Shadow IT – Risk and Reality

Paula Skokowski, VP of Products, Accellion; Darrin Reynolds, CISSP, VP, Infosec, DAS, Div of Omnicom, Rob Ayoub, CISSP, Frost
While technology can be a difference maker for organizations, when employees or business go “rogue” and bring in products and services without permission, it can cause problems. This phenomenon, known as “Shadow IT”, is spreading as technology solutions become more plentiful and can be purchased with a credit card and the click of a button. This opens up a Pandora’s Box of problems for the enterprise. Join (ISC)2 and Accellion on August 18, 2011 at 12:00pm Noon Eastern for a roundtable discussion on this emerging threat and find out what the risks, realities and solutions are.
Aug 18 2011
65 mins
Shadow IT – Risk and Reality
Join us for this summit:
More from this community:

Health IT

Webinars and videos

  • Live and recorded (699)
  • Upcoming (17)
  • Date
  • Rating
  • Views
  • Forty-four states, DC and four territories have adopted the Common Core State Standards (CCSS). This means that school districts across the country are planning for 100% online assessments during the 2014-2015 school year. One of the most important conditions needed for being able to administer online assessments is network infrastructure readiness.
    Attend this 30-minute webinar and join Gavin Lee, Senior K-12 Business Development Manager at Juniper Networks, to discuss the critical network must-haves that all school districts should consider when looking to deploy a robust and supportable network. You will also receive practical guidance on how to get the most out of your network infrastructure and how to best prepare for the CCCSS assessments:
    • Consortia network infrastructure
    • Wired and wireless network capabilities
    • Robust network security
    • Network support readiness
    • Juniper Networks network infrastructure readiness resources
  • Heartbleed is not an exploit you want to ignore as an IT professional. It exposes passwords and cryptographic keys, and requires not only that you patch OpenSSL for each of the services using the OpenSSL library, but also that you replace the private keys and certificates so that attackers won’t be able to use any of the data compromised by the vulnerability. The simplicity of the exploit makes it powerful. It appears that over a half million websites are vulnerable.
    In this session we'll cover:
    What you need to know about the Heartbleed vulvnerability
    How to detect it using AlienVault USM
    How to investigate successful Heartbleed exploits
  • SharePoint 2013 features a new app model that allows you create easy-to-use, lightweight web applications that integrate popular web standards and technologies to extend the capabilities of a SharePoint website. Join our live webcast for an overview of Microsoft’s new SharePoint app model and learn:

    • How to configure app development for SharePoint on-premises
    • How developers can kick-start app development using SharePoint Online
    • What the differences are between provider-hosted and autohosted apps for SharePoint
  • As most IT Pros are aware, as of April 8th, 2014, Microsoft will stop releasing security patches for Windows XP. Unfortunately, most folks will not be able to migrate all Windows XP machines by that deadline. How will you limit the security risks posed by these now vulnerable assets? Join us for this webinar outlining practical strategies to help you cover your assets.
    In this session we'll cover:
    The primary attack vectors you need to consider
    Immediate actions you can take to limit the exposure of your XP assets
    Warning signs to watch out for that could signal an attack
    How to closely monitor your vulnerable assets with AlienVault USM
  • Join this unique roundtable chat with three InfoSec Professionals who have recently climbed the BYOD mountain and come back down to share their stories. We’ll discuss the industry and regulatory differences, managing user expectations of privacy, legal implications and technical pitfalls in this 60 minute Security Leadership Series webinar, brought to you on April 10, 2014 at 1PM Eastern in partnership with Capella University.
  • Virtual Desktop Infrastructure (VDI) is now a mature technology that is being adopted by organizations with increasing popularity. However, the user community who needs high-end graphics capabilities in their work (such as 3D modelling and simulations) were somewhat skeptical about the capabilities and performance of VDI with applications using 3D graphics, compared to the performance they can expect from a physical PC or workstation with a dedicated GPU. Recent advances in VDI help make this performance gap narrower by providing the capabilities for either a pool of virtual desktops (shared GPU) or, to a specific virtual desktop (GPU pass through), depending on the user requirements.

    Join Teradici for a deep dive on Graphics Processing Unit (GPU) deployment options for VMware Horizon View and walk away with the GPU knowledge to increase productivity and accelerate your application performance in your virtual environment. In this webinar, we will discuss GPU technology related to Virtual Shared Graphics Acceleration (vSGA),Virtual Dedicated Graphics Acceleration (vDGA) and Teradici PCoIP Hardware Accelerator deployment options available today. We will also explore how using PCoIP Hardware Accelerator in combination with a GPU allows you to expand and enhance your VDI deployment to provide a rich and interactive graphical experience across a broad set of use cases and ensure application performance.

    Key Takeaways
    • Understand the graphics acceleration options for VMware Horizon View
    • Learn how PCoIP Hardware Accelerator complements GPU implementations to improve 3D application performance
  • Virtual Desktop Infrastructure (VDI) is now a mature technology that is being adopted by organizations with increasing popularity. However, the user community who needs high-end graphics capabilities in their work (such as 3D modelling and simulations) were somewhat skeptical about the capabilities and performance of VDI with applications using 3D graphics, compared to the performance they can expect from a physical PC or workstation with a dedicated GPU. Recent advances in VDI help make this performance gap narrower by providing the capabilities for either a pool of virtual desktops (shared GPU) or, to a specific virtual desktop (GPU pass through), depending on the user requirements.

    Join Teradici for a deep dive on Graphics Processing Unit (GPU) deployment options for VMware Horizon View and walk away with the GPU knowledge to increase productivity and accelerate your application performance in your virtual environment. In this webinar, we will discuss GPU technology related to Virtual Shared Graphics Acceleration (vSGA),Virtual Dedicated Graphics Acceleration (vDGA) and Teradici PCoIP Hardware Accelerator deployment options available today. We will also explore how using PCoIP Hardware Accelerator in combination with a GPU allows you to expand and enhance your VDI deployment to provide a rich and interactive graphical experience across a broad set of use cases and ensure application performance.

    Key Takeaways
    • Understand the graphics acceleration options for VMware Horizon View
    • Learn how PCoIP Hardware Accelerator complements GPU implementations to improve 3D application performance
  • Today’s distributed business is forcing enterprises to build new data centers, adopt clouds, and move existing servers and clusters of servers to geographically distributed locations in order to provide nonstop, reliable, and secure access to critical business applications for users anywhere, anytime. As a result, connecting and sharing these resources securely across this landscape of multi-site data centers and clouds is not a choice — it’s a requirement. But interconnecting data centers is hard, and requires close coordination across different IT teams. Virtual networking and software defined networking (SDN) only exacerbate the problem.
    Join us and learn more about how Juniper Network’s holistic approach to interconnecting data centers and clouds simplifies and accelerates the deployment and delivery of applications within and across multiple data center locations. Register now to attend!
  • SLC transporter-mediated drug–drug interactions (DDI) can significantly impact the pharmacokinetics and safety profiles of drugs. The regulatory agencies (FDA/EMA) recent guidance documents recommend testing six SLC transporters for potential DDI: OATP1B1, OATP1B3, OAT1, OAT3, OCT1 and OCT2. The 2013 drug transporter white paper published by the International Transporter Consortium (ITC) identified additional drug transporters relevant to drug development, including the Multidrug and Toxin Extrusion SLC transporters: MATE1 and MATE2-K. The webinar will introduce a novel cell-based SLC transporter model system - the recently launched “Corning™ TransportoCells™” - for studying regulatory agency recommended SLC transporters. The new system provides a convenient “thaw and go”, high performing mammalian cell model which supports regulatory agency recommendations for evaluating transporter mediated drug-drug interactions in vitro. In this webinar, we will provide an overview of the product validation and applications for the TransportoCells™ transporter model system. Validation data will also be presented for the newly available MATE1 and MATE2-K Corning™ TransportoCells™.
  • Channel
  • Channel profile
Up Down
  • Countering Adversaries Part 3: Hacktivists and SQL Injection Attacks May 22 2014 5:00 pm UTC 75 mins
    Activists break into organizational web applications and databases to find personal and organizational data in order to expose this private information. The Verizon Data Breach investigations report says “Hacktivists generally act out of ideological motivations, but sometimes just for the fun and epic lutz.” In this third webcast of a three part series, (ISC)2 and Oracle will examine their number one tool of choice: SQL injection attacks. SQL injection attacks are both simple to perform and difficult to detect. We’ll discuss detecting and blocking SQL injection attacks in order to protect your most sensitive customer and organizational data from “epic lutz”.​
  • Out of Sight, Out of Mind? – Advanced Techniques of Evasion May 8 2014 5:00 pm UTC 75 mins
    The combination of several known evasion methods into new attack strategies, Advanced Evasion Technique (AET) attacks can provide attackers with unseen and undetectable access inside your network. AETs are exploiting weak detection points in firewalls and IDS, all the way down to the packet level. Even worse, AET’s are known to mutate, sometimes rapidly, as attackers drive innovation in their methods. Join (ISC)2 and McAfee for a discussion on the AET threat and how defend against it on May 8, 2014 at 1:00pm Eastern for our next roundtable webinar.​
  • Countering Adversaries Part 2: Organized Crime and Brute Force Apr 24 2014 5:00 pm UTC 75 mins
    Hailing from Eastern Europe and North America, organized criminals have a penchant for using brute-force hacking and multiple strands of malware to target financial and retail organizations for monetary gain, according to the Verizon DBIR. It is common for these cybercriminals to directly access databases and extract payment cards, credentials, and bank account information. Join (ISC)2 and Oracle as we discuss tactics employed by these cybercriminals and how organizations should implement a defense in depth database security strategy to help mitigate the threat.
  • From The Trenches: BYOD Program Deployments Recorded: Apr 10 2014 62 mins
    Join this unique roundtable chat with three InfoSec Professionals who have recently climbed the BYOD mountain and come back down to share their stories. We’ll discuss the industry and regulatory differences, managing user expectations of privacy, legal implications and technical pitfalls in this 60 minute Security Leadership Series webinar, brought to you on April 10, 2014 at 1PM Eastern in partnership with Capella University.
  • Countering Adversaries Part 1: Espionage and Stolen Credentials Recorded: Mar 27 2014 60 mins
    By profiling criminal activity, the Verizon Data Breach Investigations Report has been able to identify three distinct threat actors including espionage, organized crime, and activists. Organizations can take proactive steps to mitigate potential risks by understanding each threat actor’s methods and targets. In this three part series, (ISC)2 and Oracle will examine these three threat actors, the industries they target, and how to protect sensitive customer and organizational data. We begin with countering espionage threats and their preference for using stolen credentials.
  • Quick decisions - Using Real Time Security Management to Make the Right Call Recorded: Mar 20 2014 60 mins
    Ferris Bueller famously said “Life moves pretty fast. If you don’t stop and look around once in a while, you could miss it”. The same can be said of security practitioners. Their job and responsibilities move quickly and change suddenly based on shifting threats, business pressures and constant auditing. Today's security professional has to make quick “reads” and decisions about how to react. Real-time security management tools can assist in “looking around” several critical security areas such as defenses, awareness, monitoring and response. The data and critical information distilled help to inform the quick and decisive decisions needed when acting on a security incident or threat where speed is important. Join (ISC)2 and McAfee for our Roundtable on March 20, 2014 at 1PM Eastern when we look at the use of real-time security management to make quick and correct decisions for your organization. ​
  • Keeping Pace with PCI Changes Recorded: Feb 18 2014 58 mins
    With the release of of PCI DSS v3.0 in November, the PCI Standards Council has raised the bar for retailers, card processors and application developers. While the Council allows 14 months for companies to shift to the new standard, the analysis needs to begin now. Join (ISC)2 and Bit9 on February 18, 2014 at 1PM Eastern for a Roundtable discussion where we'll go beyond just enumerating the changes and dive into how this latest release will impact your organization in 2014.
  • Security Series Part 6: Unleashing the Power of Big Data through Secure APIs Recorded: Feb 13 2014 62 mins
    Quite often what makes an organization unique can be found in the volumes of data it has stored and hidden from the outside world. But while access is prevented and data is protected, new revenue streams are prohibited. Please join us to learn how securely externalizing your core Big Data assets through a Secure API Data Lens can result in new business models and revenue streams never attainable until now.
  • Security Series Part 5: Key Takeaways from 2013 & Predictions for 2014 Recorded: Jan 16 2014 59 mins
    Opening up the enterprise to enable new, revenue generating ways of engaging employees, partners, and customers, while still protecting the business and privacy continues to present new opportunities and evolve in the marketplace. As 2014 starts out, it’s time to review which important trends have emerged or shifted in the last year, and predict what we expect will happen in the world of identity and cyber-security in the coming year. Our takeaways and predictions are based on gathering thoughts and ideas from many practitioners and industry experts, and synthesizing it down to a key set of insights that provide a clear understanding of where the world of identity and security is going. Please join us for a thought provoking, actionable discussion on where we’ve come and where we are heading in the identity marketplace.
  • Security Series Part 4: The Economics of Digital Identity Recorded: Dec 19 2013 61 mins
    Digital identities help solve a crucial problem in today’s highly interconnected IT world-namely knowing the identity of the individual interacting with you. Unfortunately, there are no ways to perfectly determine the identity of a person or thing in cyberspace. Even though there are numerous attributes associated to a person’s identity, these attributes or even identities can be changed, masked or dumped. This session will look at how organizations can leverage these existing digital identities in a manner that does not increase risk or impede user productivity and satisfaction and also share some recent research from the Ponemon Institute on this topic.
  • Crime Scene Investigation Recorded: Dec 17 2013 61 mins
    While breaches happen more often than infosecurity practitioners would like, no two breaches are the same. Some breaches are simply nuisance incidences where nothing of value is accessed and remediation is put in place. Others reveal themselves as a full blown criminal act and require a full investigation, forensic examination and the involvement of law enforcement. However, many breaches fall in a “gray area” in which the decision to investigate fully becomes a difficult call. Join (ISC)2 on Tuesday, December 17th at 1pm for a roundtable discussion on when to deploy forensics tools, what digital evidence to gather and how and why to bring in law enforcement.
  • Protecting Patient's Sensitive Data - Dealing With The Final HIPAA Omnibus Rule Recorded: Dec 12 2013 61 mins
    On September 23, 2013, the HITECH Omnibus Final Rule went into effect. The final ruling has far reaching authority and penalties for noncompliance; unfortunately, most are unclear what the requirements mean for their organization and how to protect their sensitive customer data. Join (ISC)2 and Oracle on December 12, 2013 at 1PM Eastern for a roundtable discussion covering the following:

    • The important legal requirements surrounding breach notifications
    • Business Associates’ responsibility and “willful negligence”
    • What healthcare organizations are doing to secure the 66% of sensitive and regulated data that resides in their databases.
  • Security Series Part 3: Accelerate Mobile App Delivery: API Security for DevOps Recorded: Nov 21 2013 61 mins
    The relationship between Development and Operations continues to become more intertwined as cloud and mobile service expectations rise. Faster application release cycles and improved quality equates to improved operational performance and customer satisfaction. But how can good API Security & Management practices help to accelerate the delivery of mobile apps? And what’s the most effective way to secure them? Please join us to discuss API Security & Management practices to improve your DevOps application delivery process.
  • Hiding in the Clouds Recorded: Oct 31 2013 61 mins
    The mad rush to cloud services, coupled with the "consumerization of IT" has brought about the perfect storm for the enterprise, but what about the risks to the consumers themselves. Join (ISC)2 and Capella University for this Security Leadership Series Roundtable on October 31, 2013 at 1:00pm Eastern where we will explore the legal and technical risks faced by your friends, family and co-workers and how we, as Security professionals, can help them identify a safe and sound on-line experience for themselves and our enterprises that they inhabit.
  • Security Series Part 2: IAM as Cloud Services: Right Fit for Your Organization? Recorded: Oct 24 2013 62 mins
    Cloud computing services offer significant potential economic and operational efficiencies. However, these efficiencies are often accompanied by new regulatory requirements around the security of applications and data that are stored in the cloud.

    In addition, many organizations are seeing an explosion in the numbers of users that are interacting with their services, whether these are existing customers conducting transactions or ‘fans’ who are interacting with your services through social media. And while there are clear benefits from consuming IAM services from the cloud, there are important risk factors that have to be considered as well.

    This session will review the pros and cons of IAM Cloud Services and provide guidance and best practices based on specific use cases to help guide organizations to a model that meets their risk profile.
  • Security Series Part 1: Unifying the Fractured Enterprise One Channel at a Time Recorded: Sep 19 2013 62 mins
    As the enterprise expands and becomes more interconnected through the adoption of social identities, SaaS and mobile technologies, IT and Security practices must change. As the perimeter has evolved into a more connected and open environment, security has been fractured. This now requires the CIO and the entire IT and Security organization to quickly embrace a new identity-centric security model that enables continued business agility, all while protecting the business. During this webinar we will discuss the following topics:
    •Security implications of the new open enterprise and challenges dealing with the interconnectivity of users, apps and machines
    •Securely delivering new business services across multiple channels including Web, APIs and mobile
    •Enabling your new mobile and cloud business to connect through security standards such as OAuth and OpenID Connect
  • The Challenges and Benefits of Continuous Monitoring and BYOD Recorded: Sep 12 2013 57 mins
    They say knowledge is power. Possessing the ability to have increased visibility into your network traffic, devices, systems, apps and users can only increase your security, resilience and knowledge of what’s happening in your infrastructure. Join (ISC)2 along with sponsors Gigamon and ForeScout on September 12, 2013 at 1:00pm Eastern for our next roundtable webinar where we’ll examine key requirements and technologies for IT to gain enterprise visibility, control and automation. We’ll also discuss common network visibility, access and endpoint compliance gaps; BYOD, policy and security automation; and approaches to leveraging infrastructure and security investments that effectuate IT-GRC security controls.
  • Using New Design Patterns to Improve Mobile Access Control Recorded: Aug 29 2013 61 mins
    Security Briefings Part 3 - Using New Design Patterns to Improve Mobile Access Control

    The widespread popularity of consumer mobile applications continues to influence how corporate applications are being created and deployed. IT teams who initially deployed web gates to manage HTTP based web applications are under pressure to support a whole new set of native mobile communications and security protocols.

    On August 29, 2013 at 1PM Eastern, (ISC)2 and Oracle conclude their Security Briefings series with Part 3 as Oracle expert Sid Mishra joins Moderator Brandon Dunlap to discuss the patterns of mobile application access and the impact they have on your existing application infrastructure.
  • (ISC)2 Security Congress 2013 - Sneak Preview Recorded: Aug 21 2013 60 mins
    (ISC)2 will hold its 3rd Annual Security Congress at the Annual ASIS Conference this September in Chicago, IL. This year’s conference promises to be bigger and better as it brings together thought leaders in traditional and information security for three days of educational sessions and an exhibit floor featuring over 350 solution providers. Join (ISC)2 and several of the conference speakers who’ll be presenting at the Security Congress on August 21, 2013 at 1:00pm Eastern as we discuss their sessions, get a preview of what will be discussed at the event and examine some of the “hot button” issues facing security practitioners today.
  • Optimizing Directory Architecture for Mobile Devices and Applications Recorded: Jul 25 2013 58 mins
    Security Briefings Part 2 - Optimizing Directory Architecture for Mobile Devices and Applications

    Directories are the data stores of all modern Identity Management systems. Traditional directory architecture focused on a low number of directory writes and a very high level of reads.

    The advent of mobile devices and applications has dramatically changed the access load patterns on modern directories. Mobile applications are connected 24/7 and brings significant new features such as location-based services. This has created a new performance demand for an increased number of directory writes and updates. Join (ISC)2 and Oracle on July 25, 2013 at 1PM Eastern for Part 2 of our Security Briefings series where moderator Brandon Dunlap and Etienne Remillon examine how load patterns are changing best practices to install and how to optimize your directory architecture to meet the demand.
ThinkTank
(ISC)2 hosts a monthly panel discussion around different thought engaging topics within the information security sector.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Shadow IT – Risk and Reality
  • Live at: Aug 18 2011 4:00 pm
  • Presented by: Paula Skokowski, VP of Products, Accellion; Darrin Reynolds, CISSP, VP, Infosec, DAS, Div of Omnicom, Rob Ayoub, CISSP, Frost
  • From:
Your email has been sent.
or close
You must be logged in to email this