The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Faced with an avalanche of alerts, insufficient staffing, and a bewildering regulatory environment it's no wonder that most organizations struggle to respond effectively to cyber attacks. Successfully resolving attacks requires fast, intelligent, and decisive action - organizations need to have an orchestrated plan in place before an attack occurs. Indeed, the best organizations leverage an orchestrated response capability to achieve cyber resilience, the ability to weather the inevitable cyber attacks as just another part of doing business.
Join IBM Resilient’s Ted Julian, VP of Product Management to explore the latest incident response methodology and technology. Can automation really save the day? Or are the naysayers correct that the automation cure is worse than the disease itself? From instant escalation, to automatic enrichment, to guided mitigation, Ted will explore the latest incident response techniques and share what works and what doesn't. Attendees will gain a framework for understanding their incident response capability and a maturity model for evaluating opportunities for orchestration / automation.
Protecting against data loss is a key focus of any organisation’s information security program. However it is not always that easy to put long term initiatives in place with consistent monitoring and response effectiveness to mitigate against advanced attacks where intellectual property may be the target.
In this webinar Stuart and David will explain how effective incident response, long term monitoring and threat intelligence can help deal with data protection against advanced persistent threats (APTs) in this modern age of cyber warfare.
The sad truth is that Invaders are trying to breach your defenses every day. With five out of every six large organizations being targeted by advanced attackers, protecting your data is a smart way to keep you from becoming tomorrow’s headline.
So what does data protection mean? A comprehensive approach allows the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands.
We will explain how Symantec technology addresses this approach and how you will benefit from:
•Grant and ensure access only for authorized users with strong, multi-factor authentication, on any device, including BYOD.
•Watching over data wherever it lives—in the cloud, on premise, in motion, and at rest.
•Preventing data loss with unified policy controls to encrypt or block vulnerable information before it leaves the gate.
When it comes to detection and response, you need full visibility into what’s traversing your network.
In this webcast, Dave Shackleford, senior SANS analyst, provides a functional review of LogRhythm’s NetMon Freemium. He also speaks to the NetMon Freemium’s network visibility capabilities and ability to recognise contemporary threats such as bots, beaconing, unencrypted sensitive information, and ransomware.
• Why network monitoring should be an essential component of your security and operations toolkit
• How to automate threat detection that was previously only possible via manual packet analysis
• To create analyst workflow that leverages forensic investigation capabilities
• How to identify potential network threats such as port misuse or beaconing
• To respond to incidents discovered through deep packet analysis
Warning - this is not just another GDPR webinar. Join Amar Singh in his popular and interactive webinars and deep-dive into this special Cyber Incident Planning & Response webinar where we share and discuss the following:
* - What are the key components to automate in incident management to enable GDPR compliance.
* - Four important questions a CISO or Manager must ask to manage an incident successfully.
* - Understand Process Automation for Incident Orchestration.
* - How you can, using the technology and processes, build a lean, effective and knowledge Security team with or without a Security Operations Centre.
* - Data Protection and Incident Response for the non-technical manager.
* - How and why it's critical that middle and senior management, working with technical teams, get involved in delivering effective cyber incident planning & response.
You’ve heard a lot about using artificial intelligence and machine learning to change the odds in your favor in cyber-attacks. Unfortunately it turns out that the bad-guys have great AI too, and with each click they can stealthily adapt, morphing into a new hard-to-detect form. But what if we apply learning in real time, on every endpoint, and allow the endpoints to collaborate to identify the threat?
In this talk Simon Crosby, co-founder and CTO of Bromium, will explore how this new approach can give defenders the edge in an era of targeted attacks.
About the Presenter:
Simon Crosby is a co-founder and CTO of Bromium Inc. – the pioneer of micro-virtualization, which enables PCs to defend themselves by design from all malware. Previously Simon was CTO, Data Center & Cloud at Citrix Systems, which acquired XenSource, where he was co-founder and CTO. He was formerly a Principal Engineer at Intel where he led strategic research on platform security and trust, and founder & CTO of CPlane Inc., a pioneer in Software Defined Networking. He was a faculty member in the Computer Laboratory at the University of Cambridge, UK from 1994-2000. He holds a PhD in Computer Science from the University of Cambridge, UK, and is author of more than 50 peer reviewed papers and patents.
Machine learning is both cool and valuable, but to apply it effectively requires that we disregard the former in order to be rigorous about the latter. In this session we take a hard look at the qualities that make machine learning fit for purpose for problems in cyber security in order to lay out a global roadmap for how machine learning can solve security problems today. Even more importantly, our bottom-up analysis of machine learning will chart the areas where an excessive faith in automation can become harmful to a business' security posture.
About the presenter:
Greg has previously managed products and product teams for gaming and education startups with a focus on meaningful, measurable engagement loops. His games have been ranked in the top ten by traffic on Facebook, the top ten by revenue on the App Store, and as the Editor's Choice in the App Stores of over 70 countries.
Once breached at the endpoint, what does an attacker do? Where is he going? What does he want? The truth of APTs and advanced attacks is that they just don't want one machine - they want access to the heart of the organization. Since 1999, Microsoft has made the Windows Domain the heart of the network. Once accessed, it permits the attacker to control the organization - undetected and indefinitely. This is what the attacker wants. This webinar will discuss all moves an attacker can make to go from a compromised machine to achieve his goal from a statistical point of view; we will present the probability of detection and evidence-gathering for any move made along the way.
Roi is CEO and Founder of Javelin Networks, a post breach containment technology that focuses on stopping attackers from credential misuse and lateral movement after compromising a machine. Roi served in the Israeli Air Force at the OFEK unit where he worked on the security of the Israeli satellite launch, Arrow missiles and the Air Force drones. As a network and security engineer, he was influential in designing, developing, analyzing, implementing large enterprise communication networks, both nationally and around the world. Worked for four years as a Security consultant, leading ongoing projects at the Vatican and other military organizations.
With more than 250 million threats online in any given day, security for your business has never been more critical. These threats can cause loss of data and personal information with increased risk of identity theft. Windows 10 includes built-in protection to help keep you more secure with all new features in the Anniversary update.
Join this webcast to learn more about the two major new security features that launched with the Anniversary update:
- Windows Defender Advanced Threat Protection (WDATP) detects, investigates, and responds to advanced malicious attacks on networks by providing a more comprehensive threat intelligence and attack detection
- Windows Information Protection enables businesses to separate personal and organizational data and helps protect corporate data from accidental data leaks.
Over the past few years, outsourcing business functions to vendors has been on the rise. In fact, there are more third-party relationships today than ever before. However, as the number of supplier relationships grows, so grows the amount of risk those suppliers pose. And in today’s hyper-connected landscape, cyber risk has taken center stage when it comes to vendor risk.
Join former CIO, Kevin Roden, and BitSight’s Senior Customer Success Manager, Julia Grunewald, on Wednesday, February 22nd at 1pm ET, as they discuss traditional and emerging vendor risk management (VRM) tactics.
In this webinar you’ll learn:
- How VRM has traditionally been handled
- Why traditional strategies alone aren’t enough
- Advice on how to effectively and efficiently mitigate cyber risk
Research shows that 76% of companies suffered a data breach in 2016, so it’s now almost inevitable that hackers will gain access to your company and your sensitive data.
Security professionals are now looking to deal with breaches faster, to keep their company off the front page and with heavy GDPR fines on the horizon, they’re wise to do so…
Organisations are fearful of damaging data breaches but unsure of the best course of action to protect themselves from major cyber incidents. Whilst a large per cent of businesses focus on building up perimeter defences, not enough are concentrating on monitoring their own network for the best chance to detect threats and mitigate them before significant damage is done.
Tune into this in-depth one-on-one interview to learn:
- More about the threatscape and the dangers to your organisation
- The influence that GDPR will have and steps you need to take
Es ist eine traurige Tatsache, dass Hacker tagtäglich versuchen, Ihre Abwehrmaßnahmen zu durchbrechen. Inzwischen werden fünf von sechs großen Organisationen zur Zielscheibe von versierten Angreifern. Daher sollten Sie Ihre Daten aktiv schützen, um nicht zur nächsten Schlagzeile zu werden.
Was also bedeutet Schutz von Daten? Ein umfassendes Schutzsystem ermöglicht den richtigen Personen von überall aus Zugang zu den entsprechenden Daten, indem es den Zugriff steuert, den Fluss der Daten überwacht und dafür sorgt, dass diese nicht in falsche Hände geraten.
Wir erläutern, wie dieser Ansatz mit Symantec-Technologien umgesetzt werden kann, um Ihnen Folgendes zu ermöglichen:
•Sicherstellen, dass nur autorisierten Benutzern Zugriff gewährt wird, indem Sie auf allen Geräten – einschließlich bei der Nutzung privater Mobilgeräte im Unternehmen (BYOD) – eine starke Multifaktor-Authentifizierung einsetzen.
•Daten überwachen, ganz gleich, wo sie sich befinden – in der Cloud, vor Ort, auf Mobilgeräten und im Speicher.
•Datenverlust mithilfe einheitlicher Richtlinienkontrollen verhindern, damit sensible Daten verschlüsselt oder blockiert werden, bevor sie das Unternehmen verlassen.
The 4th ICTFOOTPRINT free webinar has crucial information on ICT Calculation tools and Sustainable ICT insights on energy savings, on 23rd February 2017, 15:00 CET.
Thomas Corvaisier (CEO of GREENSPECTOR) will introduce the concept of software eco-design, and tell us how it may help lowering the consumption of IT resources while preserving performance and user experience.
Frédéric Croisson, from Deloitte Sustainability, will showcase the ICTFOOTPRINT.eu Self-Assessment Tool for Services (SAT-S), a useful, quick and easy-to-use tool that calculates the carbon footprint of your ICT services. The tool helps users not only to make informed decisions about how to make an ICT service sustainable, but also discover the impact of ICT devices & activities in terms of Green House Gas emissions and primary energy consumption. (SAT-S will be launched very soon).
Karen Robinson will share some sustainable ICT practices and introduce the save@work initiative, which encourages public sector employee’s to come together in teams to reduce the energy consumption of their building by making small changes to their everyday energy consuming behaviours. Adding an element of competition to the project has been a significant driver in encouraging teams to really examine and challenge those unconscious energy consuming behaviours. The scale of working in a large office has also highlighted those practices that on their own seem to make almost insignificant savings but when applied across an office of over 300 people, have a very different impact.
The webinar will be moderated by Silvana Muscella, Project Coordinator of ICTFOOTPRINT.eu and CEO of Trust-IT Services. Silvana has a broad experience in ICT sector, focusing on high-level strategy building, the delivery of multichannel platforms, business acquisition & development & strategic marketing for international clients.
Digital transformation is changing the business landscape for every organisation, with the way new technologies can unlock competitive advantage, enable efficiently, agility and enhance customer experiences. The cloud is where this innovation is happening and enabling this transformation, but when you take advantage of its possibilities, it’s crucial that you secure your cloud applications and workloads.
If you’re building applications or migrating workloads to the cloud, you’re probably like most organisations – trying to determine what security controls are needed, and how to integrate workload security without slowing down innovation or needing to add dedicated security staff – which these days is harder to find and more expensive to keep.
During this panel discussion you will hear from industry experts as they discuss what steps and considerations should be taken when moving to any cloud. Where are the responsibilities of security and how do you maintain visibility and control over your data, including:
- Why when moving business critical applications to the cloud you require a different approach to security?
- Best Practices for minimizing risk in your cloud adoption
- Filling the Cloud Security IT Skills Gap
- Managing the Challenges of the Cloud under EU GDPR
Those defending against cyberattacks are overwhelmed by the shear volume of incidents to respond to. It is so bad that it has been said there may be as many as 1 million unfilled cybersecurity jobs. Machine learning and automation is often heralded as a way to deal with this problem so that many incidents can be dealt with requiring pressing a button. While there is much promise is machine learning there are also many perils that need to be considered. Attackers know how we defend ourselves and they do use our defenses against us.
This talk will cover some of the open-source tools and techniques available for organizations to use to defend themselves while keeping in mind how attackers could undermine our efforts.
Cyber truths and CEOs
Security industry experts say that the nature and complexity of today’s cyberattacks are beyond the scope of even the largest companies. We’ve seen the headline making news. Big brand companies once thought to be impenetrable, have fallen victim to targeted cyberattacks inflicting significant financial damages to their businesses.
Financial fall out and executive reputation
Such breaches are hitting corporations where it hurts the most: the bottom line. A prominent bank recently felt the staggering loss of $81 million resulting from a breach.
Elevate and propagate
Battling hackers, state actors, and sophisticated cybercrime organizations may seem like a never-ending, daunting task.
Please join us as FireEye and HPE Chief Technology Officers reveal a five-point tactical plan to mitigate risk and keep your reputation intact.
What you’ll learn:
1.Creating a Risk Profile to assess your organization’s risk level.
2.CEO engagement. Understanding the amount of time, resources and commitment needed to minimize threat exposure.
3.Roles and investment. Guidelines for technology, personnel, and budget.
4.Risks and ramifications. Pinpoint the gaps.
5.Seek the advice of experts. Don’t stake your reputation by going it alone.
Over the last few months, cyberattacks have dominated the news, creating uncertainty about how best to protect the value small business owners have worked to create. In this webinar, Emory Simmons, President of CMIT Solutions of South Charlotte, outlines today’s online threats and lays out a plan small businesses can use to manage risk.
Invest an hour to attend, Under Attack: Managing Small Business Cybersecurity Risk in 2017, on February 23rd at 11:00 am EST for answers to the questions below:
- What’s the likelihood my company will be targeted by a hacker?
- If my data is in the cloud, they are responsible for data breaches, right?
- Are ransomware attacks really that widespread?
- Does business insurance cover breaches?
- What can I do today to protect myself and my company?
PKI used to be difficult to implement, and was seen as complex, labor intensive and expensive. The development of powerful credential management software has brought considerable improvements. It now does much of the manual work that used to be left up to the administrators saving them valuable time in the war against security threats. In our last webinar, we found almost 50% of those you voted cited the Internet of Things as the main driver for PKI. More connected devices and users will create a need for higher levels of security in all organizations as the number of possible threats and attacks increase.
For security professionals, implementing and modernizing their PKI systems will be crucial, keeping in mind not all PKI implementations are created equal. Some are inherently more complex, depending on the level and layers of security needed for within your organization. Following our previous PKI foundational webinar, this one will cover the elements you need to consider when designing a PKI environment.
Join us for the “PKI – Your Ally in the War Against Security Threats” to learn how you can maximize your organization’s security and the things you need to know to get started including:
•PKI use cases in an enterprise environment to secure access and protect data
•Budgeting for your PKI deployment of modernization
•Outlining the deployment size, scope and timeline
•Analyzing and reviewing current and/or future security policies
•Maintenance and administration of the PKI system
•Configuring and understanding certificate authorities
•Developing a scalable approach to prepare for future needs
•Addressing the protection of sensitive keys and the ecosystem integration