Hi [[ session.user.profile.firstName ]]

IT Governance, Risk and Compliance

  • Avoiding IT and Operational Technology Convergence Pitfalls
    Avoiding IT and Operational Technology Convergence Pitfalls Dan Ortega - Vice President of Marketing Recorded: Mar 23 2017 4 mins
    In this video, we discuss pitfalls to avoid when consolidating IT and Operational Technologies

    A key technology convergence impacting the mainstream adoption of the Internet-of-Things (IoT) is the coming together of Information Technology (IT) and Operational Technology (OT).
    Below we explore five potential pitfalls to avoid when considering unified IT and OT:
    1.Visibility: Improving visibility across unified IT/OT infrastructure has some benefits such as enabling a single service desk to handle both IT and OT domains, and being able to use common management tools.

    2.Security: We have discussed how operational technology can create a risk for IT. There is, however, an upside of converging IT and OT. The converged technology infrastructure can be subject to the same security policies and can use common compliance controls.

    3.Scalability: By operating OT and IT in separate silos, you miss out on opportunities to procure complimentary technology for both. Purchasing can negotiate better discounts if they are buying technology in high volumes and IT gets to buy IT and OT technology that works together because it can be pre-integrated.

    4.Administration: By keeping IT and OT separated, an organization cannot benefit from being able to lower administration costs through streamlining and centralizing management.

    5.Collaboration: Higher up the food chain, since OT is normally more closely aligned with how the business makes money, a converged IT and OT solution can improve the partnership between business and IT.
    Blazent focuses on providing near real-time insights that can be gained by being able to ingest and analyze large numbers of IT and IoT data streams, correcting data gaps and inconsistencies before the data is consumed.
  • Prevent, Detect, and Respond – Securing Government and Education Onsite and in t
    Prevent, Detect, and Respond – Securing Government and Education Onsite and in t Panel of 11 experts moderated by PSTE Recorded: Mar 23 2017 72 mins
    The Public Sector Technology Exchange (PSTE), an independent venue that hosts national thought leadership forums on the challenges of government, education, and technology, hosts a webinar entitled “Prevent, Detect, and Respond – Securing Government and Education Onsite and in the Cloud.”

    Hear this leadership forum on demand to gain insights on:
    •Security best practices for government and education
    •Strategies for rapid response to breaches
    •Reducing your departmental cyber attack surface
    •Preparing for the “powder keg” situation in your organization
    •What hackers love about the cloud
    •Threat research trends on the future of cyber warfare

    Webinar Panelists:

    Chris Hill - Acting Deputy Chief Information Security Officer
    State of Illinois

    John Matelski - Chief Innovation and Information Officer
    DeKalb County, Georgia

    Rick Howard - Chief Security Officer
    Palo Alto Networks

    Matt Morton - Chief Information Security Officer and Assistant Chief Information Officer
    University of Nebraska Omaha

    Elayne Starkey - Chief Security Officer
    State of Delaware

    Lars Schmekel - Chief Security Officer
    Miami Dade County, Florida

    Gary Hayslip - Chief Information Security Officer
    City of San Diego, California

    Walter Tong - Director, Cyber Intelligence
    State of Georgia

    Duane Kuroda - Sr. Manager, Advanced Technologies
    Proofpoint

    Bob Leek - Deputy Chief Information Officer
    Multnomah County, Oregon

    Palo Alto Networks and Proofpoint are the sponsors of this leadership forum.
  • Uniting a global development workforce with Juniper
    Uniting a global development workforce with Juniper Dave Uebele, Juniper Networks, SCM Engineer and Russ Hill, WANdisco, SCM Specialist Recorded: Mar 23 2017 58 mins
    Join us to learn how Juniper Networks relies on WANdisco to unite a globally distributed development workforce within Subversion, delivering results such as:
    - A 24/7 Continuous Integration environment with zero Subversion downtime
    - Increased productivity and maximized valuable engineering time and efficiency
    - Eliminated the effects of network failures and the dependency on legacy backup procedures
  • Zero-Day Attacks and What To Do About It?
    Zero-Day Attacks and What To Do About It? Chris Candaffio, System Engineer, Symantec Recorded: Mar 23 2017 32 mins
    5-Part Webinar Series: Endpoint Protection…what really matters?

    Part 3 of 5: Zero-Day Attacks and What To Do About It?

    All applications have vulnerabilities and attackers are incented to find them. Once the vulnerability has been discovered, the longer it remains unpatched, the greater the risk of a breach, potential loss of information, and damage to reputation.

    Join us to learn what can be done to block exploit attacks on day zero:

    • What behaviors and techniques are used to block attacks
    • Why exploit prevention plays a critical part in endpoint protection
    • How Memory Exploit Mitigation works

    Then see Memory Exploit Mitigation in action with a demo Symantec Endpoint Protection.

    Register Today

    Watch On-Demand:
    • Symantec Endpoint Protection 14 Webinar Series Part 1 of 5: Addressing Unknown Threats with Advanced Machine Learning http://bit.ly/SEP14Series0126

    • Symantec Endpoint Protection 14 Webinar Series: Part 2 of 5: Block The Risk Of Ransomware http://bit.ly/Part2Webinar0223
  • The New Threshold of Comprehensive Security – Why Self-Healing is Imperative
    The New Threshold of Comprehensive Security – Why Self-Healing is Imperative Kim Ellery, Director, Product Marketing, Absolute Recorded: Mar 23 2017 30 mins
    Traditional strategies for protecting endpoints are failing as attacks increase in relentlessness and sophistication. This reality has elevated the demands on security professionals and requires that organizations adopt new security paradigms that unlock the power of self-healing systems. To stop security breaches at the source, we must become faster at intelligently detecting and responding to threats. This timely webinar from Absolute explores how to realize self-healing systems in your own organization and ensure preparedness in the face of evolving threats.
  • Storage Refresh? 3 Capabilities Primary Storage Must Have (but probably doesn't)
    Storage Refresh? 3 Capabilities Primary Storage Must Have (but probably doesn't) Charlie Hodges, Storage Switzerland Recorded: Mar 23 2017 59 mins
    If your organization is embarking on a refresh of your primary storage system this year, this is the one webinar that you will want to attend. IT evaluators that haven't looked at storage in a few years, will be impressed the use of flash to improve performance, while many claim to integrate file (NFS, SMB) and block (iSCSI, Fibre) protocols. These features though are now table stakes for the modern storage solution.

    While all of these features are important (and not created equal), IT professionals should demand capabilities that solve today's organizational challenges like eliminating shadow IT, improving multi-site productivity and long term data retention as well as meeting increasingly strict compliance standards. IT professionals should look for not only high performance and universal protocol support but also enterprise file sync and share, inter-data center sync and secure archive with compliance.
  • Top Reasons Why Your Antivirus Isn’t Working Anymore
    Top Reasons Why Your Antivirus Isn’t Working Anymore Ed Metcalf, Director of Product Marketing and Brian Robison, Senior Director of Field Technical Marketing at Cylance Recorded: Mar 23 2017 68 mins
    Are you weary from fighting malware, ransomware, and other threats that your ineffective and tired antivirus software can’t stop?

    If so, join us for our webinar, “Top Reasons Why Your Antivirus Isn’t Working Anymore” to hear why it’s time to rise up and overthrow traditional, reactive antivirus solutions in favor of proactive endpoint protection powered by artificial intelligence (AI).

    During this webinar, you will see a live demo of AI in action with CylancePROTECT®, and cover the key reasons why your current antivirus solution probably isn’t working anymore:

    - It’s Reactive: Legacy, signature-based antivirus products cannot prevent malware from executing. Cylance AI technology protects before the machine is infected.
    - It’s Ineffective: Legacy security tools perform at a 70 – 90% success rate. Cylance routinely performs with near perfect efficacy, at 99%+.
    - It’s Burdensome: On average, traditional endpoint security products use 50% to over 70% of CPU cycles during intensive scans. CylancePROTECT is outstandingly lightweight at just 1% – 3% CPU utilization.
    - It’s Costly: Signature-based antivirus solutions impact the bottom line with more layers of unproductive technology. Cylance protects with a single agent and a single cloud-based management tool, and that translates into big cost savings.
  • Are Your Security Solutions Simple and Efficient to Use?
    Are Your Security Solutions Simple and Efficient to Use? David Morris, Ulf Mattsson and Alex Pezold Recorded: Mar 23 2017 57 mins
    As the adoption of cloud computing increases across many business sectors, your applications ingest and share data generated and stored within and beyond the limits of your firewall. This makes your data blind spots more dangerous than ever—both for your internal data and how customers and clients handle their vital information outside your cloud systems. To protect your business, you need a balanced approach to security—combining compliance, responsiveness, and engineering without sacrificing usability and agility.

    Join this presentation to learn how your security solutions measure up when it comes to simplicity and efficacy.
    - Do you know what data you have, where it is, and how to protect it?
    - Do your data security solutions work seamlessly inside your environment? Are you able to secure multiple business units, ERP’s, etc.?
    - Does it play nice with fraud prevention, analytics, data sharing, etc?
    - Does your data security solution achieve PCI compliance as promised?
    - Does your data security solution secure ALL data sets that are a threat to your organization?
  • Litigating Open Source – Lessons learned from Hellwig and McHardy
    Litigating Open Source – Lessons learned from Hellwig and McHardy Mark Radcliffe, DLA Piper; Bernd Siebers, DLA Piper, Phil Odence, Black Duck Recorded: Mar 23 2017 62 mins
    The next wave of open source compliance challenges is upon us. Historically, enforcement has been a community based effort with an emphasis on “doing the right thing”. In recent years, however, we have seen the emergence of private enforcement and enforcement driven by entities and individuals for purposes of economic gain. In some cases these actions are to enforce legitimate interests arising from, for instance, dual licensing models. In other cases, copyright “trolls” are pressing an agenda. In this webinar, Mark Radcliffe and Bernd Siebers will review some of the current litigation trends, evaluate how the different elements of the open source community are reacting to these trends and offer insights and strategies for avoiding the cross-hairs. This includes taking a closer look at open source cases litigated in 2016 in Germany, including the following questions:

    - Are we experiencing a shift in jurisprudence?
    - What should users and developers of open source software do to protect themselves?
    - What's the contribution of the open source community?
  • Alternative Finance: striking the balance between innovation and regulation
    Alternative Finance: striking the balance between innovation and regulation Damian Reffin Solutions Consultant at Niu, John Mallios Solutions Manager at Profile & Jay Tikam Managing Director at Vedanvi Recorded: Mar 23 2017 32 mins
    The recent announcement by the FCA about upcoming regulation for the Crowdfunding market has left many Alternative Finance platforms wondering how they need to adapt?

    The market continues to grow rapidly, and technology innovation remains very much at the forefront of competition. Alternative Finance platforms need to revise their current strategies in order to comply with the proposed regulation, but also build flexible reliable systems and workflows that will enable them to continue innovating in the future, whilst maintaining their compliance.

    Join our webinar with Profile Software, where we will be joined by regulation expert Jay Tikham of Vedanvi, to discuss:

    •How the existing and upcoming regulations affect the alternative finance market in terms of cost, compliance and competition
    •What would companies need to do to overcome these challenges?
    •How can they continue to innovate and protect their business against new competitive entrants?
    •Is technology ready to deliver a “best-of-breed” approach?
  • Réussir une gestion de configuration ITSM (CMDB) efficace
    Réussir une gestion de configuration ITSM (CMDB) efficace Karim Maadi Recorded: Mar 23 2017 47 mins
    La mise en place d'une gestion de configuration (CMDB) ITSM efficace est essentielle pour les organisations qui souhaitent comprendre et maitriser les différents composants de leur système informatique afin de :

    - fournir aux utilisateurs les services et logiciels dont ils ont besoin
    - automatiser et rationnaliser leur processus IT

    Cependant, d'après le Gartner :

    " D'ici 2018, 75 % des organisations IT verront leurs efforts de gestion de configuration échouer en raison du manque de standardisation "

    Le défi est donc majeur et ne consiste pas seulement à construire une base de données de gestion de configuration (CMDB) mais surtout à garantir que le référentiel des actifs IT (matériels et logiciels), les utilisateurs et les relations entre eux, soient standardisés, utilisables et constamment à jour. Les changements de configuration et d'infrastructure peuvent rapidement rendre ce référentiel erroné.
  • Getting started with GDPR, Privacy and Applying Appropriate Security Controls
    Getting started with GDPR, Privacy and Applying Appropriate Security Controls Jason Hart, Gemalto, Christine Andrews, DQM GRC, Adrian Davis, (ISC)² EMEA Recorded: Mar 23 2017 56 mins
    In this webinar, presented by compliance experts Christine Andrews (DQM GRC) and Jason Hart (Gemalto) you will learn:

    a. The background to the new General Data Protection Regulation
    b. An overview of the key areas of change from the existing Data Protection Act – and the penalties for getting it wrong
    c. A focus on the information security implications and considerations for meeting compliance
    d. An approach for understand the “Gaps” in your current compliance and, importantly, how best to move forwards
  • BrightTALK at RSA 2017: Chenxi Wang on Diversity and the Future of Cyber Warfare
    BrightTALK at RSA 2017: Chenxi Wang on Diversity and the Future of Cyber Warfare Chenxi Wang, Founder of The Jane Bond Project & Josh Downs, Community Manager, BrightTALK Recorded: Mar 23 2017 11 mins
    BrightTALK caught up with Chenxi Wang, Founder of The Jane Project and Twistlock's Chief Strategy Officer for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The Yahoo Breach and some of her suspected reasons why
    - The influence of the supposed Russian US election hack and what it means for cyber warfare
    - Diversity in the cyber industry and how it can be improved
    - AI & Machine learning and use cases for security
    - The key vulnerabilities in IoT networks that we should be thinking about
  • What does the European GDPR mean for businesses in Asia Pacific?
    What does the European GDPR mean for businesses in Asia Pacific? Brian Fletcher, Director - Government Affairs, Symantec and Thio Tse Gan, Practice Lead - Cyber Risk Services, Deloitte SEA Recorded: Mar 23 2017 55 mins
    With the advent of Big Data came not only new ways to optimise business and marketing processes, but also new concerns over the control and privacy of personal data. This gave rise to the General Data Protection Regulation (GDPR), a modernisation and harmonisation of data protection laws in the European Economic Area.

    The GDPR gives individuals greater control over their personal data, while also streamlining regulation and fostering consumer trust in businesses. However, with implementation just around the corner in 2018, over 90% of businesses are still underprepared for compliance within the next two years(1).

    Join this webinar to learn about:
    •What GDPR entails and what the timelines are
    •Who's who in the protection of personal data
    •Business concerns with the GDPR
    •Key steps of the journey towards GDPR compliance
    •How Symantec Control Compliance Suite Assessment Manager (CCS AM) can help your organisation with GDPR compliance

    (1) Vanson Bourne Survey, 2016
  • #Vault7 Happened. There’s No Going Back. Now What?
    #Vault7 Happened. There’s No Going Back. Now What? Tony Busseri/Route1, Nick Bilogorskiy/Cyphort, Darin Andersen/CyberTECH, Jonathan Dambrot/Prevalent, James Carder/LogRhythm Recorded: Mar 22 2017 60 mins
    It's alleged that the CIA developed tools designed to spy on people, taking advantage of weaknesses in smart connected devices such as smart phones, smart TVs, smart personal assistants, and other household IoT technologies.

    In this discussion, we do a walk-through of what happened, what didn't happen, what systems and devices are impacted, and what data is involved in the leaks. Most importantly, we'll get some insight into what the larger societal impact of this could be.

    Join us for this in-depth conversation to learn:
    - Where stuff broke down.
    - Who is impacted, how are they impacted, and what’s at risk.
    - What the government can do to help.
    - What the commercial InfoSec community can do to help.
    - What consumers need to know to help (protect) themselves.

    FEATURED EXPERTS
    Darin Andersen, Chairman & Founder, CyberTECH
    Nick Bilogorskiy, Sr. Director of Threat Operations, Cyphort
    Tony Busseri, CEO, Route1 Inc.
    Jonathan Dambrot, CEO & Co-Founder, Prevalent
    James Carder, CISO & VP of LogRhythm Labs

    YOUR MODERATOR
    Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine
  • State of the Money Transfer Industry: Challenges and Opportunities in 2017
    State of the Money Transfer Industry: Challenges and Opportunities in 2017 Hugo Cuevas-Mohr, Director at IMTC Conferences and Mohr World Consulting; Fernando Fayzano, CEO at Pontual Money Services Recorded: Mar 22 2017 64 mins
    A tale as old as time: the want and need to move money, transfer it. And for the last 150 years that need has been met by the Money Transfer Industry. Today, this need is still as relevant as it was back then when the first money transfer took place, and so are the businesses providing that service. The Money Transfer Industry is, in fact, fundamental for the world economic activity.

    Much has happened since that first wire transfer: migration trends changes, de-risking, technology innovations, new business models, stricter regulations, higher regulators’ expectations, and the rise of FinTech; but the role of Money Transfer Organizations is just as important as ever; or maybe even more.

    With an outlook such as this, we are looking to industry experts for guidance to navigate these unknown waters. To understand the trends that will be defining the Industry in 2017, and how you can make sure your organization is ready the face the challenges, and make the best of the opportunities to come.

    Join Hugo Cuevas-Mohr, Director at IMTC Conferences and Mohr World Consulting; Fernando Fayzano, CEO at Pontual Money Services; and Jose Caldera (moderator) VP of Products at IdentityMind Global in discussing:

    - The top of mind issues that are keeping Industry leaders busy (and up at night) in 2017
    - AML and Fraud Prevention: strengthening your processes through technology
    - De-Risking: What’s in store for the year ahead?
    - Land ahoy! - The promise of new markets: the unbanked and underbanked
    - Going digital: What it means to your business
  • Top 10 Barriers for DevOps – and How to Avoid them for your 2017 rollout
    Top 10 Barriers for DevOps – and How to Avoid them for your 2017 rollout Shashi Kiran, Chief Marketing Officer at Quali. Recorded: Mar 22 2017 58 mins
    What are the top 10 barriers to DevOps adoption and best practices to overcome these barriers.
    Quali conducted a survey of 2045 professionals to gauge the state of DevOps and Cloud adoption, pain points and best practices. The survey concluded on Dec 31st 2016. This presentation will share the key insights from the survey, top 10 barriers to DevOps adoption as well as best practices that can help overcome these barriers. This will be an informative session for DevOps and Cloud architects, application owners, technologists as well as IT infrastructure professionals that are responsible for planning and deployment of DevOps tools and processes.
    Quali builds software to create cloud sandboxes – these are on-demand, self-service environments that can automate and orchestrate Cloud and DevOps deployments.
  • Detect and Block Apache Struts Bug Across Your Enterprise
    Detect and Block Apache Struts Bug Across Your Enterprise Vikas Phonsa Director Product Management Web App Firewall and Frank Catucci Director Product Management Web App Scanning Recorded: Mar 22 2017 62 mins
    A critical vulnerability has been found in Apache Struts 2, and it is being actively attacked in the wild, as hackers jump at the chance to hit high-profile targets by exploiting this critical bug.

    Apache has issued an emergency security alert, classifying this as a high-risk vulnerability. If left unaddressed, organizations are at risk of remote code execution attacks, which could lead to complete system compromise.

    During this webcast, Qualys Product Management Directors Vikas Phonsa (Web Application Firewall) and Frank Catucci (Web Application Scanning) will show you how Qualys' complete, end-to-end security solutions can detect and patch the vulnerability so that you can keep your business-critical information safe from attackers.

    With Qualys Vulnerability Management, Web Application Scanning, and Web Application Firewall, you can find Struts in your environment quickly, comprehensively, and at scale, as well as shield your organization from Struts attacks while you identify and patch vulnerable systems.

    This webcast will include a live demo and Q&A session.
  • CASBs for IaaS
    CASBs for IaaS Salim Hafid, Product Marketing Manager Recorded: Mar 22 2017 37 mins
    Enterprises are quickly moving their corporate data and custom internal apps to IaaS platforms like AWS, but many lack the visibility and control they need over business-critical workloads. Services like S3 and RDS, for example, store massive volumes of sensitive data that your organization must protect.

    In this webinar, we explore how Cloud Access Security Brokers (CASBs) are evolving to protect IaaS with granular access controls, real-time DLP, tokenization, and more. Learn how a CASB can help you achieve compliance and protect data across your IaaS apps.
  • 20/20 vision into your cloud security: CISO interview and case study
    20/20 vision into your cloud security: CISO interview and case study Maurice Stebila, CISO, IT Security, HARMAN International & Ralf Buchroth, RWE Supply and Trading Recorded: Mar 22 2017 55 mins
    With the growing adoption of private and public cloud platforms, many security teams feel that they are losing visibility and control. From the very basics of identifying which cloud services are being used, to the monitoring of security policies and potential violations, new solutions and procedures are required to regain control.

    Join us for this discussion of cloud security challenges and how they can be addressed. The webinar will feature an expert interview with Maurice Stebila, CISO at HARMAN International, who will share his insights and experience around security challenges in the cloud, much like he did recently at RSA conference in San Francisco.

    In the second half of the webinar, you will learn how one of Tufin’s customers, Ralf Buchroth, IT Infrastructure and Provider Management at RWE Supply and Trading, has deployed Tufin to address challenges of visibility and control in the cloud and across a hybrid network environment.
  • Assessing and Building a Risk Conscious Culture
    Assessing and Building a Risk Conscious Culture Priti Sikdar (B.Com, FCA, DISA, CISA, CISM, CRISC, ISO 27001 LA, BS 25999 LA, COBIT (FC), BCCS, PRINCE 2 (FC)) Recorded: Mar 22 2017 64 mins
    Risk Culture in an organization is dependent on the ‘tone at the top’. Management plays a pivotal role in molding the risk culture. Risk management is a part of the IT Governance framework in the organization. No business can function without taking into consideration the internal and external risk factors; in fact risk can be adverse, risk can be positive when it turns opportunity into profit.
    As a part of internal audit function, an auditor will see enterprise risk corresponding to the business objectives, mission and long term and short term policies of the organization. But it is observed that the greatest impediment in the compliance to risk standards set by management is the absence of a risk centric culture which has to be woven into the fabric of the organization right from the induction stage when a new employee enters the organization, to defining his roles and responsibilities to including risk compliance into the KPI and building an awareness and training culture where risk is always on agenda to be discussed.
    In this presentation, I wish to bring the experiences of our audience under a single platform and discussing certain modes of assessing and building a risk conscious culture whether we belong to industry or we are on the assurance side. We shall emphasize culture as a vehicle to ride our risk initiatives and bring in effectiveness and compliance.
  • Detecting Network Threats: What Can Endpoint Data Tell You?
    Detecting Network Threats: What Can Endpoint Data Tell You? Greg Foss, Security Architect, LogRhythm & Chris Berninger, Senior Systems Engineer, Carbon Black Mar 28 2017 9:00 am UTC 60 mins
    Data-driven security is the future, but alarm fatigue and data overload continue to hold Security Operations teams back. Fortunately, there are some easy ways to organise and correlate data so you can simplify the threat hunting process and free up your resources to better detect, respond and neutralise advanced threats.

    In this webcast, Greg Foss, Security Architect at LogRhythm, and Chris Berninger, Senior Systems Engineer at Carbon Black, discuss how to proactively search for and detect threats in your network.

    You’ll learn:

    • To use endpoint data to gain visibility into your network and understand what’s really going on in your network
    • How LogRhythm SmartResponse can help orchestrate security operations
    • Threat hunting techniques using Carbon Black within LogRhythm

    Register now to discover how to use insights from endpoint data to best protect your organisation from advanced attacks.
  • 7 domande da farsi se si è alla ricerca di una soluzione Endpoint efficace
    7 domande da farsi se si è alla ricerca di una soluzione Endpoint efficace Daniele Nicita, Consulting Systems Engineer, FireEye Italia Mar 28 2017 9:30 am UTC 45 mins
    Oggi tutti parlano di Endpoint, il panorama è piuttosto confuso, i messaggi marketing sembrano essere tutti uguali indipendentemente dal vendor che li propone.
    Quali sono le domande da porsi per fare chiarezza?
    Partecipa ad un webinar live dove Daniele Nicita analizzerà le 7 domande che più spesso si è sentito fare e che aiutano a chiarire questo mondo degli Endpoint in rapidissimo cambiamento.
  • Ensuring Maximum Protection—How 3 Security Vendors Approach Their Own Security
    Ensuring Maximum Protection—How 3 Security Vendors Approach Their Own Security Alvaro Hoyos, David Baker, David Farrow, Gene Meltser Mar 28 2017 5:00 pm UTC 60 mins
    Security vendor products are held to a higher standard of security—and for good reason as the very existence of their organization could be at risk due to a vulnerability. Many of these vendors are turning to bug bounty programs to not only find any vulnerabilities in their products and services, but also to provide assurance to their clients.

    Join our security panel for a live discussion on the following topics:
    1. What unique appsec challenges come along with complex & high-risk environments
    2. How to design security programs to provide robust coverage of those technologies
    3. Why bug bounties were so quickly adopted within the security industry
    4. Open Q&A with the panelists

    Featured speakers:
    Alvaro Hoyos, Chief Security Officer @ OneLogin
    David Farrow, Sr Director, Information Security @ Barracuda Networks
    David Baker, VP Operations @ Bugcrowd, formerly CISO @ Okta
    Gene Meltser, Enterprise Security Architect @ Sophos
  • How to Automate Protection with Azure Cloud Backup and DRaaS
    How to Automate Protection with Azure Cloud Backup and DRaaS Dustin Sawicki & Jordan Pfingsten, Technical Solutions Professionals, Microsoft Mar 28 2017 6:00 pm UTC 60 mins
    Learn the ins and outs of Disaster Recovery as a Service with simple, automated protection and disaster recovery in the cloud.

    Your environment can be protected by automating the replication of the virtual machines based on policies that you set and control.

    Join this webcast to:
    - Learn how Site Recovery can protect Hyper-V, VMware, and physical servers, and how you can use Azure or your secondary datacenter as your recovery site
    - See how Site Recovery coordinates and manages the ongoing replication of data by integrating with existing technologies including System Center and SQL Server AlwaysOn
    - Understand the total picture of Disaster Recovery as a service (DRaaS)

    This webcast is part of our Think Tank Thursdays – DOE & DHS Dialogue webcast series. Sign up for this session, or the entire series today!
  • Protection of Personal Data – Getting in Shape for GDPR
    Protection of Personal Data – Getting in Shape for GDPR Bob Mann Mar 29 2017 9:00 am UTC 75 mins
    With the EU General Data Protection Regulation (GDPR) just over 12 months away, now is the right time for organizations to review their data governance and protection requirements. Employing data classification is now the best practice standard in the first step to achieving a holistic data-centric security strategy to ensure you comply with EU GDPR and other regulations. But where do you start and how do you overcome challenges to implement classification successfully?

    During this session, with his extensive experience delivering data governance and classification projects for leading global brands, Bob Mann (CISO) will explore the common challenges encountered within data classification projects. He will provide real-world guidance for senior security, audit and risk professionals on how to accelerate your GDPR compliance initiatives.

    Why should I attend this webinar?

    This webinar will provide you with practical advice identifying how data classification can help improve your data governance measures and get your data protection processes in shape in advance of EU GDPR

    This presentation will also explore the different approaches to data classification and uncover the top tips and practical steps to make data classification that much easier to implement in your organisation.
  • Introducing the industry's first Secure Internet Gateway in the cloud.
    Introducing the industry's first Secure Internet Gateway in the cloud. Brian Roddy, Engineering Executive, Cloud Security and Bobby Guhasarkar, Director Product Marketing, Cisco Umbrella Mar 29 2017 3:00 pm UTC 60 mins
    The world is evolving… from how we work to where we work and how we access our sensitive data. Is your security keeping pace with the changes?

    Find out how you can block threats like never before with the industry’s first Secure Internet Gateway in the cloud.

    Join Cisco Security Experts: Brian Roddy, Engineering Executive, Cloud Security and Bobby Guhasarkar, Director Product Marketing, Cisco Umbrella, on Wednesday, March 22nd at 10am PT for a can’t miss review of what needs to be your first line of defense in 2017.

    Attendees will see why Cisco Umbrella provides visibility unlike any other security platform:

    -Protects users on and off network
    -Provides broadest coverage of malicious destinations and files
    -Defends against known and emergent threats over all ports and protocols

    Register and learn why you need a Secure Internet Gateway that’s easy to deploy and manage, uncovers attacks before they launch AND integrates with your existing security investments.

    Your security starts here.
  • How to automate security investigation and remediation for real time response
    How to automate security investigation and remediation for real time response Barak Klinghofer, Co-Founder and CPO, Hexadite and Steven Forsyth, RnD Manager, HPE Security ArcSight Mar 29 2017 4:00 pm UTC 60 mins
    The effectiveness of a security system depends on how quickly it detects and responds to threats. Is your security system able to tackle security challenges in near real time, while reducing false positives so analysts can focus on critical events and Indicators of Compromise (IOCs)?

    HPE Security ArcSight ingests large volumes of security events and correlates against IOCs in real time to identify potential threats. Hexadite Automated Incident Response Solution (AIRS) takes these security alerts in real time and performs investigation and remediation at scale.

    Learn how the combination of these two systems gives you the ability to:
    • Gain visibility across the entire IT footprint
    • Detect security threats in real-time
    • Automate incident investigation
    • Perform automated or semi-automated remediation actions
  • ISACA Certifications Information and Update
    ISACA Certifications Information and Update Kim Cohen Mar 29 2017 5:00 pm UTC 60 mins
    Becoming ISACA certified is one of the best ways to prove you have the knowledge and expertise to secure the modern enterprise against escalating IT-related threats and get ahead in your career. Attend this webinar and learn about the CISA, CISM, CGEIT, CRISC certifications, as-well as ISACA’s CSX performance-based cyber security products.
  • How to Approach Portfolio Risk Aggregation
    How to Approach Portfolio Risk Aggregation Samit Shah Mar 29 2017 5:00 pm UTC 45 mins
    Join us on Wednesday, March 29th has Samit Shah, BitSight's Insurance Solutions Manager discusses how cyber insurers should approach portfolio risk aggregation and how other businesses can use this mindset to decrease risk across their portfolio of vendors.
  • Identity & Access Management in Healthcare: Strengthening IT Security
    Identity & Access Management in Healthcare: Strengthening IT Security Craig Eidelman & Alfred Ojukwu, US Health and Life Sciences, Microsoft Corporation Mar 29 2017 6:00 pm UTC 60 mins
    Help strengthen security through effective identity management, monitoring, and protection

    Microsoft solutions can help strengthen security through effective identity management, monitoring and protection. We’ll provide an overview of the capabilities of Azure Active Directory, and Microsoft’s Identity and Access Management cloud solution (IDaaS). With capabilities including Identity Protection, SSO to thousands of SaaS apps, conditional access policies, self-service password reset, discovery and many more, Azure Active Directory is the most comprehensive IDaaS solution.

    Join this webcast to learn how to:
    • Enable single sign-on to any cloud and on-premises web app, even with iOS, Mac OS X, Android, and Windows Devices
    • Easily extend Active directory to the cloud and continue protecting sensitive user information, data and apps
    • Protect on-premises web apps with secure remote access, simultaneously reducing cost and enhancing security with self-service

    This webcast is part of our Modern Workplace in Healthcare webcast series. Sign up for this session, or the entire series today!
  • Sécuriser ses applications web dans un environnement Cloud complexe
    Sécuriser ses applications web dans un environnement Cloud complexe Leif Kremkow, Directeur Technique, SEMEA Mar 30 2017 8:00 am UTC 60 mins
    Avec des entreprises qui déploient et gèrent de plus en plus leurs applications web dans le Cloud, sécuriser ses applications web est devenu complexe.

    Les nouvelles technologies comme JavaScript frameworks et SPAs complexifient les opérations de scan des applications web ; et parallèlement collecter, traiter, classer est devenu une opération laborieuse, chronophage et sans fin.

    L’objectif de ce webcast est de vous montrer en 3 points comment Qualys peut vous aider à
    * Scanner, découvrir et indexer des applications quelque soit l’environnement cloud, et ce aussi bien pour les vulnérabilités que les sites web mal configurés.
    * S’adapter en permanence à la complexité des technologies des applications web.
    * Construire un programme de scan, ergonomique, précis et évolutif via une infrastructure réseau et des applications web.

    Inscrivez-vous au webcast et découvrez comment Qualys peut vous aider à sécuriser vos applications web.

    Session question/réponse.
  • Block The Risk Of Ransomware
    Block The Risk Of Ransomware Jonathan Korba, System Engineer, Symantec, and Q&A Mar 30 2017 10:00 am UTC 30 mins
    Ransomware is becoming a more prevalent problem and attackers are becoming more straightforward; not even bothering to masquerade as legitimate agencies anymore. You may be wondering what you can do. First we would encourage you not to pay and then put protection in place so you won’t be victimized again.

    Learn how Symantec Endpoint Protection 14 can help protect you from future ransomware attacks:

    • What are your options if you’re a victim of ransomware
    • Why Symantec Endpoint Protection 14 can address ransomware better than other solutions
    • How Symantec technologies work together for maximum protection

    And if that isn’t enough, watch Symantec's Endpoint Protection in action. We will share a demo with you that showcases the power of it's advanced technologies.
    Register Now!
  • Ransomware Wins! User Awareness Doesn't Work! What Do you Do?
    Ransomware Wins! User Awareness Doesn't Work! What Do you Do? Amar Singh & Industry Experts Mar 30 2017 1:00 pm UTC 60 mins
    Nope this is NOT another webinar on How to Protect Against Ransomware blah blah blah.

    If you reckon that users (yes that includes you and me) are the first line of defence against ransomware! Sorry to break it to you but you are WRONG! We are all humans and we make mistakes and ransomware creators know that.

    You have a choice.Hope and or pray that your awareness training protects your employees and your business from becoming a ransomware victim OR attend this webinar and learn what you can do to protect your business.

    Note: This is not your typical webinar. Cyber Management Alliance’s unique and interactive approach to webinar’s allows everyone to have a say and share their knowledge. The host, Amar Singh firmly believes that every member of the audience has valuable input and that each attendee brings their own context and perspective. So, join in, share and learn.
  • Stroke of genius; The only known way to fully protect against keystroke loggers
    Stroke of genius; The only known way to fully protect against keystroke loggers Peter Ridgley, President, Verterim inc. CJ Brunet, President, Advanced Cyber Security Mar 30 2017 3:00 pm UTC 60 mins
    Reduce the costs and risks associated with incident response through stronger prevention. According to the 2016 Verizon Data Breach Report, the majority of confirmed data breaches involved stolen passwords. Learn what your peers are doing to reduce the impact of stolen credential breaches and other sensitive data right at their fingertips.  Join Peter Ridgley President of Verterim and CJ Brunet, President of Advanced Cyber Security on March 30th at 11 a.m. est. for an overview on overcoming the business challenges and preventions for advanced cyberattacks. Learn how encryption at the keystroke level can help prevent these attacks and address PCI, Healthcare, Financial Services and other regulatory requirements at the same time.
  • FireEye in 2017
    FireEye in 2017 Kevin Taylor, EMEA VP; Grady Summers, EVP & CTO Mar 30 2017 3:00 pm UTC 45 mins
    Over the years the security market has evolved, as has the threat landscape. The threats have changed from being a nuisance, to ones that are specifically targeted to carry out activity such as theft of intellectual property, exposure of sensitive customer data, or holding the victim to ransom. Organisations need to keep evolving their security program to keep up.

    There are several challenges that FireEye has observed that reduce the ability to self-discover and operationalise response to breaches: lack of visibility, lack of intelligence, too many tools, too many alerts or not enough expertise.

    Join us in a live webinar and listen to Grady Summers, FireEye’s CTO and Kevin Taylor, FireEye’s VP for EMEA, as they describe how FireEye in EMEA can support organisations in overcoming all these challenges, learn about the new platforms FireEye has to offer and the intelligence required to build a next generation security program.
  • Effective Application Security Testing at DevOps Speed: Get Started
    Effective Application Security Testing at DevOps Speed: Get Started James Rabon, Fortify Product Mgr/Security Specialist, HPE and Poonam Yadav, Fortify Product Mgr/Security Specialist, HPE Mar 30 2017 5:00 pm UTC 60 mins
    Is your business challenged with competing priorities and resources when it comes to application security testing and the need for more rapid application development? Are you impacted by costly and cumbersome remediation of security issues? In a world of competing requirements, how can your application security keep up with the rapid pace of development, and still remain effective?

    Learn how some of the most advanced and innovative application security customers tackle this problem by:

    • Using automation - where modern security tools are being included in the “treat infrastructure as code” mantra

    • Making static and dynamic analysis of applications more efficient and effective

    • Integrating application security throughout the software development lifecycle (using a DevOps toolchain)

    • Gaining visibility and insights into production application behavior and exploits via low-impact Continuous Monitoring

    • Protecting security flaws in production to buy time for true remediation
  • Businesses Held Hostage: Are You Ready for a Ransomware Attack?
    Businesses Held Hostage: Are You Ready for a Ransomware Attack? Scott Crawford, Research Director at 451 Research & Matthew Gardiner, Senior Product Marketing Manager at Mimecast Mar 30 2017 5:00 pm UTC 60 mins
    No organization is immune to a ransomware attack. In recent months, nearly half of all malware blocked by Mimecast for its 20,000 customers has been ransomware.

    The motivation to pay can be strong, particularly given issues such as criticality of business assets, digital infrastructure, or even safety of life in some cases – but a far better strategy is to be prepared for the threat, before ransomware strikes.

    How ready is your organization to face a ransomware attack? Join Scott Crawford, Research Director of information Security at 451 Research, and Matthew Gardiner, Senior Product Marketing Manager with Mimecast to explore:

    -The impact of ransomware: Just how serious a threat is it?
    -How could ransomware get into your organization?
    -Why is ransomware happening more now than ever before?
    -How can you best defend against a ransomware attack…before it locks up your critical information assets?
  • Key eDiscovery Trends and Case Law for 2017
    Key eDiscovery Trends and Case Law for 2017 Doug Austin and Julia Romero Peter, Esq. Mar 30 2017 5:00 pm UTC 75 mins
    2016 was an important year in eDiscovery.  Did you catch all of the important events and developments that occurred over the course of the year?  If you didn’t, here is your chance to catch up!  This webcast will cover key events, trends, and developments that occurred over the course of last year and how they impact those in the eDiscovery community.  Examples of trends being covered are:

    + Evolution of eDiscovery Technology
    + Privacy Trends in the US and Internationally
    + Key Trends in Cybersecurity and Data Breaches
    + Continued Evolution of Artificial Intelligence in the Legal Space
    + What Happens Every Minute on the Internet
    + Proliferation of Rules Regarding Attorney Technical Competence
    + Important Cases in Technology Assisted Review
    + Key 2015 Federal Rules Changes and How They Impacted Case Law
     
    “Doug Austin’s presentation Key Discovery Trends and Case Law in 2016 at the February meeting of Houston Association of Litigation Support Managers was insightful and thought provoking. The overview of relevant 2016 case law clearly demonstrates how the 2015 changes to the FRCP are directly impacting decisions from the bench.”

    Patti Zerwas, Discovery Project Manager | Haynes and Boone LLP

    Presenters Include:
     
    Doug Austin: Doug is the VP of Ops and Professional Services for CloudNine. At CloudNine, Doug manages professional services consulting projects for CloudNine clients. Doug has over 25 years of experience providing legal technology consulting, technical project management and software development services. Doug is also the editor of the CloudNine sponsored eDiscovery Daily blog.
     
    Julia Romero Peter, Esq.: Julia is General Counsel and VP of Sales with CloudNine. At CloudNine she leads the sales team and has extensive experience in information governance, data discovery and legal discovery. Julia received her J.D. from Rutgers Law School - Newark, and her B.A. in History with a minor in education from Columbia University - Barnard College.
  • How Are You Managing Cyber Risk From Your Third-Party Relationships?
    How Are You Managing Cyber Risk From Your Third-Party Relationships? Ryan Curran, Senior Sales Engineer Mar 30 2017 6:00 pm UTC 45 mins
    Outsourcing and strategic partnerships have become a staple in today's business climate, enabling organizations to drive business value and stay ahead of the competition. However, moving company information outside of its own defense perimeter opens an organization up to a myriad of cybersecurity vulnerabilities. Organizations need to have the tools and resources to determine the risk from 3rd party relationships and manage that risk in a timely and consistent manner.

    In this webinar, Senior Sales Engineer Ryan Curran will help you learn how to:
    ~ Identify and monitor threats targeting your extended ecosystem
    ~ Use a threat intelligence platform for third-party risk management workflows
    ~ Leverage Threat Indicator Confidence Scoring and pre-packaged threat intelligence to start monitoring 3rd parties within minutes
  • Security: It's Not a Privilege, It's a Right
    Security: It's Not a Privilege, It's a Right Alex Shteynberg, Technology Architect, Microsoft Corporation Mar 30 2017 6:00 pm UTC 60 mins
    Control and manage your data with the confidence. Microsoft Office 365 helps keep your data safe, maintaining privacy, and meeting compliance requirements at all times.

    Join this session to learn:
    - How Office 365 gives you the control to log and manage data access workflows directly with datacenter engineers
    - Security, compliance, and privacy approach to help ensure that your data is protected
    - Leading global compliance standards, such as HIPAA, FISMA, and ISO 27001
    - Best practices in data center design, data loss prevention, zero-day advanced threat protection and threat intelligence