IT Security

Community information
The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
  • View from the CISO Chair - Security as Business Risk with Tom Bowers, Principle Security Strategist, ePlus
  • Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.

    Attendees will learn:
    - SIEM architecture changes for visibility
    - Increasing complexity of data analytics to explore
    - SIEM taxonomy and trade-offs between generations
    - Analyst recommendations & best practices
    - Why resources are key to SIEM success
  • Increasing data and network complexity give hackers more to steal and more ways to steal it. Most organizations cannot hire enough skilled IT security personnel to keep up.

    Join us for this informative and timely webinar, in which our experts will offer you seven golden strategies to mitigate IT risk and help you:

    • Reduce the greatest risks first
    • Stretch your team for optimal results
    • Creatively augment budget, skills and headcount.
  • Server virtualization is a mature technology. More than 70% of all x86 architecture workloads are running in VMs on top of hypervisors. With the increase in virtualization of mission critical workloads plus clustering and high availability, it’s more challenging than ever to get the visibility and dynamic rule settings for North-South and East-West traffic. In this session, no future hype, learn what is happened today with FortiGate-VMX use cases to secure all of your hypervisors and provide a real-world agility traffic testing using Ixia Breakingpoint for the proof.
  • Information technology brings many benefits to a business, but it also brings risks. Knowing how to assess and manage those cyber risks is essential for success, a powerful hedge against many of the threats that your business faces, whether you are an established firm or pioneering startup. ESET security researcher Stephen Cobb explains how cyber risk assessment and management can work for you.
  • The importance of protecting sensitive data is gaining visibility at the C-level and the Boardroom. It’s a difficult task, made even more so by the shortage of security experts. One option that more and more companies are pursuing is the use of managed security services. This can enable them to employ sophisticated technologies and processes to detect security incidents in a cost-effective manner. Should managed security be a component of your security mix?

    In this webinar, Ed Ferrara of Forrester and Mark Stevens of Digital Guardian will discuss:

     When does it make sense to utilize managed security services

     How to the scope the services your company contracts out

     Questions to ask when evaluating managed security services providers

     The key criteria for selecting managed security providers
  • Are you giving the adversary unintended access through vulnerabilities in your system?

    By only having one method of finding vulnerabilities or one way of mitigating them, the chances of the adversary getting through are increasingly high. This webinar will walk you through the current threat landscape, how vulnerabilities can be found, and how to mitigate control.

    In this webinar you'll learn:

    - What types of assessments work at which points in the software development lifecycle.
    - What is the most popular way to deploy a WAF and why that's not a good idea as a single method of defense.
    - Why finding and fixing your vulnerability isn't actually good enough.
  • Considering the cloud, but want to know more about what your peers think about how secure it really is? Register for this webinar as we dive into some of the statistics from the Alert Logic Sponsored-Cloud Security Spotlight, a summary report built from the results of a survey in the Information Security LinkedIn community. Founder of the LinkedIn Group, Holger Schulze will join Alert Logic staff to dive into the outcomes of the survey, including:
    •The hottest trends in cloud security according to the respondents,
    •What people really think of the security of the cloud,
    •The risks of, and solutions for, cloud security.
  • With the sophistication and highly targeted nature of attacks against governments, the adversary can use numerous approaches and actions to get in and move across the network. Palo Alto Networks Threat Intelligence—from the cloud or an on-premises government-run platform—constantly gathers intelligence on evasive applications and converts the intelligence back into all platform devices. This ensures that organizations maintain control of evasive applications to ensure authorized activity traverses the networks while unauthorized activity fails to route.

    Join this webinar to Learn:
    - How Government Agencies can develop and manage their own threat intelligence cloud on a closed, dedicated Palo Alto Networks WF-500 threat intelligence platform.

    - How to create effective threat intelligence private clouds for a singular agency or for a group of Agencies, Ministries or Departments who wish to share their threat intelligence.

    - How the threat intelligence cloud (public or private) analyzes and correlates intelligence from all platform security functions—URL Filtering, mobile security, IPS/threat prevention and the virtual execution engine or sandbox, WildFire™— and validated community input.

    - How WildFire immediately discovers previously unknown malware and communicates the results to the platform to automatically generate signatures.

    - How all threat intelligence is distributed to the network and endpoints to ensure they are protected.

    - How this is all done automatically, reducing operational burden and shortening an organization’s response time.

    - How this innovative architecture can be operated at a fraction of the cost it takes to deploy and manage an equivalent set of point products – APT, IDS/IPS, URL filtering and more – all correlating insights automatically in real-time for greatest network protection.
  • Willbros, a leading infrastructure contractor serving the oil and gas industry, leverages Amazon Web Services (AWS) and Trend Micro Deep Security to quickly design and deploy agile, secure cloud solutions to protect their vital data. Moving to AWS allows organizations to leave their infrastructure behind and start fresh – architecting for flexibility and scalability. However, bottlenecks are created when traditional on-premises security approaches and tools are used. Learn how Willbros unleashed innovation in the energy industry by taking a greenfield approach to security in AWS. Attend this practical webinar by AWS, Trend Micro and Willbros to learn how you can design a flexible, agile architecture that meets compliance requirements and protects your most valuable asset – your data. Jason Cradit from Willbros will share their experience on how they achieved building robust and secure pipeline management systems in the cloud.

    In this webinar you’ll learn how to:
    - Architect a secure application using a combination of AWS services, Trend Micro services, and configurations
    - Understand how host-based protection improves application security, as well as agility and flexibility
    - How to protect workloads from attack, without hampering performance
  • According to Gartner, “through 2019, more than 50% of data migration projects will exceed budget and/or result in some form of business disruption due to flawed execution."(1) Furthermore, 1 in 6 large IT projects go over budget by 200%, according to a Harvard Business Review article. It is widely recognized that application migration and consolidation projects are “risky business” – high-ticket items for the corporation, with a scary chance of failing. If you are undertaking any IT modernization or rationalization project, such as consolidating applications or migrating applications to the cloud or ‘on-prem’ application, such as SAP, this webinar is a must-see.

    The webinar is going to shine the light on the critical role that data plays in the success or failure of these projects. Application data consolidation and migration is typically 30% to 40% of the application go-live effort. There is a multitude of data issues that can plague a project like this and lead to its doom, and these are not always recognized and understood early on, which is the biggest problem.

    In this webinar, Philip Russom of TDWI will walk us through the potential data pitfalls a corporation should consider when undertaking an application consolidation or migration project. Philip will share best practices for managing data in order to minimize risks and ensure on-time and on-budget delivery of these projects. Rob will discuss Informatica’s unique methodology and solution to support these best practices. Rob will also share real-life examples on how Informatica is helping customers reduce risks and complete application consolidation and migration projects on budget and on schedule.

    1) Gartner report titled "Best Practices Mitigate Data Migration Risks and Challenges" published on December 9, 2014
  • From Heartbleed and Shellshock to the Target breach and the Sony hack, cyberattacks are daily news, and yet security and compliance are often not considered as a fundamental requirement when adopting cloud computing strategies.

    Cyber crime is continuously evolving as criminals identify new ways of making money from the digital revolution. However, there is no such thing as a new crime. The techniques that we see criminals use and abuse today have their antecedents in the recent past as well as antiquity. By examining the evolution of how information has been recognised as valuable, and how techniques have evolved to protect information we can better understand how techniques will need to continue to evolve to protect against the latest criminal attacks.

    The widespread adoption of cloud infrastructure exposes organisations to new threats but presents new opportunities for attackers. Indeed, criminals have enthusiastically embraced the cloud as a platform for their own activities and developed "crime-as-a-service".

    Join Martin Lee, Intelligence Manager at Alert Logic for this live webinar which will discuss:
    - Trends in UK Cyber Crime - how cyber crime has evolved and continues to evolve
    - Typical motivations behind an attack, and what hackers do with the data they steal
    - How to integrate security & threat intelligence capabilities into your cloud
  • Ever wish you could get inside your QSA’s head before your next PCI audit?
    Join QSA Adam Gaydosh of Anitian, and Nimmy Reichenberg, VP of Strategy at AlgoSec to get the inside scoop on what QSAs are looking for when they audit you. Aimed at security and networking professionals, this webinar will provide insider tips and tricks to help you prepare for and pass your audit – wherever your credit card data is stored – and remain continuously compliant even if you’re breached.

    Don’t miss the chance to hear about the pitfalls your colleagues have already faced, and how to make the audit experience less stressful, including:
    - Less is more: demystifying the scope of a PCI audit
    - What’s in and what’s out: Segmenting your network for compliance
    - Best practices for configuring your security infrastructure
    - PCI in the public cloud – it’s not an oxymoron
  • Rapidly deploy and dynamically manage secure networks at geographically distributed stores, branch locations, and on the road with Cradlepoint’s Enterprise Cloud Manager. This innovative cloud platform is the next generation management and application platform that helps you improve productivity, increase security and network reliability, and reduce costs; all while enhancing the intelligence of your network and business operations.

    The webinar is a cloud presentation and live product demonstration.

    Attendees will learn how to:
    •Set up and configure groups of devices for “zero-touch” installation and continuous remote management.
    •Troubleshoot their network, limit truck rolls, and reduce downtime
    •Perform remote diagnostics – status reports, error logs, and alerts
    •Easily upgrade firmware on multiple routers at once
    •Use next generation Out-of-Band Management through the cloud
    •Implement best-in-breed security applications from the cloud
  • Disruptive forces are accelerating a change in workplace technology, leaving organizational data at risk. In the past, IT was able to create a ‘walled garden’ with clearly set protocols for how data came in and out of the organization. This is no longer the case.
    As a response, Workshare recently hosted a series of roundtables and polls, where we asked CIOs and senior IT professionals how trends in the workplace are affecting their IT strategy.

    Join us as we discuss how these trends are influencing IT strategies today, as well as the best practice for reducing risk.
  • The cyber market is an ever-changing industry. So how are insurance carriers currently assessing the risks their insured face? And how are they mitigating those risks?

    In this webinar, Ira Scharf, our GM of Insurance, teams up with Advisen Insurance Intelligence to discuss how cyber exposures have grown and changed over the last 20 years, and how the insurance product has evolved to keep pace.

    Watch this on-demand webinar to:

    learn exactly how the underwriting process has developed over the years,
    hear experts discuss the current trends in the industry, and
    find out the latest tools carriers are adopting to better assess corporation’s cyber preparedness.
  • Today’s corporate worker is a mobile worker and requires anywhere access to enterprise services and applications. The evolution of mobile devices in the workplace has gone from a laptop and BlackBerry per user to a mix of three to five devices per user including laptops, smartphones and tablets that may be owned by the worker or enterprise.

    Join David Goldschlag, SVP of Strategy for Pulse Secure, as he discusses how enterprises can cope with this explosion of mobile devices using the three C’s of enterprise mobility – Connectivity, Compliance and Containers. In this webinar you will learn:

    1. How to use your PC security know-how to manage devices, provide VPN connectivity, and network access control
    2. How you can leverage existing compliance enforcement for BYOD and corporate-owned mobile devices
    3. How you can evaluate security containers to best meet your mobile application needs
  • We do not want Big Data! We want the right data to answer the right questions!

    Data is changing our world. Predictions using massive data not only have improved many products. At the same time, they have, in some industries, disrupted business models and created new ones.

    What does an organization need to do to generate a new competitive advantage out of data? The answer might be surprising. “Change the state of mind.”

    Companies often do not need big data. They essentially want small and actionable advice. Some predictions will need big data to surface relevant information, but not all. The key to success for many companies, however, is to enable “data­driven” decision making. Lutz will discuss the steps he has used in starting and developing his own company (later sold to WPP), as well as how he leads LinkedIn’s data science team.

    A) Change the state of mind!
    Enable everyone in the company to ask “data driven” questions. Lutz will show how this is the hardest part of the on­going exercise, but why most businesses actually can achieve this with their current strategic abilities. Using examples we will learn what is the best way to formulate the “Ask”.

    B) What data?
    Data can be a source of disruption & innovation. Business models change because new data sources and enhanced computational power allows new services or improve old services. But which data to use? Domain knowledge is often more important than having “Big Data". Lutz will introduce a framework on how to think about data.

    C) How to build a Data Team?
    How can organizations build up data capabilities within your team. Contrary to the common discussion that a data scientist are not ‘hard to find’. Lutz will explain how every company can create a data science organization by just mixing the right skillets.
  • The Top Five Best Practices for Controlling Third-Party Vendor Risks.

    Target, Home Depot, eBay — look at almost any of the seemingly never-ending string of mega-data breaches, and you’ll find a common thread. Stolen or compromised user credentials, belonging to a privileged user with wide-ranging access to sensitive systems, served as the initial attack path. Often — in as many as two-thirds of cases — those credentials belonged to a third-party; a vendor or business partner who’s been granted internal access to your network. With those credentials in hand, attackers are free to roam about your IT infrastructure, seeking out and exploiting their ultimate goals. It’s a frustrating — and dangerous — challenge. You have to provide access to vendors, contractors, and business partners — but doing so often introduces unacceptable security risks.
    But these risks are manageable. Join us to learn the top five best practices for regaining control of third-party access, and the processes and technology necessary to stop unauthorized access and damaging breaches. In this webcast, we’ll discuss:
    • The identity, access, and security governance processes needed to protect your network
    • How to ensure positive user identification to prevent credential theft and misuse
    • Techniques to limit access to only those resources required to satisfy work or business requirements
    • Preventing the unauthorized commands — and inadvertent mistakes — threatening your network
    • Establishing monitoring procedures that flag violations and speed forensic investigations
  • The need to share content -- securely, collaboratively, immediately -- is critical to your job. You’re working with outside agencies and business partners, sharing documents that contain sensitive data like product designs, ad campaigns and customer data, to name just a few.

    According to research from the Ponemon Institute, more than six out of ten people report having accidentally forwarded files to individuals not authorized to see them. It’s time to create some good habits that will allow you to collaborate with internal and external resources and be 100% compliant with the regulations that govern your industry.

    Please join us for an interactive presentation about how new habits and tools can make it easy for you to be efficient and compliant, without sacrificing speed or creativity.