Why it Matters Todd Bernhard, Product Marketing Manager Recorded: Feb 14 2018 22 mins
    HITRUST Alliance is a not-for-profit organization that offers a security framework and training courses, helping cloud experts achieve compliance with legal mandates. While it's voluntary, being HITRUST certified can help you safeguard sensitive information and manage risk across the supply chain.

    In this webinar learn more about HITRUST and how it is likely to impact your organization.
  • 3 Tips for Selling to the Senior level Execs
    3 Tips for Selling to the Senior level Execs Tim Robertson Feb 20 2018 11:00 am UTC 60 mins
    Most of us want to have better meetings with senior executives. Meetings that feel like conversations, not pitches. Meetings that build deeper relationships. Meetings that uncover more ways in which they can help their customers. Behind closed doors, when I ask what's holding people back, many will tell me things like, "I don't feel comfortable," "I have nothing to offer to them,"" or "I'm not at their level." Selling to Senior level executives can be difficult, and getting a first meeting can be a real challenge. But, in our experience, the most difficult part is not getting the first meeting. It's getting the second one. Or the third one. This webinar explores the ways that you can get to that second and third meeting
  • 2018 Phishing Trends: New year. New threats. Same dark intentions.
    2018 Phishing Trends: New year. New threats. Same dark intentions. Adrian Davis, Managing Director (ISC)² EMEA, Mollie Holleman, Senior Intelligence Specialist, Phishme Feb 20 2018 12:00 pm UTC 60 mins
    Join (ISC)² EMEA and PhishMe for a look back at 2017’s threats and a look ahead. We’ll provide an overview of what PhishMe's Intelligence team uncovered, discuss trends in phishing-delivered malware, and analyse how various delivery vectors evolved.

    Some of the trends we’ll discuss:
    •The implications of last year’s major global cyber-events, such as WannaCry and NotPetya
    •The emergence of new ransomware families
    •The abuse of legitimate functions built into business-critical software platforms to deliver malware
    •The favouring of modularity and plug-in accompaniments to lightweight botnet and stealer malwares
    •New ways cyber-criminals are obtaining cryptocurrency

    Cyber-crime won’t slow down. Take this opportunity to learn from the recent past as you deal with current threats and prepare for whatever’s next.
  • You've Got Your GDPR Policy, Now What?
    You've Got Your GDPR Policy, Now What? Tom Mighell, Esq., VP of Delivery Services, Contoural Feb 20 2018 4:00 pm UTC 60 mins
    In many ways, having your Data Protection Policy in place is not necessarily the last mile, but the first. In order to be fully GDPR-compliant, you need to understand where all of your information is, where your privacy data lives and how it’s being secured.

    Join Tom Mighell, VP of Delivery Services at Contoural as he discusses the roadmap you need to follow to achieve full compliance before the May 25th deadline.

    Topics will include:
    • Strategies to execute your policy
    • How to train everyone in your organization to be aware of privacy requirements
    • Appointing a Data Protection Officer to manage your privacy program for your organization
    • Steps your organization needs to take now to be ready
  • Building an Agile Enterprise
    Building an Agile Enterprise Andy Jordan, Project Management.com and Elizabeth Schulheisz, CA Technologies Feb 20 2018 6:00 pm UTC 60 mins
    A lot has been written recently about Agile expansion. That might sound scary when you are still new to Agile and might only have a few teams onboard. However, it is still important to start thinking about how you envision Scaling Agile and incorporating your business strategy.

    Industry expert and ProjectManagement.com SME Andy Jordan believes that even for someone who is early in their agile adoption, it is essential to understand the concept of business agility.
    Join Andy for this high energy, thought provoking webinar to learn:

    -Why business agility matters and why you need to care about it
    -The role of strategic agile models in supporting your agile success
    -The importance of broadening Agile across multiple departments

    In today’s business world every organization has to be able to react quickly and with minimal disruption to the inevitable changes they face. Business agility maximizes your ability to do that. Start improving things right now by signing up for this webinar.
  • How Hackers Sneak Past Defenses, and Ways to Evade Them
    How Hackers Sneak Past Defenses, and Ways to Evade Them Brook Chelmo, Product Manager, SonicWall and Andy Norton, Director, Threat Research, Lastline Feb 20 2018 6:00 pm UTC 60 mins
    The rise of ransomware forced companies to improve their defenses against malware and intrusions. As a result, malware developers seek new ways to evade network security defenses.

    In this webinar, experts from SonicWall and Lastline will show you 6 core evasion tactics, why they work, and how to stop them by using advanced malware analysis tools.

    - Learn about modern hacking, and how it affects companies today
    - Discover how and why hackers break into networks
    - Learn how to apply advanced network sandboxing to discover and stop new threats
  • Not Just Another GDPR Webinar: Critical Information You Need to Know About GDPR
    Not Just Another GDPR Webinar: Critical Information You Need to Know About GDPR Primitive Logic CEO Jill Reber & President Kevin Moos and Latham & Watkins Partner Michael Rubin Feb 20 2018 6:00 pm UTC 60 mins
    Join this conversation between Primitive Logic’s technology solutions experts and Latham & Watkins’ Privacy and Data Protection legal expert to understand GDPR key points and technical solutions to help your GDPR readiness.

    - What steps do you have to take to address the expanded definition of Personal Data?

    - Consent Management Considerations

    - What do the Privacy Rights given to data subjects mean for your digital data governance solutions?

    Day 1 of 3 day series:
    Day 1 – Overview of key concepts with legal and technical discussion of suggested actions

    ~ Day 2 – Focus on Privacy side of GDPR from a technology perspective
    ~ Day 3 – Focus on Security side of GDPR from a technology perspective

    Speakers:
    Jill P. Reber, Primitive Logic CEO
    Kevin Moos, Primitive Logic President
    Michael Rubin, Latham & Watkins Partner – Privacy and Data Protection
  • Exclusive Healthcare Webinar: Anatomy of an Email-Borne Attack
    Exclusive Healthcare Webinar: Anatomy of an Email-Borne Attack Bob Adams, Mimecast Cybersecurity Expert; David Hood, Mimecast Director of Product Marketing Feb 20 2018 7:00 pm UTC 75 mins
    Email remains the biggest entry point into your healthcare organization, and with medical records at least 10X as valuable as credit cards, potential payoffs are high. Security threats are real and debilitating – they can even affect patient care – and they aren’t going away anytime soon. Join us for Anatomy of an Email-Borne Attack where we'll paint the current healthcare threat landscape for attacks and demonstrate an actual live “hack.”
  • How to Detect ACH Fraud with Machine Learning and Behavioral Analytics: Part One
    How to Detect ACH Fraud with Machine Learning and Behavioral Analytics: Part One Chris Ferrer, Product Manager, Guardian Analytics Feb 20 2018 7:00 pm UTC 45 mins
    In this webinar, Guardian Analytics Fraud experts will describe Same Day ACH BEC fraud scheme and explain how Guardian Analytics' machine learning and behavioral analytics patented technology can help you combat ACH social engineered fraud scheme.

    The Same Day ACH Fraud detection is part of a four-part ACH webinar series that includes:
    - ACH Kiting Fraud
    - ACH Small Transactions Fraud
    - ACH Payroll Fraud
    - Same Day ACH BEC Fraud
  • Simplify and Accelerate your GDPR Compliance Efforts
    Simplify and Accelerate your GDPR Compliance Efforts Tim Hill, Director of Product Management and Strategy Feb 20 2018 7:00 pm UTC 60 mins
    As we’re all aware, GDPR will be enforced starting May 25th, 2018 and organizations should understand which aspects of its preparations will be in place before the deadline.

    Much like other technological shifts of the last decade —GDPR will change the way our organization handles personal data. GDPR will require organizations to implement specific, defined controls over the handling of collected personal data, with the primary objective of streamlining data security regulations and bolstering data protection in the face of a fast-evolving technology landscape.

    Join this webinar with guest speaker Tim Hill, Director of Product Management and Strategy from Centrify, as he discusses best practices around frameworks and architectures needed to ensure better business process and data management.

    Tim will also cover how organizations with a strong IAM strategy in place are more likely to provide better notification and more openness if and when data has been compromised.

    Register for this webinar and learn:

    - Key elements to consider as the deadline for GDPR approaches
    - How a strong IAM strategy enables organizations to quickly identify whose data they are responsible for and where its stored.
    - How Centrify’s Zero Trust approach to IAM can help you prepare for GDPR’s underlying policy goals.
  • Are You Ready for GDPR? The Top 10 Things to Know for GDPR Compliance
    Are You Ready for GDPR? The Top 10 Things to Know for GDPR Compliance Cameron D'Ambrosi, Director, OWI Client Services & David Thomas, CEO & Founder, Evident Feb 20 2018 8:00 pm UTC 45 mins
    Just three months remain before companies that process the personal data of those within the EU must be in compliance with the General Data Protection Regulation (GDPR). Yet, there are often still outstanding questions around some of the key changes that will go into place and their impact on various parts of an organization. This webinar will highlight 10 key considerations that need to be made for controlling how data is accessed, stored, kept up to date, transferred and deleted. It will also breakdown four key steps to take to assure that you are on your way to meeting the necessary requirements.

    Join the GDPR Dream Team as they discuss:
    - What GDPR is and who it applies to
    - How to assess the level of exposure your company has to this regulation
    - Understanding the new rights of data owners and what you need to be prepared for
    - How to ensure you put the right processes and technology in place to stay compliant
  • GDPR - Security at the Service of Privacy
    GDPR - Security at the Service of Privacy Michelle Dennedy (Cisco) | Ariel Silverstone (Data Protectors) | Paul Rosenzweig (Red Branch Consulting) Feb 20 2018 10:00 pm UTC 60 mins
    The General Data Protection Regulation (GDPR), a key legislation covering privacy rights, data security, data control, and governance, is going into effect in May 2018. As organizations are scrambling to achieve GDPR compliance before the May 25th deadline, some are still not clear on the exact GDPR requirements.

    Join this panel of experts as they discuss:
    - The regulatory landscape in 2018
    - What GDPR means for you and your organization
    - GDPR requirements around data collection and governance, exposure and breach disclosure, identity and privacy
    - Evaluating your cyber risk
    - Last minute changes your organization needs to make
    - Failure to comply & fines
    - Recommendations for achieving compliance and other regulation on the horizon.

    Speakers:
    - Michelle Dennedy, VP & Chief Privacy Officer at Cisco
    - Ariel Silverstone, Managing Partner, Data Protectors
    - Paul Rosenzweig, Principal at Red Branch Consulting
  • GDPR Is Coming - Is Your Organization Ready? Key Steps to Help You Prepare
    GDPR Is Coming - Is Your Organization Ready? Key Steps to Help You Prepare Amar Singh (Cyber Management Alliance) | Guy Cohen (Privitar) | Punit Bhatia (Author) Feb 21 2018 1:00 pm UTC 60 mins
    On May 25 the long-awaited General Data Protection Regulation (GDPR) will go into effect across Europe. GDPR is the biggest overhaul of data protection laws in more than two decades. How prepared is your organization for GDPR?

    Join this interactive panel of experts as they discuss:
    - What is GDPR?
    - Why should you be GDPR-compliant?
    - How to achieve compliance?
    - Steps your organization should take today to prepare for GDPR
    - Other GDPR considerations

    Speakers:
    - Amar Singh, Founder, Cyber Management Alliance
    - Guy Cohen, Strategy and Policy Lead, Privitar
    - Punit Bhatia, Author of "Be Ready for GDPR"
  • Data Quality: GDPR Compliance with Confidence
    Data Quality: GDPR Compliance with Confidence Aisan Baird, Director, EMEA & APAC Pre-Sales, Syncsort Feb 21 2018 2:00 pm UTC 45 mins
    Explore key insights on how data quality can help you achieve your GDPR compliance with confidence, including:

    * GDPR readiness: What companies must be prepared for
    * Why Data Quality is so critical for GDPR compliance
    * How to address data-related GDPR challenges through a practical, structured approach
  • The Last Minute Guide to Help Address GDPR Compliance
    The Last Minute Guide to Help Address GDPR Compliance Saab Bharaj, Principal Consultant, Data Protection and Privacy, Verizon Enterprise Solutions Feb 21 2018 2:00 pm UTC 45 mins
    By now, you’re probably well into the implementation of policies and governance to ensure your organization is GDPR-compliant. Nevertheless, you may still be questioning whether there is a database, process or function within your department that hasn’t been through the full rigor of your compliancy program.

    Join our live webinar as a sanity check against best practice and real-life examples whether:
    - All sources of applicable data have been identified and risk-assessed you have created a comprehensive policy framework and guidance
    - Functional departments understand their risks and taken the correct steps to mitigate
    - Have sufficient transparency in place
    - Know which third parties are holding data on your behalf
    - Learn the required ongoing governance and testing of your compliance processes
  • Verizon Threat Research Advisory Center - Cyrptocurrency Attacks
    Verizon Threat Research Advisory Center - Cyrptocurrency Attacks John Grim and David Kennedy, Verizon Enterprise Solutions Feb 21 2018 3:00 pm UTC 90 mins
    Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing to discuss the current cybersecurity threat landscape.

    This month's theme: Cryptocurrency Related Attacks

    Our Verizon Threat Research Advisory Center presenters will be:

    •David Kennedy, Managing Principal, Open Source Intelligence
    •John Grim, Senior Manager, Investigative Response – Americas
    •Adam Harrison, Senior Consultant, Investigative Response – EMEA
    •Josh Costa, Senior Consultant, Investigative Response – Americas
    •Roy Porter, Senior Analyst, Cyber Intelligence

    We'll cover 'Cryptocurrency Related Attacks' for this month's theme. In doing so, we'll provide insight as seen by our investigators and analysts. For the 'Insight' portion, Adam Harrison will provide a 2018 Data Breach Digest pre-release 'sneak peek' on a Cryptocurrency-Mining Malware scenario. For the 'Today's Risk' portion, we'll feature Roy Porter who'll provide an in-depth look into cryptocurrency-related attacks as seen in our caseload and on the DarkNet and internet.

    This will be followed by our regularly scheduled programming:

    •Current Intelligence Overview
    •Attacks and Threat Indicators
    •Latest Malware Trends
    •Significant Vulnerabilities

    If you have any questions related to cryptocurrency related data breaches that you'd like us to cover on the call, please send them to the following email address prior to Feb 14 2018:

    Intel.Briefing@verizon.com

    And then tune in for an information-packed session brought to you by our very own Verizon Threat Research Advisory Center investigators, analysts, assessors, and researchers!
  • The Growing Risk of DDoS Attacks
    The Growing Risk of DDoS Attacks Robert Ayoub Research Director- Security IDC and Tom Bienkowski Director of DDoS Product Marketing Arbor Networks Feb 21 2018 4:00 pm UTC 60 mins
    If asked, “What’s our risk of a DDoS attack?”… Would you be able to answer with confidence? With all the attention given to ransomware, it’s easy to forget about availability protection. But the data is clear. DDoS attacks are increasing in frequency and complexity. And if not adequately prepared, the impact of a DDoS attack can be quite significant. To help you more accurately assess your risk of DDoS attacks, join Rob Ayoub, IDC Research Director and Tom Bienkowski, Arbor Networks Director of Product Marketing to learn about the latest trends in DDoS attacks and more importantly best practices in protection.
  • Becoming Compliant – Finding GDPR Data in the Wild
    Becoming Compliant – Finding GDPR Data in the Wild Tom Mighell, Esq., VP of Delivery Services and Greg Forest, CTO, Contoural Feb 21 2018 4:00 pm UTC 60 mins
    In many ways, creating your GDPR Data Protection Policy is the easy part. As the May deadline approaches, the real work begins on finding all your Privacy Data not only in databases but also GDPR content scattered across file shares, desktops and other storage repositories around the world.

    In this Webcast, Contoural experts Greg Forest and Tom Mighell will discuss:
    • Real-world strategies and processes for identifying, classifying and securing large amounts of not only unstructured GDPR data
    • Addressing semi-structured content
    • Applying automation
    • Creating an ongoing process
  • Understanding Application Vulnerabilities and How To Fight Them
    Understanding Application Vulnerabilities and How To Fight Them Robert Larkin, CA Veracode Solution Architect Feb 21 2018 4:30 pm UTC 30 mins
    According to Gartner, the application layer contains 90% of all vulnerabilities. This is why you cannot let potential system flaws or weaknesses in your application be exploited to compromise the security of your organization’s most critical assets. Learn about the methods and solutions attackers typically rely on to perform application vulnerability discovery and compromise.

    Join this 20-minute webinar to see how Veracode can help your security and development teams identify and remove the vulnerabilities and flaws that can put your organization at risk. Recognized as a Gartner Magic Quadrant Leader since 2010, Veracode provides on-demand application vulnerability testing to detect and offer solutions for vulnerabilities and other security issues.
  • Healthcare orgs: Slay the risks of data-enabling your care providers
    Healthcare orgs: Slay the risks of data-enabling your care providers Mitchell Parker, Indiana University Health, Information Security & Compliance & Salim Hafid, Product Marketing, Bitglass Feb 21 2018 5:00 pm UTC 60 mins
    The healthcare industry is adopting technologies that give care providers rapid access to sensitive patient information, when and where they need it. While productivity is enhanced with cloud computing, mobility, “BYOD” unmanaged personal devices, and hosted SaaS apps like Office 365, the CISO is concerned with resolving the inherent risk these technologies bring with them.

    For the CISO, it’s important to look at everything, assess risk the right way, and have a practical mitigation plan to address issues that could lead to data loss or breaches, ransomware and other threats.

    In this webinar led by Mitchell Parker, Executive Director of Information Security and Compliance (CISO) at Indiana University Health and Salim Hafid, Product Marketing Manager at Bitglass, you’ll learn how to resolve the risk of cloud applications and access via unmanaged devices, and how to apply appropriate controls that enable patient care in a seamless and secure manner.

    Our experts will talk about the issues everyone is struggling with, and how cloud security is evolving to address them.
  • Internal Audit and Board Alignment
    Internal Audit and Board Alignment Dr. Raj Aggarwal, CFA, Ancora Trust Feb 21 2018 5:00 pm UTC 60 mins
    Dr. Raj Aggarwal is back to address an important topic on the alignment of internal audit and the board. As a board member, Dr. Aggarwal gets to see both sides, internal audit interaction with the board, and the board expectations of the internal audit function.
    Dr. Aggarwal will expand on the recent article of Board Matters in IIA’s Internal Auditor magazine and share his experiences related to the exchanges of the board and the internal audit.
    This webinar is designed not only for the CAEs but all members of the internal audit function and the Board of Directors for both private and public companies.