Hi [[ session.user.profile.firstName ]]

IT Security

  • 5 Key Barriers to IT/OT Integration and How to Overcome Them
    5 Key Barriers to IT/OT Integration and How to Overcome Them Dan Ortega - VP Marketing at Blazent Recorded: Jul 21 2017 4 mins
    Operational Technology (OT) consists of hardware and software that are designed to detect or cause changes in physical processes through direct monitoring and control of devices. As companies increasingly embrace OT, they face a dilemma as to whether to keep these new systems independent or integrate them with their existing IT systems. As IT leaders evaluate the alternatives, there are 5 key barriers to IT/OT integration to consider.
    Business Process Knowledge
    Manageability & Support
    Dependency Risk – Two of the key challenges of enterprise IT environments are managing the complex web of dependencies and managing the risk of service impact when a dependent component fails or is unavailable. With traditional IT, the impact is typical to some human activity, and the user is able to mitigate impact through some type of manual activity. For OT, companies must be very careful managing the dependencies on IT components to avoid the risk of impacting physical processes when and where humans are not available to intervene and mitigate the situation.
    Management of OT Data – The data produced by OT devices can be large, diverse in content, time sensitive for consumption and geographically distributed (sometimes not even connected to the corporate network). In comparison, most IT systems have some level of tolerance for time delays, are relatively constrained in size and content and reliably connected to company networks, making them accessible to the IT staff for data management and support.
    Security – IT systems are a common target for malicious behavior by those wishing to harm the company. The integration of OT systems with IT creates additional vulnerability targets with the potential of impacting not just people and but also physical processes.
    Segmentation of IT
  • Comparing Next Generation Firewalls to Proxy
    Comparing Next Generation Firewalls to Proxy Mark Urban, VP Prod Mgmt/Prod Mktg, Symantec Recorded: Jul 21 2017 3 mins
    Learn about the complementary capabilities of Secure Web Gateways and Next Generation Firewalls and why each is important in an enterprise’s security infrastructure.
  • Taking Proxy to the Cloud
    Taking Proxy to the Cloud Mark Urban, VP Prod Mgmt/Prod Mktg, Symantec Recorded: Jul 21 2017 3 mins
    This quick video reviews the important capabilities a cloud-based proxy solution can provide enterprises and discusses key aspects of Symantec’s Web Security Service.
  • Protecting Sensitive Data in the Cloud
    Protecting Sensitive Data in the Cloud Mark Urban, VP Prod Mgmt/Prod Mktg, Symantec Recorded: Jul 21 2017 2 mins
    In this short video learn how Proxy and DLP enables information security on prem or in the cloud
  • Proxy Essentials
    Proxy Essentials Mark Urban, VP Prod Mgmt/Prod Mktg, Symantec Recorded: Jul 21 2017 3 mins
    This short video highlights the key capabilities of Secure Web Gateway proxies that enterprises need to implement to secure their use of web and cloud applications.
  • 3 Things to Know When Securing Mixed, Multi-Cloud Environments
    3 Things to Know When Securing Mixed, Multi-Cloud Environments David Gold of ProtectWise and Scott Register of Ixia Recorded: Jul 21 2017 57 mins
    Enterprises cannot move to the cloud quickly enough. In fact, Gartner estimates that by 2020, “cloud-first” and “cloud-only” will be standard corporate policies rather than exceptions.
    That’s a big problem for traditional security infrastructures. There’s a hodgepodge of disparate, disconnected security products that were not made to secure the cloud. Some vendors have “cloud-washed” their products, but these deliver questionable value. In real-world situations, these products perform poorly, lack critical functionality, and cannot provide the visibility time-strapped security teams require to be effective.

    ProtectWise and Ixia make it easy to secure workloads in the cloud, including multi-cloud environments, in addition to traditional on-premises networks. Running entirely from the cloud, the ProtectWise Grid delivers pervasive visibility via automatic real-time and retrospective threat detection, long-term retention of full-fidelity packet capture (PCAP) and unlimited forensic exploration. Ixia CloudLens™ simplifies capture of network traffic from public cloud, virtual, or physical environments and delivers it to The ProtectWise Grid seamlessly. Through this integration, ProtectWise and Ixia give security teams a single solution for end-to-end visibility across heterogenous public cloud, enterprise, and hybrid environments.

    Attend this webinar and learn how easy it is to secure the cloud with the joint ProtectWise-Ixia solution and:
    Why security in mixed- and multi-cloud environments can be difficult
    How moving to the cloud limits visibility for legacy security solutions
    How a modern approach to security provides pervasive visibility
  • A Closer Look at SentinelOne
    A Closer Look at SentinelOne Rajiv Raghunarayan, SentinelOne Vice President, Product Marketing, Raj Rajamani, SentinelOne Vice President, Product Recorded: Jul 21 2017 63 mins
    Our R&D teams have had a busy year thus far and we would like to invite you to learn more about recent releases and updates made to the SentinelOne platform.

    Rajiv, our VP of Product Marketing, will lead you through the changing threat landscape and provide an overall platform update. Including:
    VDI - full memory protection, threat visibility on decommissioned devices, and more
    Updates to On-Premise Appliance for Fed, Gov, and GDPR use cases
    A brief demo of SentinelOne with AWS workspaces
    Highlights about recent ransomware attacks and our new executive team
  • Ransomware Hostage Rescue Guide: Part 2 of 2
    Ransomware Hostage Rescue Guide: Part 2 of 2 Erich Kron CISSP, Security Awareness Advocate, KnowBe4 Recorded: Jul 21 2017 62 mins
    2016 was a “Ransomware Horror Show”. If you've been in the IT trenches over the past year, you've probably noticed that announcements of new ransomware strains are accelerating and there is no end in sight for 2017.

    In this webinar, we will cover the final 3 sections of the very popular KnowBe4 Ransomware Hostage Rescue Manual in depth.

    Join Erich Kron CISSP, Technical Evangelist at KnowBe4 for the webinar “Ransomware Hostage Rescue Guide, Part 2”. We will look at recent infections, give actionable info that you need to prevent infections, and cover what to do when you are hit with ransomware.
  • Improving Incident Response with Orchestration and Automation
    Improving Incident Response with Orchestration and Automation Bruce Schneier, IBM Resilient CTO Recorded: Jul 21 2017 3 mins
    To effectively respond to today’s complex cyberattacks, security teams need to coordinate their people and technology throughout the entire incident response (IR) process. When IR orchestration is supported by automation, organizations can accelerate their response and make their IR team more intelligent.

    In this video, IBM Resilient CTO Bruce Schneier compares and contrasts orchestration and automation, and outlines how organizations can orchestrate response with an incident response platform.
  • Why Office 365 Cannot Stop Phishing and Ransomware
    Why Office 365 Cannot Stop Phishing and Ransomware Michael Landewe, Cofounder Avanan Recorded: Jul 21 2017 24 mins
    Microsoft is struggling to stop phishing and ransomware in Office 365. Now there is a solution. Over 70 of the leading security vendors have joined together in one platform to create the most complete, cloud-native protection for SaaS-based email. Best of all, it works in parallel with Microsoft and Gmail to deploy as simply as an app-store one-click application.
  • Securing Business Intelligence on Salesforce.com with YubiKeys
    Securing Business Intelligence on Salesforce.com with YubiKeys Jerrod Chong (VP Solutions, Yubico), Itzik Koren (Director PM, Salesforce.com) Recorded: Jul 21 2017 21 mins
    As a Salesforce admin, you can allow your users to authenticate with a YubiKey any time they’re challenged to verify their identity. Once provisioned, users simply insert and tap their YubiKey to complete verification. It’s a secure, convenient alternative to using Salesforce Authenticator or one-time passwords sent by email or SMS.

    In this on-demand webinar, Itzik Koren (Salesforce) and Jerrod Chong (Yubico) demonstrate why it is important to activate U2F with single sign-on (SSO) on Salesforce.com, and the cost savings you can achieve with YubiKey as a hardware-based second factor.
  • Easy-to-Use MFA with Centrify Identity Service and YubiKeys
    Easy-to-Use MFA with Centrify Identity Service and YubiKeys David Maples, Solutions Architect Recorded: Jul 21 2017 42 mins
    In this webinar, we’ll show you real-life examples of the ways Yubico and Centrify provide context-based, adaptive authentication across enterprise users and resources. Across a wide range of use cases, Centrify and Yubico provide IT the flexibility to enforce security without user frustration.

    Centrify Identity Service can leverage the easy-to-use, multi-function YubiKey for use cases such as:

    -- Smart card AD-based login to Mac or Linux
    -- Smart card login to Centrify’s cloud service for SSO, secure remote access, or administration
    -- OATH OTP as a second factor for secure SSO to cloud apps
    -- OATH OTP for MFA to privilege elevation on servers
    -- Physical NFC token-based MFA for secure access to apps on mobile devices

    We’ll show you secure, simple, scalable solutions that both admins and users love.
  • Amnon Bar-Lev - Check Point Executive Interview
    Amnon Bar-Lev - Check Point Executive Interview Amnon Bar Recorded: Jul 21 2017 10 mins
    We asked Amnon about the current key issues in data security and why having up-to-date threat information is becoming increasingly important, in what way malware attacks can be prevented, and how this intelligence can be harnessed and applied to the mobile and cloud environments.
    We also learn about Check Point Software’s new security architecture, Software Defined Protection, and how it can be used to control your security environment by combining intelligence with segmenting your network.
    View Amnon’s Executive Interview to learn how Check Point Software’s new architecture and other security solutions can be of benefit to your organisation.
  • Building Consensus Between Legal, Records and IT on What to Save and Not Save
    Building Consensus Between Legal, Records and IT on What to Save and Not Save Ed Rawson (PNC), Michele Hanrahan (Sound Transit), Shawn Cheadle (LMCO), Mark Diamond (Contoural) Recorded: Jul 20 2017 60 mins
    Business units want a policy that allows them to save everything. Legal wants the minimum saved. IT just wants something easy to execute. What should we do? A committee is formed, with legal, IT, records management, HR, and others. The committee meets. Discussions ensue: Which are business records? How long should we save them? Do we allow exceptions?

    The committee meets again. And again. We’re stuck.

    Join Ed Rawson , Michelle Hanrahan, Shawn Cheadle and Mark Diamond as they discuss strategies for building consensus across your organization and making sure your initiative doesn't get stuck!

    About the speakers:
    Ed Rawson is a strategic, results-oriented thought leader who has dedicated over 30 years of his career to helping organizations manage their paper and digital content lowering cost and increasing productivity. Ed has helped organizations to align information with business value and operational direction to maximize the return on investments, lowering risk and maintaining compliance.

    Michele Hanranhan is Records Manager at Sound Transit since January 2015 and is leading a RIM group to implement ECM solution organization wide. She previously worked at Federal Home Loan Bank of Seattle, PATH, and Washington State Department of Transportation and has over 16 years of experience in Records and Information (RIM) with a variety of business, government and non-profit organizations. 

    Shawn Cheadle is General Counsel to the Military Space line of business at Lockheed Martin Space Systems. He supports government and international contracts negotiations, drafting and dispute resolution. He also supports information governance, eDiscovery, records management, counterfeit parts investigations, and other functional organizations at Lockheed Martin. He is an ACC Global Board Member, current Information Governance Committee Chair and former Law Department Management Chair, and former Board member and President of ACC Colorado.
  • YubiKey Smart Card Mode for Computer Login
    YubiKey Smart Card Mode for Computer Login David Maples, Solutions Architect Recorded: Jul 20 2017 19 mins
    Smart cards are highly secure and used globally in environments with enhanced security concerns and usability demands. However, smart cards are cost prohibitive for many organizations. The YubiKey changes that.

    Watch our webinar on the YubiKey as a smart card for computer login. This webinar included end-user demonstrations on Windows, Windows RDP, and Mac machines.

    Learn about:
    - Cost-saving advantages of the YubiKey as a smart card
    - Native support across Windows, Mac, and Linux
    - Best practices for configuration and deployment considerations
  • Challenges with Fintech Compliance, and Cybersecurity to the Rescue
    Challenges with Fintech Compliance, and Cybersecurity to the Rescue Angelo Purugganan, Chief Information Security Officer at Arctic Wolf Networks Recorded: Jul 20 2017 26 mins
    In this webinar we are going to:
    - explore top cyber threats that fintech companies face
    - identify the monitoring and detection compliance requirements common to Federal and State Regulations

    We will be talking to Angelo Purugganan, Chief Information Security Officer, at Arctic Wolf Networks, to get his perspective on the how security analytics and continuous monitoring can simplify compliance using a SOC-as-a-Service provider.

    Most fintech transactions today happen at a fast pace, served through web applications using a combination of mobile devices and legacy systems, with some level of protection. While beneficial to small and medium fintech companies, consumers and regulatory agencies are apprehensive about protecting customers personal data and detecting cyber attacks over the internet which impact the integrity of financial transactions.
  • Get Ready for DFARS - A CloudCheckr Workshop
    Get Ready for DFARS - A CloudCheckr Workshop Patrick Gartlan, CloudCheckr CTO Jeff Bennett, Allgress President/COO Tim Sandage, AWS Sr. Security Partner Strategist Recorded: Jul 20 2017 40 mins
    The clock is ticking on the latest cloud compliance mandate: NIST Special Publication 800-171, otherwise known as DFARS (Defense Federal Acquisition Regulation Supplement). Any organization or contractor that holds or processes unclassified Department of Defense (DoD) data must ensure that they comply with the new DFARS clause.

    December 31, 2017 is the ultimate deadline by which to prove compliance, so action is recommended as soon as possible.

    In this webinar, Patrick Gartlan (CloudCheckr CTO), Jeff Bennett (Allgress President/COO), and Tim Sandage (AWS Sr. Security Partner Strategist) will lead an interactive workshop on what DFARS regulation means for your business, specifically:

    ✔ Specific requirements of the DFARS regulation

    ✔ Key controls that CloudCheckr provides to help you meet DFARS requirements

    ✔ Tools from Allgress that map DFARS requirements to CloudCheckr features
  • Ensuring Data Protection with NIST Cybersecurity Framework
    Ensuring Data Protection with NIST Cybersecurity Framework Renault Ross, Chief Cybersecurity Business Strategist North America, Symantec Recorded: Jul 20 2017 32 mins
    When it comes to your data, regardless of your country or industry, you likely have compliance regulations to adhere to. We understand the challenges this can bring to your IT and compliance teams.

    Adopting the NIST Cybersecurity Framework (CSF) is one way that can help you achieve compliance with the many regulations you may be affected by. Developed in the United States, the CSF has been adopted by many organizations, including those in the international community with one example being the government of Italy, who has incorporated the Framework into its own National Framework for Cyber Security.

    Join us for a webcast hosted by Symantec Chief Cybersecurity Business Strategist, Renault Ross CISSP, MCSE, CHSS, CCSK, CISM as he dives into the CSF to:

    • Identify sensitive data, where it is and who is accessing it

    • Protect that data by establishing policies which prevent exposure

    • Detect threats to which could extrapolate data by several means

    • Respond to threats with automated actions

    • Recover after a threat to produce reports to prove compliance

    Register Today
  • Inside a Carbanak Phishing Attack
    Inside a Carbanak Phishing Attack Mike Zeberlein, Director of Threat Intelligence. Zeberlein has over 20 years supporting military and intelligence communities Recorded: Jul 20 2017 39 mins
    The sophisticated Eastern European cybercrime group implicated in the Chipotle hack is known for its financial targets. Learn how Carbanak launches a phishing campaign, from Michael Zeberlein, an expert in cyber-counterintelligence, advanced adversary hunting, malware analysis and digital forensics.
    The talk will go over:
    —The verticals being targeted
    —Payloads and planning
    —Specific campaigns and victims
  • How To Delete a Lot of Emails and Files Quickly and Defensibly
    How To Delete a Lot of Emails and Files Quickly and Defensibly Dan Elam, VP and Consultant, Contoural Recorded: Jul 20 2017 60 mins
    Sometimes there is a mandate to delete large quantities of emails and files very quickly, either after litigation or simply because senior management gets fed up with too much electronic junk. When needing to delete a lot quickly, traditional “manage and let expire over time” approaches don’t work. On the other hand, blanket, delete-everything approaches can run afoul of record retention and legal requirements. What’s an organization to do?


    About the Speaker:
    Dan Elam is one of the nation’s best known consultants for information governance. As an early industry pioneer, he created the first needs analysis methodology and early cost justification models. Dan’s involvement has been in the design and procurement of some of the largest systems in the world. Today Dan helps Contoural clients develop business cases and establish strategic road maps for information governance. He is the former US Technical Expert to ISO and an AIIM Fellow.
  • The State of Cloud Security
    The State of Cloud Security Eric Hibbard, Hitachi Data Systems, Mark Carlson, Co-Chair SNIA Tech Council, Toshiba Recorded: Jul 20 2017 63 mins
    Standards organizations like SNIA are in the vanguard of describing cloud concepts and usage, and (as you might expect) are leading on how and where security fits in this new world of dispersed and publicly stored and managed data. In this webcast, SNIA experts Eric Hibbard and Mark Carlson will take us through a discussion of existing cloud and emerging technologies (such as the Internet of Things (IoT), Analytics & Big Data, and so on) – and explain how we’re describing and solving the significant security concerns these technologies are creating. They will discuss emerging ISO/IEC standards, SLA frameworks and security and privacy certifications. This webcast will be of interest to managers and acquirers of cloud storage (whether internal or external), and developers of private and public cloud solutions who want to know more about security and privacy in the cloud.

    Topics covered will include:

    Summary of the standards developing organization (SDO) activities:
    - Work on cloud concepts, CDMI, an SLA framework, and cloud security & privacy
    Securing the Cloud Supply Chain:
    - Outsourcing and cloud security; Cloud Certifications (FedRAMP, CSA STAR)
    Emerging & Related Technologies:
    - Virtualization/Containers, Federation, Big Data/Analytics in the Cloud, IoT and the Cloud
  • Securing Your Public Cloud Infrastructure
    Securing Your Public Cloud Infrastructure Mark Butler Chief Information Security Officer, Qualys and Hari Srinivasan Director, Product Management, Cloud and Virtualiza Recorded: Jul 20 2017 54 mins
    Public cloud providers operate on a shared responsibility model, which places the onus on the customer to define and secure the data and applications that are hosted within cloud infrastructure. To that end, it is critical that organizations accurately and selectively pinpoint which cloud workloads and virtual IT assets must be monitored, updated and patched based on developing threats to customer data and applications.

    In this webcast, Mark Butler, Chief Information Security Officer at Qualys, and Hari Srinivasan, Director of Product Management for Qualys Cloud and Virtualization Security will detail how you can gain complete visibility of your organization’s entire cloud asset inventory and security posture to help you keep up with shared security responsibility models across public cloud infrastructure.

    The presentation will cover:

    > Challenges surrounding increased migration to public clouds
    > Using automation for secure DevOps
    > How to ensure effective and efficient operations

    This webcast will include a Q&A session, as well as a live demonstration of how to deploy Qualys seamlessly and deeply into public cloud environments with new features.
  • A New Frontier in Cloud Security: The Secure Internet Gateway
    A New Frontier in Cloud Security: The Secure Internet Gateway Dan Cummins - 451 Research & Meghan Diaz - Cisco Umbrella Recorded: Jul 20 2017 56 mins
    Your employees are using more cloud apps than ever, and mobile workers frequently work without turning on their VPN. You need new ways to extend protection anywhere your employees work — and you need it to be simple, yet incredibly effective.

    Exciting innovations in network security-as-a-service offer distributed organizations the potential to extend and meaningfully increase security effectiveness. Join this 451 Research webinar with Cisco Security to hear a discussion about new cloud-delivered protection for mobile workers, lean branch offices, and cloud applications.

    In the webinar we will discuss:

    - The changing cloud security landscape
    - The emergence of the Secure Internet Gateway
    - Important buying considerations for companies looking to add these capabilities
  • Law Enforcement Data On the Move: Don’t make CJI a Crime
    Law Enforcement Data On the Move: Don’t make CJI a Crime Stan Mesceda, Encryption Expert at Gemalto Recorded: Jul 20 2017 57 mins
    Law enforcement and defense organizations need secure access to sensitive data, and to provide services and to collaborate with others, while protecting the public, and any confidential information. Faced with these challenges, meeting compliance regulations such as Criminal Justice Information Services Security Policy (CJIS-SP) , is a priority for most organizations, especially as audits draw near.
    Did you know that the Criminal Justice Information Services Security Policy (CJIS-SP) requires that data be encrypted when it is transmitted outside a secure facility, even within the same agency
    “When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via cryptographic mechanisms (encryption)”

    Join us for an informative webinar where you will learn how to secure your data in transit as it moves across your internal and external network, to help ensure compliance with the FBI mandate.
    Attendee takeaways:
    •Overview of CJIS-SP mandate
    Network vulnerabilities and how Ethernet encryption can help secure data in motion
    •Use cases – hear how various agencies have successfully deployed network encryption to secure their data and meet audit requirements
    •Mapping solutions to the needs of your organization

    For more information on dealing with multi-factor authentication in the CJIS audit, check our part one in the series: https://www.brighttalk.com/webcast/2037/258091
  • Retailers:Evolve Customer Experience Strategies to adapt to Consumer Behaviour
    Retailers:Evolve Customer Experience Strategies to adapt to Consumer Behaviour Raj Mistry,Group Vertical Sales Director and Rob Allman,Group General Manager, Customer Experience, Dimension Data Jul 24 2017 3:30 pm UTC 60 mins
    Retailers are faced with the challenge of fast evolving consumer buying processes. Today and in the future consumers have greater choice in terms of how when and where they buy. Consumers expect an omnichannel experience across all available touch points with retailers.

    According to the 2017 Customer Experience Benchmarking Report, 85% of retail and consumer goods organisations recognise CX as a competitive differentiator. Join us for this webinar where we’ll be discussing the retail specific findings from the report.
  • [Breach Prevention] Phishing & Credential Abuse 101: Exposing the Ecosystem
    [Breach Prevention] Phishing & Credential Abuse 101: Exposing the Ecosystem Jen Miller-Osborn, Unit 42 Threat Intelligence Analyst, Palo Alto Networks Jul 24 2017 5:00 pm UTC 60 mins
    Even the most sophisticated adversaries know it’s far easier to steal credentials and use them for covert activities than it is to locate a zero-day vulnerability in an external-facing system. Plus, since attackers will take the easiest path, most breaches still rely on stolen credentials.

    Join our Unit 42 threat intelligence analyst for an insightful perspective on credential-based attacks and phishing. In addition to presenting its unique attack life-cycle, she will:

    • Identify trends and techniques in methods used for credential theft and abuse.
    • Review how cyber criminals have changed their tactics to compromise networks.
    • Examine who is being targeted, and why.
    • Discuss techniques to stop credential leakage.
  • Take Your AWS Cloud Investment to the Next Level
    Take Your AWS Cloud Investment to the Next Level Todd Bernhard, CloudCheckr Product Marketing Manager Jul 24 2017 6:00 pm UTC 60 mins
    AWS cloud is one of the leading cloud providers in the market—and Amazon solutions like Trusted Advisor, Cost Explorer, CloudTrail, CloudWatch, and Inspector can help organizations begin to manage their IaaS infrastructure more efficiently. However, the valuable data provided by these services can be more efficiently leveraged with tools that offer deeper visibility and control.

    Join us to learn tools and tips to take your AWS investment to the next level, including:

    - Forecasting and tagging tips to predict and optimize cloud spend
    - A comprehensive approach to monitoring to ensure secure and compliant infrastructure
    - Proactive risk detection and automated remediation tactics
  • Mega Breaches: How to mitigate your risks using Data-Centric Security?
    Mega Breaches: How to mitigate your risks using Data-Centric Security? Heidi Shey, Senior Analyst, Forrester and Nico Popp, Senior Vice President, Information Protection, Symantec Jul 25 2017 5:00 am UTC 60 mins
    What steps are you taking to minimise your risk of becoming a data breach victim? In this webinar, Symantec and a guest speaker from Forrester share best practices to proactively protect your critical data with data-centric security.

    Get advice on preventing data breaches from these industry experts:

    • Guest Speaker Heidi Shey, Senior Analyst, Forrester. Heidi serves Security & Risk Professionals with solutions for data security and privacy. She also researches sensitive data discovery, data loss prevention, cybersecurity, customer-facing breach response and more.

    • Nico Popp, Senior Vice President, Information Protection, Symantec. Nico is the former CTO of VeriSign Security Services where he led efforts to develop new products and services for Trust Services and Identity Protection.

    Join these authorities as they explain how a holistic approach to data security and identity puts you back in control.
  • The Human Factor 2017
    The Human Factor 2017 Adenike Cosgrove, Cybersecurity Strategist at Proofpoint , Davide Canali - Senior Threat Analyst Proofpoint Jul 25 2017 9:00 am UTC 45 mins
    Ransomware. Business email compromise (BEC). Social media phishing. Counterfeit mobile apps. Today’s advanced attacks use different tactics and vectors, but they all have one thing in common: they target people, not just infrastructure.

    In this webinar, we use original research and data collected from real-world Proofpoint deployments around the world to explore who is being targeted, how attackers are getting people to click, and what you can do about it.

    Register now to learn about:
    •The latest social engineering targeting trends and techniques
    •Top email fraud tactics, including business email compromise (BEC) and social media account phishing
    •The rise of fraudulent mobile apps and how criminals target users on the go
  • Does your data security create more pain than it solves? 5 steps to get it right
    Does your data security create more pain than it solves? 5 steps to get it right Raju Verranna, Pre Sales Engineer Jul 25 2017 9:30 am UTC 45 mins
    Protecting sensitive client and corporate data is one of the most important responsibilities in any organization. So if your current solution isn’t working for all stakeholders, is it really working at all?

    Key learning:
    1. Increase security and compliance, while maintaining user-friendliness
    2. Deploy encryption without interrupting normal business processes
    3. Ease the daily burden of your data security administration
  • The Top 4 Ways Vulnerabilities Get Into Your Software
    The Top 4 Ways Vulnerabilities Get Into Your Software Colin Domoney, Consultant Solutions Architect - Veracode Jul 25 2017 10:00 am UTC 30 mins
    Why is software so riddled with security defects? Are developers to blame? Is it just the nature of software? We’ve found that there are four primary ways that vulnerabilities end up in your software. Understanding these sources and how to prevent them is a good first step in making your apps less like a red carpet for cyberattackers, and more like a moat.

    Benefits of attending:
    1.Learn how vulnerabilities are getting in your code and how to keep them out from a VP of Engineering
    2.Gain actionable tips and advice on application security– from a development manager who lives it day to day
    3.Move beyond the buzz about the insecurity of open source components – what is the solution?
    4.Identify the best ways to help developers learn to code more securely
    5.Gain insight from the latest research into which languages are introducing what vulnerabilities
  • GDPR and Open Source: Best Practices for Security and Data Protection
    GDPR and Open Source: Best Practices for Security and Data Protection Daniel Hedley, Partner, Irwin Mitchell; Matt Jacobs, VP and General Counsel, Black Duck Software Jul 25 2017 2:00 pm UTC 60 mins
    Legislators in Europe continue to expand the scope of the laws governing information security and personal data protection. As a result, organizations serving consumers and businesses in the region need to understand the implications these laws will have on their use of open source to build software applications.

    During this educational webinar led by Dan Hedley, Partner, IT and Commercial from Irwin Mitchell, we’ll provide guidance on the General Data Protection Regulation (GDPR) and why a comprehensive approach to open source security management is essential for GDPR observance. In addition, we’ll review open source management best practices in context of other industry-specific developments like the Network and Information Services Directive and the Electronic Identification Regulation.
  • How Data Governance Holds the Key to GDPR Compliance
    How Data Governance Holds the Key to GDPR Compliance Srikanth Venkat & Ana Gillan, Hortonworks Jul 25 2017 2:00 pm UTC 60 mins
    The upcoming GDPR legislation represents a sea change for organisations that store or process data relating to EU residents. With penalties for violations up to 4% of annual global turnover, organisations are scrambling to comply with GDPR provisions. Effective data governance and access control helps enterprises manage risk effectively, comply with regulations and gain competitive advantage through agile decision.
    Join Srikanth Venkat, Sr. Director Product Management and Ana Gillan, Solutions Engineer as they discuss effective data governance and its role in complying with regulations such as GDPR. They will also cover Atlas and Ranger, the governance and security components of Hortonworks Data Platform and their role in effective data governance.

    This webinar is not intended to constitute legal advice. Viewers should consult with their own legal counsel regarding compliance with GDPR and other laws and regulations applicable to their particular situation and intended use of any Hortonworks products and services. Hortonworks makes no warranties, express, implied, or statutory, as to the information in this webinar.
  • Workloads, Data Centers & Cloud Strategy: Market & Technology Trends
    Workloads, Data Centers & Cloud Strategy: Market & Technology Trends Carl Lehmann, Principal Analyst with 451 Research, and Don Davis, Technology Director for Iron Mountain’s Data Center busines Jul 25 2017 3:00 pm UTC 60 mins
    IT planners have far more options as to where to run their workloads than ever before. On-premises data centers, co-location facilities and managed services providers are now joined by hybrid multi-clouds – a combination of Software-, Infrastructure- and Platform-as-a-Service (SaaS, IaaS, and PaaS) execution venues. All have unique operational, performance and economic characteristics that need to be considered when deploying workloads.

    In this Webinar Carl Lehmann, Principal Analyst with 451 Research, and Don Davis, Technology Director for Iron Mountain’s Data Center business will discuss how industry leading enterprises determine the best execution venues for their workloads by addressing:

    •The market and technology trends that influence workload, data center and cloud strategy
    •How to evaluate the characteristics of various workloads and execution venues
    •How to manage workloads across on-premises and off-premises ecosystems
    Attendees will learn how to formulate an IT strategy that can be used to guide the decision criteria needed for placing workloads on their best execution venues, and enable the migration and ongoing management of workloads across a hybrid multi-cloud enterprise architecture.
  • Building Highly Scalable ADC Clusters with Equal-cost Multi-Path Routing
    Building Highly Scalable ADC Clusters with Equal-cost Multi-Path Routing Nenad Merdanovic, Product Manager, HAProxy Technologies Jul 25 2017 3:00 pm UTC 60 mins
    Application delivery infrastructure resources are increasingly strained. The new features in modern Application Delivery Controllers along with the demands for SSL to comply with search engine ranking algorithms are major contributors to the problem. It means organizations have to find ways to scale their ADCs. But do they scale up? Or scale out? And how?.
     
    Join us for this live webinar to discover:
    oThe drivers for the requirement of scalable application delivery infrastructure like SSL adoption and expanding ADC feature sets
    oThe pitfalls and limits of vertically scaling your ADC
    oHow you can use equal-cost multi-path (ECMP) routing to horizontally (and nearly infinitely) scale your ADC
    oHow to use Route Health Injection (RHI) to ensure availability of your ADC cluster
    oExamples of organizations who have accomplished this with HAProxy
  • Smart Stores
    Smart Stores Ken Hosac, VP, Cradlepoint Jul 25 2017 4:00 pm UTC 60 mins
    Technology is improving retail operations and enhancing the customer experience. The “Smart Store” has come to life with the rise of the Internet of Things, inspiring stores to adopt applications such as digital signage and IoT sensors.  

    Sign up for this webcast with Ken Hosac, Vice President at Cradlepoint, to learn more about how Smart Stores concepts are changing the dynamics of the shopping experience, creating new retail store standards, and how it’s all dependent upon a foolproof network connection. 
  • AI, Machine Learning and the Future of Cybersecurity
    AI, Machine Learning and the Future of Cybersecurity Demetrios "Laz" Lazarikos (Blue Lava) | Sven Krasser (CrowdStrike) | Alex Pinto (Niddel) | Jisheng Wang (Aruba/HPE) Jul 25 2017 4:00 pm UTC 60 mins
    - Broadcast LIVE from Las Vegas during Black Hat 2017 -
    As cyber threats are evolving at a rapid pace, and firewalls and antiviruses are considered antiquated solutions, companies are constantly looking for the most advanced ways to protect their critical data.

    Artificial intelligence and machine learning are now an integral part of cybersecurity. With cyber attacks becoming more serious, and in some cases endangering human lives, artificial intelligence could be the key to security.

    Join this panel of top security experts as they discuss the role of AI and machine learning in cyber attacks, cyber protection and what the future of security looks like.
    - The impact of AI/ML on security
    - Trends in cyber attacks
    - How to best protect against them and secure our critical assets

    Moderator:
    - Demetrios "Laz" Lazarikos, Three Time CISO, Founder of Blue Lava

    Panelists:
    - Sven Krasser, Chief Scientist, CrowdStrike
    - Alex Pinto, Co-Founder & Chief Data Scientist, Niddel
    - Jisheng Wang, ‎Senior Director of Data Science, CTO Office - Aruba, a Hewlett Packard Enterprise company
  • Securing Network Equipment with Trust and Integrity
    Securing Network Equipment with Trust and Integrity Steve Hanna, Senior Principal at Infineon Technologies and Michael Eckel, Security Technologist at Huawei Technologies Jul 25 2017 5:00 pm UTC 60 mins
    Interconnected networks are critical to the operation of a broad and growing range of devices and services, from computers and phones to industrial systems and critical infrastructure.

    The integrity and security of routers, switches, and firewalls is essential to network reliability, as well as to the integrity and privacy of data on these networks. As increasingly sophisticated attacks are launched on network equipment, strong protection mechanisms for network equipment, both on the device and service level, is required.

    TCG recently has issued its Guidance for Securing Network Equipment with use-cases and implementation approaches to solve these problems, designed to help system designers and network architects get the best security possible from this powerful technology.
    Join TCG experts to learn about using device identity, securing secrets, protecting configuration data, inventorying software, conducting health checks, using licensed feature authorization and more.

    Speakers:

    Steve Hanna, Senior Principal at Infineon Technologies, currently chairs TCG’s Embedded Systems and IoT groups and driving the effort for a new industrial IoT group within the organization. He has been active in the Industrial Internet Consortium and its security efforts as well. He is the author of several IETF and TCG standards and published papers, an inventor or co-inventor on 41 issued U.S. patents; and holds a Bachelor’s degree in Computer Science from Harvard University.

    Michael Eckel is a Security Technologist at Huawei Technologies. Previously, he was a researcher and software developer at Fraunhofer SIT; mobile software developer at boostix and a web and software developer for a number of other companies. He holds a masters degree in computer science. Eckel currently participates in the Trusted Computing Group’s NetEQ subgroup, working to secure vulnerable network equipment.
  • Proofpoint Customer Technical Webinar: Imposter Emails & BEC Attacks
    Proofpoint Customer Technical Webinar: Imposter Emails & BEC Attacks Nathan Chessin - Director Field Sales Engineering, Jason Ford - Sr. Systems Engineer, Nick Sullivan - Sr. Systems Engineer Jul 25 2017 5:00 pm UTC 60 mins
    More than 90% of targeted attacks start with email fraud. Learn how to gain insight into, and effectively defend against, these attacks.

    Join us for a Proofpoint technical webinar, brought to you by engineers, for engineers.  This session will focus on effectively defending your domains from impostors and fraudsters attacking your organization, your customers and your partners.
     
    Topics will include:
    • The Threat Landscape
    • SMTP Standards and Evolution
    • Stop Attacks with Visibility & Authentication
    • Configuring Email Protection to help block imposter threat
    • Creating DMARC reporting in less than 10 minutes
  • Mitigate Threats with Context-aware Vulnerability Assessment and Risk Analysis
    Mitigate Threats with Context-aware Vulnerability Assessment and Risk Analysis Anand Visvanathan, Principal Product Manager, Symantec Jul 25 2017 5:00 pm UTC 60 mins
    Most vulnerability management solutions do little to help security leaders put vulnerability and risk information in the context of business.

    Attend this webcast to learn about the newly released Symantec Control Compliance Suite Vulnerability Manager and how it can help you:

    • proactively identify security exposures

    • analyze business impact

    • plan and conduct remediation

    Register today!
  • [Breach Prevention] How does Credential Theft Affect Your Organization?
    [Breach Prevention] How does Credential Theft Affect Your Organization? Brian Tokuyoshi, Sr Product Marketing Manager, Palo Alto Networks Jul 25 2017 5:00 pm UTC 60 mins
    The effects of a credential-based attack differs by organization and by job function. In this session, we will cover a look at how these attacks affect different types of organizations, along with the analysis and demonstration of how an attack is done.

    In this session, hear about:
    * Credential theft industry research coverage
    * Industry analysis of the problem space
    * Application of the credential theft lifecycle in light of recent attacks
  • Secure Coding Practices: Avoiding SQL Injection Attacks
    Secure Coding Practices: Avoiding SQL Injection Attacks Zach Jones, Sr. Manager - TRC Static Code Analysis, WhiteHat Security Jul 25 2017 5:00 pm UTC 60 mins
    SQL injection attacks enable attackers to tamper with, delete or steal sensitive data from corporate databases. In this webinar, Zach Jones, senior manager for static code analysis from WhiteHat Security’s Threat Research Center, will discuss SQL injection attacks and how to best defend against them.

    In this webinar, we will:
    - Provide examples of vulnerable code
    - Discuss data boundary concepts between input and target interpreters
    - Explain the differences and advantages of using parameterized queries versus custom stored procedures
    - Discuss the pitfalls of using selective parameterization or trying to sanitize inputs by escaping or encoding them manually

    WhiteHat Security has extensive experience working with customers to identify and fix the latest web application vulnerabilities. Join us to gain a deeper understanding of common web application vulnerabilities, get expert technical advice on defensive tactics, and learn best practices to safeguard your apps from being exploited.
  • Your Small Business Will Be Hacked - Because It Is Easy
    Your Small Business Will Be Hacked - Because It Is Easy Sean Martin, ITSPmagazine | Rusty Sailors, LP3 | Russell Mosley, Dynaxys | Tom Caldwell, Webroot Jul 25 2017 6:00 pm UTC 60 mins
    - Broadcast LIVE from Las Vegas during Black Hat 2017 -

    Small and medium businesses face countless threats, most of which have a human at their origin. These criminals, driven by financial gain, are essentially business owners – not unlike yourself – who are looking to spend as little money and as few resources as necessary to generate as much revenue as possible. Therefore, most cybercriminals target businesses that have a false sense of security.

    Why would a cybercriminal spend a fortune going after a Fortune 1,000 when they can spend a few bucks to crack a small business? Exactly!

    During this live webinar, we’ll explore the types of threats that small and medium businesses face and the business risk associated with these threats. It’s easier to get hacked than you think and it’s only a matter of time before it happens. Will your business be prepared? Are you doing everything you can to protect yourself beforehand?

    Knowing that perfection is not possible, our panel of experts will look at 4 key steps that small and medium businesses should take to reach a reasonable level of cybersecurity:

    - How to conduct an analysis to determine risk and the need to focus on cybersecurity within your business
    - How to assess the cost of a breach, a loss of information and the impact that a cybersecurity event can have on your customers and partners
    - How to create a plan to protect your systems, information, revenue and customers’ data
    - Best practices for guiding your implementation, from segmentation to employee access control policies to information protection controls

    Join us for an extremely informative session geared towards small and medium business owners and their IT staff.

    Moderator:
    Sean Martin, CISSP, Editor-in-Chief, ITSPmagazine

    Panelists:
    Rusty Sailors, President / CTO at LP3 and Chairman, Protecting Tomorrow
    Russell Mosley, Director, Infrastructure & Security, Dynaxys
    Tom Caldwell, Senior Director of Engineering at Webroot
  • The Side Effects of the Internet of Things
    The Side Effects of the Internet of Things Chenxi Wang, ITSPmagazine | Ted Harrington, ISE | Gary Hayslip, Webroot | Mike Ahmadi, Synopsis Jul 25 2017 9:00 pm UTC 60 mins
    - Broadcast LIVE from Las Vegas during Black Hat 2017 -
    Innovation is moving so fast. Each day there's a new device or technological service to hit the market designed to make our lives easier, more convenient, and perhaps even healthier. They listen to us, watch us, learn about us. They help us make decisions. They “guess” our next move - our pending desire. They make decisions - even take action on our behalf. As a society we snatch up these new devices as quickly as they hit the shelves and use them with open arms, unknowingly putting our privacy and safety at risk.

    How many devices are there? What are they used for? In this session, we’ll focus on the side effects associated with devices used to run our countries, our cities, our homes, our lives - even our physical being.

    Ultimately, it’s about the lack of cybersecurity - because there is a lack of cybersecurity, there’s no conversation about it, and therefore there is no understanding (awareness) of what’s at risk for using these devices. It’s not necessarily a bad thing - but the fact we are making uninformed decisions as a society means we could be putting ourselves and our loved ones at risk without even knowing it.

    This panel is part 1 of 2 parts - it’s all about the lack of security and the side effects it has on us as individuals and as a society. What are we trading in exchange for using these devices to make our lives “better”? Bottom line... are you (we) surrendering to the technology?

    PANELISTS
    - Ted Harrington, Executive Partner at Independent Security Evaluators
    - Gary Hayslip, Vice President & CISO, Webroot
    - Mike Ahmadi, Director of Critical Systems Security, Synopsys Software Integrity Group

    MODERATOR
    - Chenxi Wang, Host of The New Factor on ITSPmagazine
  • The Evolution of SSL/TLS and Browser Compliance Requirements in 2017
    The Evolution of SSL/TLS and Browser Compliance Requirements in 2017 Dathan Demone, Entrust Datacard Jul 25 2017 11:00 pm UTC 60 mins
    SSL/TLS Industry requirements are changing at an unprecedented pace. Over the last couple of years, new requirements have been passed down by the CA and browser community to help further solidify the security practices around obtaining and using SSL/TLS and other types of publicly trusted certificates. Over the next 12 months, more important changes are being introduced to continue that trend. Join Dathan Demone, Product Manager at Entrust Datacard, who will discuss both past and future changes that will have a major impact on all certificate subscribers. In this Webinar, we will discuss topics such as:

    • New changes coming to browsers and how they notify end users about the proper use of SSL/TLS on all web pages
    • Changes to certificate lifetime policies and verification rules that are being introduced in 2017
    • New requirements around Certificate Transparency that are being introduced in October, 2017
    • Updates to recommended security best practices and new vulnerabilities in the world of SSL/TLS
    • Certificate Authority Authorization and how this can be used to protect your organization against fraud
  • Prevent Major Data Breaches with Threat Lifecycle Management
    Prevent Major Data Breaches with Threat Lifecycle Management Seth Goldhammer, Senior Director of Product Management Jul 26 2017 12:00 am UTC 60 mins
    Throughout 2017 organisations will continue to be confronted by increasingly frequent and complex cyber threats. It’s not a matter of if your organisation will be compromised, but when.

    A traditional prevention-centric strategy naively assumes all threats can be blocked at the perimeter, which leaves you blind to the threats that do get in. Many organisations are shifting to a more balanced strategy including detection and response. Enter Threat Lifecycle Management (TLM) - your playbook for rapidly detecting and responding to cyber-attacks.

    In this webcast, Seth Goldhammer, senior director of product management at LogRhythm, explains what TLM is, and demonstrates how the end-to-end security workflow helps reduce your mean time to detect and respond to cyber threats.
  • Threat Lab Presents: Q1 Internet Security Report
    Threat Lab Presents: Q1 Internet Security Report Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst Jul 26 2017 4:00 pm UTC 60 mins
    The Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network. The team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet.

    What types of malware do we catch most often in the wild? Which network services do attackers commonly target? What are the most popular attacks in different regions of the world? Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.