The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
In today’s era of ‘Bring your own device’ (BYOD) mobility and ‘Internet of Things’ (IoT) devices proliferating networks as unknown or unmanaged connections, the cyberattack surface for most any organization continues to grow at an alarming rate. No longer can organizations rely on guarding their perimeter and trusting they know everyone and everything that is accessing their network. Proactive threat prevention in today’s BYOD and IoT era requires continuous network access visibility and intelligence as well as being able to automatically apply context-aware security policies such as segmenting devices and users without having to re-build networks or knowing the devices upfront.
Webinar topics include:
- Network security trends and challenges, including the more destructive ransomware, cryptoransomware, wipers, etc.
- Risk prevention architecture considerations
- Best practices based on real world experiences
BAI will share some of its key learnings based on extensive experience implementing successful solutions that target attacks while creating more highly available, responsive, and automated networks. BAI is a team of Security Architects who have provided Automated Detection, Prevention, and Orchestration to protect Government Agencies, Higher Education and Fortune 1000 commercial accounts.
The signs that the security market is ready for disruption are here. Join in discussion with Nir Zuk, Palo Alto Networks co-founder and CTO, on how the security market is evolving and maturing and ultimately, ready for disruption.
The December 31, 2017 deadline for protecting Controlled Unclassified Information (CUI) and complying with the NIST Special Publication 800-171 standard is fast approaching.
Join PKH Enterprises and TITUS for a discussion on strategies to help federal agencies and contractors meet the main CUI requirements as established by NIST 800-171 and DFARS 252.204-7012. These experts will provide an analysis of the most challenging compliance areas, and offer insights to help organizations prioritize their next steps.
Building a culture of cybersecurity is critical to every organization no matter the size. Join Aaron Cohen, Director of Cyber Security Services, to learn more about how to strengthen your organization’s cyber resiliency.
Register for this webinar to:
Hear about the biggest threats and challenges facing organizations
Learn about the stages of the attack lifecycle and how to prepare for each stage
Understand how to increase your resiliency and train your team
Learn why organizations must ensure they understand what personal data they hold and where it exists across the organization. In this session, we will discuss data-centric technologies like DLP and examine how they help organizations to find personal data and understand risk.
This is the first in a two-part series on governance, risk and automation.
In Part I, we will explore concepts central to IT governance and risk. The presenters will use a conversational style to describe IT governance, how it works, and then go deeper into one central aspect, risk.
Part II will build on the foundation presented in part one and describe how these issues are managed in an automated solution.
Are we prepared to deal with malevolent AI? Artificial Intelligence (AI) can bolster defenses by analyzing vast volumes of data and assist cyber security professionals the converse is true as well; malevolent AI can assist hackers find their targets faster and launch attacks faster. Finding effective vulnerability threat pairs is difficult for multiple reasons. In an asymmetric war defenders have to know all possible vulnerability threat pairs, while an attacker will get away by knowing just a few successful ones. Our goal is to achieve a proof of principle for how we can predict successful vulnerability threat combinations using AI, without the need to brute force thousands of combinations. In this webinar, RiskSense CEO Srinivas Mukkamala will discuss with RiskSense Security Researchers Sean Dillon and Ben Mixon-Baca a recent case study where the combination of human expertise and Artificial Intelligence (AI) was able to mimic a human hacker to find vulnerable threat pairs and launch exploits at a tremendous scale.
Up-front design of your cloud environment can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Security by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability across, such as:
- Organizational governance
- Asset inventory and control
- Logical access controls
- Operating system configuration
- Database security
- Applications security configurations
Why this session:
Cloud Computing is becoming the new normal, the question isn’t “if” anymore, it’s really just “how fast can we move?” and “what are we going to move first”
Because of this trend organizations need to understand their security and compliance capabilities and shared responsibilities for security as they migrate resources to the cloud. Whether its clinical trial simulations with Bristol Myers-Squibb, who uses AWS to run clinical trial simulations for 64% less cost; in 1.2 hours vs. 60 hours or Galata Chemicals who are running their development and test workloads in the cloud. Organizations need to start with a “Secure by Design approach, which support security at scale as they increase their use of cloud resources.”
This talk will focus on how compliance can be transitioned from a costly manual burden to a business enabler using automation. One of the biggest challenges faced by organizations today is the use of manual methods like spreadsheets and email for compliance management. This long-time practice is unable to keep pace with the myriad of workflows and processes required which leads to constant firefighting, fines, increased cost and loss of accountability. Adopting an automated platform brings the benefits of being compliant in less time using a streamlined assessment process with better business alignment, accountability, higher profits and lower costs.
Cloud adoption represents a major IT transformation, a shift in culture and a new way of financing your infrastructure. It presents new cost and security challenges, requiring governance and control across the organization. And it also needs a proactive team to take ownership and direction of the migration process.
In this Cloud Leaders Panel: Industry Perspectives from a CEO, CISO, & CFO, Steve Hall, VP of Marketing at CloudCheckr, will be joined by Bob Hale - CEO at Alterian, Mike Pinch - CISO at University of Rochester, and Dan Wacker - CFO at ClubReady. During this interactive discussion, we’ll uncover what the cloud means to each panel expert from their own unique perspective and learn what the key drivers are to successfully shift an organization to a cloud-first approach.
Did you know that 80% of data breaches implicate lost, stolen and weak credentials, as well as excessive access as culprits? NIST’s National Cybersecurity Center of Excellence (NCCoE) is helping companies better understand how to apply standards-based, commercially available technologies to improve their cybersecurity posture. The NCCoE’s security control mappings, reference designs, and lab implementations can be used as roadmaps or checklists for organizations looking to bolster their cybersecurity programs. Join CA and (ISC)2 on October 12, 2017 at 1:00PM Eastern for our ThinkTank where our expert panel will take an in depth look at how Identity Management is shaping the recommendations and requirements for the next generation of cyber security controls.
Federal contractors that process, store or transmit what’s called Controlled Unclassified Information have until December to implement new, more stringent security guidelines to protect that information. Chances are your organization already meets some of the requirements, but it’s unlikely that you meet them all. Join us to identify what’s new, what’s not, what you have to do and how to assess the impact.
As organizations and workplaces evolve, less control is exercised over devices, services, and people, leading to a gap with traditional security tools. Identity not only becomes the critical control point, but the information stemmed from it can be leveraged to strengthen existing processes as well as integrate with other security investments. Join this webinar to learn why identity isn’t simply just a "first step" but also the foundation modern security should be built on. Then explore what characteristics a strong authentication solution should include as we demo Okta’s Adaptive MFA solution.
In today’s digital marketplace, consumers and businesses increasingly expect to be able to make instant payments, wherever they are, and at any time of day. The adoption of real-time payments capabilities is very much an essential for banks who wish to retain market share and capture new customers.
Chief Information Security Officer Reveals How With Arbor Spectrum.
Attackers continuously have new tools, tactics and practices in their weapons arsenal. Human defenders must shift their strategies to more proactively uncover meaningful threats, and find ways that dramatically accelerate threat investigation.
Join us to hear:
- NETSCOUT’s Chief Security Officer discuss how the Arbor Spectrum threat analytics platform was used to help her team take detection and investigation to a new level.
- In depth examples of how security teams can begin or enhance their detection and investigation of attack campaigns.
In our first two classes, we have looked at the needs of a cloud-based IoT solution and how to design and build it. In this final class our expert instructor will cover the critical aspects of how to test and deploy our IoT solution, and more importantly, how to keep it secure and operational through ongoing monitoring and maintenance. We will look at how Device Cloud enables ongoing monitoring and maintenance for the devices through the entire life cycle of the IoT solution from design through end-of life. Particular elements to be covered will include Device Cloud functionality such as edge management and data management. Still in its relative infancy, the IoT is already being hacked at an alarming rate. We need to include the tools and the platform to stay one step ahead, keep our devices secure and up-to-date, and maintain a vigilant ‘eye’ on the system throughout its life. Sponsored by Wind River.
The rapid rise of hybrid cloud and multi-cloud infrastructure is enabling business agility and cost reduction, but at what price to infrastructure security? Concerns over increased hacking and malicious attacks, regulatory compliance, and internal auditing are driving infrastructure decision-makers to think again about protecting sensitive data in multiple cloud workloads, and what security solutions to spend their budgets on. At the same time, the lack of skilled talent, rapidly evolving cloud security offerings, and the management of legacy environments is creating additional strain on protecting data.
In this session, Rory Duncan, Research Director with 451 Research will outline market trends and disruptive factors facing the security services market, sharing demand-side primary research and providing insight into areas of innovation.
A discussion on the Global implications of GDPR, with Hogan Lovells
Join Hogan Lovells' Privacy and Data Protection Lawyer, Eduardo Ustaran and Forcepoint Deputy CISO Neil Thacker for a live webcast, as they discuss the global implications of the General Data Protection Regulation (GDPR).
Whilst awareness of the GDPR is increasing, the broader impact is still misunderstood: any Global organization that holds or processes EU resident data will be subject to the regulation.
In this webcast, they will discuss:
- Which key principles of the GDPR regulation widely affect organizations
- How prepared global organizations are to meet the May 2018 deadline
- The latest information and guidance from the Article 29 Data Protection Working Party
- What can be learned from organizations who are at an advanced stage in their GDPR preparations
- The positive return to the organization from undertaking a GDPR readiness program
Standard security solutions have continued to improve in their ability to detect and block malware and cyberattacks. This has forced cybercriminals to employ stealthier methods of evading legacy security to achieve success, including launching fileless attacks, where no executable file is written to disk.
Join CrowdStrike security experts for a webcast, "Understanding Fileless Attacks and How to Stop Them," where you'll learn why so many of today's adversaries are abandoning yesterday's malware and relying on an evolving array of fileless exploits. You'll learn how fileless attacks are conceived and executed and why they are successfully evading the standard security measures employed by most organizations. You'll also receive guidance on the best practices for defending your organization against these stealthy, damaging attacks.
Join this webcast to learn:
-How a fileless attack is executed — see how an end-to-end attack unfolds -Why fileless attacks are having so much success evading legacy security solutions
-How you can protect your organization from being victimized by a fileless attack, including the security technologies and policies that are most effective
As organization’s storage needs grow and expand geographies, they find that they do not have a comprehensive plan to rapidly recover from a natural disaster, cyberattack, or equipment failure. To make matters worse, companies that rely on traditional backup and recovery solutions are simply not able to keep up with the increasing data needs of today’s enterprise. These systems are overly complex, costly, and don’t scale well with the business.
A comprehensive answer to these data growth challenges is merging cloud backup with disaster recovery (DR). A unified solution that is cloud-native provides unlimited scalability, instant availability, long-term retention, and minimizes the impact on the business in case of a disaster. This seamless manageability and visibility of data across a range of locations and applications is crucial for long-term success.
Join Senior Analyst of Storage Technologies, Steven Hill of 451 Research and Druva’s Senior Product Marketing Manager, Seyi Verma, where they’ll highlight:
- The growing need for updating and improving disaster recovery and data backup
- What factors to consider when building a BCDR plan
- What to beware of when evaluating legacy and hybrid models for backup and DR
- How cloud‐native backup and DR provides immediate failover to minimize downtime and impact
- And more!
Many teams throughout the enterprise—security, network, IT operations—lack the insights needed to make confident, data-driven decisions. People cannot access the data they need quickly, resulting in waste, slow response times, and expensive incidents.
With the announcement of version 7.0, ExtraHop provides real-time and empirical data all teams can benefit from through complete visibility, faster incident resolution, and stronger security.
In this webinar, we will cover the new ways we are helping our customers reveal the shape and context of their digital enterprise by demonstrating:
• Live activity maps that allow for unprecedented visual environment exploration
• Automated anomaly workflows—including new security anomalies
• Scheduled reports that share real-time views of the information that matters most to each user
Whether you are an individual or an organisation, it is useful to understand the inner workings of the cybercriminal world and to be aware of the threats targeting you, your money and your information.
One way cybercriminals obtain the resources and connections they need to engage in their activities is through the Internet underground or “dark web.” Definitions of the Internet underground may vary, but to Secureworks, it means the collection of Internet forums, digital shop fronts and chat rooms that cybercriminals use to form alliances, trade tools and techniques, and sell compromised data that can include banking details, personally identifiable information and other content.
Join the Counter Threat Units E-Crime lead Alex Tilley as he talks through the undergorund like never before.
This webinar will cover:
* Key findings from our visibility into criminal forums and technical monitoring of global criminal activity
* Cybercrime categories and the significant risk to individuals ad organisations
* The complexity of the criminal landscape and diverse capabilities of threat actors
* The continuation of online crime as a market economy
Fortinet's Enterprise Firewall is an industry leader in completeness of vision on how to protect your network from the edge to the core to the cloud. Attend this webinar to understand how the Fortinet Enterprise Firewall.
- Leverages FortiGate, FortiGuard, FortiManager and the recently released FortiOS 5.6 to provide the highest performing and most flexible protection of your network
- Is deployed by enterprises like the Pittsburgh Steelers to ensure the toughest defense against threats; and
- How and why the solution has been recognized as a leader by top analyst firms in the industry
We invite you to join Frost & Sullivan and our panel of experts as they discuss the growing threat of ransomware, and provide practical advice on raising your cybersecurity defences using a predictive cybersecurity approach to ransomware protection.
Panel of speakers
Charles Lim: Industry Principal - Cybersecurity Practice, Frost & Sullivan
Zhanwei Chan: Group Security Senior Product Manager, Dimension Data
Kevin Leahy: Senior Vice President, Data Centre, Dimension Data
Al Huger: VP Engineering - Security, Cisco
The move to digital business is exposing the limits of existing trust infrastructures. Rapid growth in the number of deployed certificate authorities (CAs). Increased burden on multiple PKI point solutions deployed to address specific problems. And while IT grapples to support tactical implementations of PKI, the demands of digital business overwhelmingly require a more strategic and holistic approach.
What's required is a centralized yet agile overarching trust framework that can easily accommodate multiple use cases today and in the future.
This webinar looks at the steps you can take to build an agile trust infrastructure with a centralized PKI deployment.
* Digital Trust at Scale Learn how to build a PKI that supports endpoint diversity, evolving and multiple use cases and integration with complimentary solutions.
* Streamline PKI Deployment Discover how a trust infrastructure can be deployed and managed across your organization to mete the requirements of today's dynamic and distributed business models
* Simplify 3rd Party CA Key Migration Find out how you can migrate certificates from other vendor systems without having to distribute a new trust anchor and without the need to generate new keys and certificates.
Learn how Pulse Secure’s latest Secure Access solutions are protecting the latest information architecture transformation and investment.
Our latest Secure Access software release includes stronger portfolio integration, expanded ecosystem interoperability, and revamped admin UX.
Along with these highlights, we will show you the tech in action with live demos of Pulse Cloud Secure and Profiler. We are excited about securing your digital footprint with this exciting release. Don't miss out!
In this webinar, join Cisco and CSPi as they discuss how automated breach notification takes Cisco’s incident response services to a whole new level. With FirePOWER and nVoy the incident response process can start immediately after a breach is verified and therefore be completed faster, in some cases the full impact of a breach can be determined in minutes.
This can be extremely powerful for companies which rely on managed services providers for their cyber breach incident response strategy. With FirePOWER and nVoy Cisco’s IR professional services team will proactively monitor the solution for you and will receive email notifications when a potential incident is occurring against your organizations critical assets to trigger IR activity as per services contract.
Shortening the breach identification and investigation phase provides several benefits:
- Meet stringent data privacy compliance regulations, like GDPR
- Focus efforts on effective forensic analysis and remediation
- Limit breach exposure and the expenses related to handling breaches
Join us for our follow-up webcast with a focus on Authentication, Global Protect, and User ID enhancements to get a quick overview of SAML Authentication, Global Protect Clientless VPN and other selected new features and enhancements that PAN-OS 8.0 adds to your Palo Alto Networks Security Platform. Attendees will:
•Learn about the key capabilities introduced by 8.0
•See the value of the update to security deployments
•Receive a voucher for 8.0 training course - $500 value
The rapid adoption of cloud applications and services has fueled the need for new security solutions, such as Cloud Access Security Brokers (CASBs). But how do these systems weave into your overall security infrastructure? There are many intersections to consider, such as DLP, Advanced Malware Protection, Web Security and Endpoint where organizations are navigating how to best integrate cloud security into their environment. This talk will explore this next frontier of CASB solutions.
SIEM solutions have been widely adopted to help IT teams collect and correlate data from a variety of security point products. However, traditional SIEM deployments require a great deal of time, money & expertise to properly normalize data feeds, create correlation rules to detect threats & continuously tune those rules to limit false positives. And, after all that work is done, it has to be continuously re-done as the network & threat landscape changes.
AlienVault takes a different approach to SIEM. Join this webcast to learn how AlienVault Unified Security Management (USM) overcomes the most common SIEM challenges with:
Built-in capabilities like asset discovery, vulnerability assessment, intrusion detection, orchestrated incident response, and log management
Continuously updated correlation directives, vulnerability signatures, incident response guidance, and more
Fully integrated, real-time threat intelligence from the AlienVault Labs Security Research Team and the AlienVault Open Threat Exchange (OTX)
The ability to monitor on-premises and cloud environments including AWS and Azure, as well as cloud applications like Office 365
The modern science of securing applications to a broad range of devices.
Do you want people accessing your data from that device? Do you know where that device has been? Would you trust that device to protect your personal data? While cloud applications offer tremendous benefits over traditional on-premise, IT Executives face many challenges involving data security and compliance. Unmanaged devices, unauthorized access, and unsanctioned apps are all significant threats, increasing the risk of data leakage and being the next organization in the headlines. Cloud access security brokers, or “CASBs” are the tools technology leaders have turned to, protecting data across applications, and mitigating other malicious threats.
In this webinar, Benjamin Massin, CEO of The SCE Group, and Gleb EvfaresTov, Solutions Engineer at Bitglass, will discuss how to balance the benefits of moving to the cloud, while implementing a security solution, protecting identities and data end-to-end.
Zero Trust is revolutionizing network security architecture: it is data-centric and designed to stop data breaches. Zero Trust also adds a layer of agility to modern networks that is impossible to do in traditional network designs. These 21st century networks have been adopted by government entities and large enterprises around the world.
In this session, John will discuss the concept of Zero Trust and explain why Zero Trust is the world's only true cybersecurity strategy. He will show a Zero Trust Strategy will achieve tactical and operational goals. This session will demonstrate how Zero Trust will not only transform network security but function as a business enabler, by focusing on the businesses grand strategic objectives.
Abstract: Can you afford not knowing how bad your provider's IP reputation is? How likely are IP addresses adjacent to you of being infected with malware or participating in botnets?
NSFOCUS has been tracking the reputation of IP addresses globally by ASN for over a year and recently released the August 2017 Global IP Reputation report. Some interesting patterns have emerged worldwide as the number of IP addresses added to reputation lists continues to increase due to Mirai, WannaCry and other malware infecting the Internet of Things.
NSFOCUS SecLab is tracking IP reputation across 9 categories, including SPAM, DDoS, botnets, and web attackers. This talk will present global IP reputation trends and rank the countries with the worst IP reputation…and it may not be China.
Part 6 of 7: NIST Cybersecurity Framework for Healthcare Webinar Series
The final piece to the puzzle is the RECOVER function, which is arguably the most important area of the NIST CSF. How quickly can you return to business and clinical operations after a cyberattack occured?
This webinar will focus on the measures required for a timely recovery and return to normal operations to reduce the impact from a cybersecurity event, with a focus on:
• Recovery Planning: Processes and procedures are executed and maintained to ensure timely restoration of systems or assets.
• Improvements: Planning and processes are improved by incorporating lessons learned.
• Communications: Restoration activities are coordinated with internal and external parties.
To view upcoming NIST Cybersecurity Framework for Healthcare Series Part 7 https://resource.elq.symantec.com/LP=4235
How much visibility do you have via Secure Access end-points – from the Data Center, to the Cloud, to Devices and Applications hitting your network?
Join Pulse Secure for a compelling Webinar Centered on Pulse One – its’ leading edge Monitoring-Visibility Solution. Configured correctly, Pulse One also enhances compliance alliance, segmentation and pro-active management and consolidation for Secure Access at the front-edge of your network.
With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.
This session will discuss Identity and Data Protection solutions for enterprise security, organizations can take a data-centric approach to their security posture, all while controlling access to the infrastructure and applications they rely upon — both on-premises, and in public and private clouds.
Join ecommerce and cybersecurity experts from BigCommerce, Coalition Technologies and Signifyd for an in-depth discussion on the opportunities and pitfalls associated with various methods of growing your business.
Join our guest, Dr. Ted Marra as he introduces his new strategic leadership course in Global Risk Academy.
During the webinar we will cover:
How does a truly strategic organization think? What is strategic thinking versus strategic planning? What are the vital few factors that will determine your organisation’s long-term success or failure and are they on your radar screen?
Who should attend.
People with 10 years management experience minimum up to and including C-Level in all disciplines responsible for strategic decisions or large scale operational issues - so they have large budget and many people reporting to them.
Managers and senior management from all areas of the organisation having responsibility for planning and achievement of key business objectives.
Why you should attend.
- Reflect on how you got where you are as an organisation;
- What factors were critical to your success? What factors were the basis for your success?
- What held you back – prevented you from being even more successful?
- What could you have done differently
Understand what are the most critical factors that will better ensure your organisation is a “winner” in the future (e.g., next 3-5 years).
Find out which ones you may be missing and what to do about it before it’s too late and you become just an “average or good” organisation when, with a little effort and the right strategic thinking and creativity, you could take the organisation to the next level of performance and move toward “greatness”.
How to build exceptional stakeholder relationships and why doing this is critical in especially in turbulent times.
Enterprises are seeking ways to reduce the scope and complexity of securing their Network’s Edge. Data breaches can cost companies millions of dollars in reduced revenue, shareholder value, fines, and diminished brand loyalty.
IT managers concerned about their connected-network systems have turned to Parallel Networking to create application-specific networks to protect cardholder data while enabling customer engagement and improving operations.
Parallel Networking enables organizations with hundreds or thousands of distributed locations to enhance security and PCI Compliance at the Network’s Edge.
Join Cradlepoint for a webinar to learn about the benefits of Parallel Networking, real customer success examples, and best practices for greater security at the Elastic EdgeSM.
Join Jack Hamm and Simon Gibson from the Gigamon SecOps as they demonstrate how to use automation and visibility to take the boredom out of repetitive tasks. One of the featured use case will be how to automate tasks to find and block Kaspersky in government organizations.
Security practitioners use a variety of tools and information sources to spot potential threats, evaluate each event and then act to mitigate. They are challenged by little interoperability between security tools, plus the cost of these tools across the network and cloud can be prohibitive.
During this lively webinar, hosted by Security Solutions leader, Graham Melville, you will see how Gigamon and the Phantom security automation and orchestration platform can help you reduce mean time to resolution. The team will show how you can provide wider visibility and automate the tasks your security staff repeats on a frequent basis.
Simon and Jack will demonstrate:
•How to generate indicators of compromise to trigger Phantom to execute customized playbooks with specific actions.
•How to automate tasks to find and block the use of Kaspersky in government organizations.
•How to streamline dozens of sources to gain insight into security events.
•How to gain visibility to the necessary traffic from all segments of your networks without buying more security tools.
•How you can reduce the load and turn on more features on your security tools such as Next Gen Firewalls.
Alongside an expanding attack surface resulting from the growth of cloud, mobile and IoT, organizations are now increasingly faced by internal threats. Insider threats, compromised accounts, administrator abuse and other user-based threats are some of the most damaging vulnerabilities and the hardest to detect. This has led to the evolution of user and entity-based analytics (UEBA) solutions, designed to address user based threats, and through the use of artificial intelligence (AI) and machine learning these solutions are advancing threat detection capabilities in modern security operation centers.
In this webinar, Mark Settle, LogRhythm Product Marketing Manager, and Samir Jain, Senior Product Manager, UEBA, will discuss the evolving UEBA market, and advancements in the technology fueling these solutions.
Webinar attendees will learn:
•How advancements in AI and machine learning technology are enabling security analytics and in particular UEBA.
•Why security analytics solutions are moving to cloud infrastructure, and the security implications compared to on premise platforms.
•What security mature organizations are asking for versus what is being delivered
•Whether UEBA solutions are better delivered via security analytics/SIEM platforms, or via stand alone solutions