The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Successful Information Governance enables organizations to take control of their information, ensure compliance, reduce costs, and ultimately achieve greater profitability. Watch the webinar on demand, Real Customer Successes: Business Transformation through Information Governance, to hear expert insights on how real-world customers have successfully leveraged Information Governance programs.
Barclay Blair of the Information Governance Initiative and OpenText's Stephen Ludlow discuss how customers have successfully implemented Information Governance programs that streamline processes, increase productivity, and reduce costs to transform their businesses. You’ll learn:
•How leading organizations have been able to amplify the value in their information
•How to measure the success of an Information Governance implementation
•What drivers lead customers to implement an Information Governance program
This short video shows how distributed cryptography technology from CertiVox provides strong authentication and a simple user experience without compromising security. M-Pin eliminates the password database and therefore, risk of breach. It offers low cost of ownership and helps satisfy security compliance and policy requirements. M-Pin provides federated authentication to SAML and RADIUS enabled applications to help you take back control of unsanctioned shadow IT deployments.
ISO 31000 was published as a standard on the 13th of November 2009, and provides a standard on the implementation of risk management. A revised and harmonised ISO/IEC Guide 73 was published at the same time. The purpose of ISO 31000:2009 is to be applicable and adaptable for "any public, private or community enterprise, association, group or individual." Accordingly, the general scope of ISO 31000 - as a family of risk management standards - is not developed for a particular industry group, management system or subject matter field in mind, rather to provide best practice structure and guidance to all operations concerned with risk management.
If there is one thing that can be said about the threat landscape, and cybersecurity as a whole, it is that the only constant is change. This can clearly be seen in 2014: a year with far-reaching vulnerabilities, faster attacks, files held for ransom, and far more malicious code than in previous years.
Join us on 26th May, at 10:00 - 10:45 to understand the growing threat landscape and how this affects your business.
On this webcast we will cover;
•The main security challenges and trends in 2014
•Highlight how threats operate to allow you to better informed
•Key takeaways for executive / functional leaders
To keep up with soaring volumes of information, A strong Information Governance program is no longer a nice-to-have: It’s a must have. View Part 1 in the information governance webinar series, 5 Top Trends in Information Governance, to hear expert insights into the current state of information management, including investment priorities, technology adoption trends, and the top challenges facing enterprise decision-makers. Join guest speaker Forrester analyst Cheryl McKinnon and Liz Kofsky from OpenText as they discuss the findings from Forrester’s latest recent research in records management, information governance, enterprise content management (ECM) and archiving trends.
•The latest trends in information management
•How to overcome the top information governances challenges facing organizations
•Where to start your information governance program and how to get to successful information management
In this high stakes world of cyber security, no vertical has more at risk data than federal agencies. Business hacks can certainly be devastating to the bottom line, but an attack on federal data can be a matter of national security. Fortinet continues to grow its reach by not only securing networks but using its valuable threat intelligence to stop cyber attacks in their tracks. Fortinet recently announced a partnership with the Department of Homeland Security which helps the company improve access to the latest cyber threat intelligence and helps strengthen customers worldwide from increasingly sophisticated and potentially damaging threats. Digital Strategist, Jonas Tichenor has more from Washington D.C.
As software applications are increasingly distributed through cloud and mobile platforms, the risk of vulnerabilities rises. Application managers need ways to control their disparate applications and to build security into the development process.
We are giving you the keys to run your own Ultimate Test Drive (UTD) events.
Have an engineer who holds a current CNSE certification with Palo Alto Networks? Your company is now eligible to run a UTD event whenever and wherever you want. Just schedule the class, invite users, and get driving!
Not familiar with the Ultimate Test Drive? A UTD is a half-day workshop, developed to move prospects to an evaluation by providing them with hands-on experience to help them overcome any fear of switching from a legacy firewall. Palo Alto Networks has created scenarios with step-by-step instructions for this workshop, based on some of the most common problems that prospects need solved, but can’t do with any legacy firewall.
Join this 60 minute webinar to learn how to schedule, coordinate, instruct and follow up on the Ultimate Test Drive Program.
Software developers often struggle with two competing priorities: delivering code within aggressive timelines and incorporating security into the development lifecycle. This webinar helps developers learn how to code securely without killing productivity. Join Adrian Lane, CTO & Analyst at Securosis, and Maria Loughlin, VP of Engineering at Veracode, as they discuss practical steps developers can take to start incorporating security into day-to-day planning, processes and culture. You will learn how to leverage best practices from both the Agile methodology and DevOps in order to automate security and integrate it into the SDLC.
This webinar will describe the challenges faced by cloud and web service providers when attempting to monitor, manage, and troubleshoot across large data centers and networks, whether fully owned or hosted. It will describe the benefits of using a unified visibility plane as the solution to address these challenges, in a cost-effective and streamlined manner, whether it is for security, performance, and/or troubleshooting purposes.
With the rapidly accelerating nature of attacks on network infrastructure and software systems approaches such as static block lists, manual policy configurations and other current prevention techniques have become outdated. Through the use of distributed computing, contextualization and machine learning it is possible to build tools that analyze data across multiple threat vectors allowing for the development of predictive algorithms and a greater understanding of an organizations threat landscape. We will walk through common machine learning techniques, discuss contextualization, how predictive logic works and see a demonstration of contextualized threat intelligence.
Electronic Healthcare Records (EHRs) and the information they contain have become the top target of cybercriminals around the world. Several high profile healthcare-related data breaches have made the headlines in recent months and more are sure to come. What is it about the information contained in EHRs that is so enticing and how can it be better secured? Join (ISC)2 and Sophos on May 21, 2015 at 1:00PM Eastern for a discussion of the security of healthcare data and approaches on how to better protect this type of information.
This webinar will go through 10 proven ways to assure your business can be resilient to any sort of downtime event including disaster recovery as a service, instant recovery, recovery assurance, archiving, and other best practices.
The purpose of our study was to better understand the cyber-security challenges facing financial services enterprises as well as both conventional and Internet retail companies.
Attend this webinar to learn:
- The state of ATs and DDoS attacks in the two verticals
- How companies deal with advanced threats and denial of service attacks
-Industry differences: financial services vs. retail companies
Cloud computing has broken down traditional geographic borders, and defining data ‘location’ has become more complex. Global enterprises embracing the cloud must deal with the compliance and risk challenges that arise when information is distributed across multiple physical, logical, and legal locations.
Join our guest Holger Mueller, Vice President and Principal Analyst, Constellation Research, and Todd Partridge, Product Marketing Director, as they explore the challenges of information governance in the cloud:
- The critical emerging topic of data sovereignty and jurisdiction
- How governments are responding in different ways to the questions of data privacy and ownership
- What organizations must do to address the varying requirements and regulatory environments
This webinar will explore the methods criminals use to perpetrate fraud and steal identities and what you can do to secure your business without taking a hit on transaction completion and revenue.
1. The common approaches used in identity theft and how they apply to e-commerce.
- the coffee shop wifi hack
- the local government census
- social media techniques
- the offer you can't refuse
- the catchers supermarkets
2. Firsthand research from the Jumio team and what they uncovered when they interviewed convicted ex-fraudsters, professional criminologists, law enforcement practitioners and fraud managers to uncover some of the exploits that fraudsters use.
Organizations need to be more business-centric in their approach if data loss prevention is to be successful. By supplying McAfee Data Loss Prevention (DLP) with reliable insight into the meaning and value of data, Classifier complements the detection methods based on keywords and regular expressions alone, helping reduce the risk of data- loss.
The combination of Boldon James Classifier and McAfee DLP reduces the likelihood of data loss by providing the DLP solution with predictable, meaningful classification metadata that greatly improves the reliability of DLP decision making, improves system effectiveness and reduces false positives.
In this webinar we will explore:
- The role of user-driven classification
- How user-driven classification benefits DLP
- When to introduce user-driven classification into a DLP project
- How to measure and monitor the benefits of user-driven classification
In this webinar we focus on a strategic view of risk mitigation:
Software vulnerabilities remain one of the most common attack vectors for security incidents and data breaches, either as the entry point for hackers or the enabler of privileges escalation inside networks.
Despite awareness of the risk, and the fact that most software vulnerabilities have a fix the day they are made public, organizations continue to fail to execute mitigation actions. The consequence is that we continue to see costly breaches affecting businesses around the globe.
In this webinar, Marcelo will talk about how the use of vulnerability intelligence can be a game changer to help organizations become better at mitigating the risk of software vulnerabilities.
-Fresh data related to software vulnerabilities
-The challenge of prioritizing mitigation
-How the use of vulnerability intelligence can help support consistent risk reduction
Willbros, a leading infrastructure contractor serving the oil and gas industry, leverages Amazon Web Services (AWS) and Trend Micro Deep Security to quickly design and deploy agile, secure cloud solutions to protect their vital data. Moving to AWS allows organizations to leave their infrastructure behind and start fresh – architecting for flexibility and scalability. However, bottlenecks are created when traditional on-premises security approaches and tools are used. Learn how Willbros unleashed innovation in the energy industry by taking a greenfield approach to security in AWS. Attend this practical webinar by AWS, Trend Micro and Willbros to learn how you can design a flexible, agile architecture that meets compliance requirements and protects your most valuable asset – your data. Jason Cradit from Willbros will share their experience on how they achieved building robust and secure pipeline management systems in the cloud.
In this webinar you’ll learn how to:
- Architect a secure application using a combination of AWS services, Trend Micro services, and configurations
- Understand how host-based protection improves application security, as well as agility and flexibility
- How to protect workloads from attack, without hampering performance
End-point data protection is fundamentally changing. End-points have moved from desktop to mobile with BYOD, and the data protection envelope is extending beyond simple backup and recovery solutions to include continuous data availability, security, and compliance.
During this webinar to learn how Syncplicity’s enterprise file sync and share solution helps extend the data protection envelope across your enterprise.
2014 was a year pack with hacker attacks on payment card infrastructures but we’re not out of the woods yet. Dell’s threat research team have regularly observed new active pieces of advanced Point-of-Sales (POS) malware in 2015. Why so many retailers still soft targets? For cyber criminals, retail is where the money is. The possibility of spiriting away and selling thousands or millions of credit card details and chunks of consumer information is powerful incentive.
With companies adopting SaaS applications more rapidly than ever before, the risk of cloud data loss has also risen. As many as 40% of companies that use cloud based applications have reported data loss since 2013, according to reports from the Aberdeen group and Symantec – but until cloud data disasters hit home, businesses tend not to prioritize cloud data backup.
In this BrightTALK-exclusive webinar, you’ll learn about the biggest cloud data losses of the year, and how to make sure they don’t happen in your organization.
Are you still running Windows Server 2003? In July 2015, Microsoft will end support for Windows Server 2003, leaving more than 12 Million machines publically vulnerable. If your organization must remain on the Windows Server 2003 platform after support ends, an advanced solution needs to be employed to protect the unpatchable.
Join Palo Alto Networks to learn how organizations can employ an effective compensating control to protect against software vulnerabilities after Windows Server 2003 end of support.
With the increased regulation and scrutiny of the past decade, it is important for organizations to implement best practices in order to maintain control and achieve compliance with evolving regulatory requirements.
Compliance teams of the brave new world are set up to discuss risks with the key business leaders, and have sufficient resources to ensure company compliance programs are implemented effectively. Their software applications for managing enterprise governance, risk management, and compliance (eGRC) continue to mature with impressive features and functions, and they are making notable strategic advances by linking these three business functions for more informed decision-making, to reduce risk exposure, lower audit costs, and demonstrate compliance.
To replicate similar success in your eGRC program, you will need to focus on selling GRC value, practicing good GRC project management, and embedding GRC into corporate culture. Join this educational panel webinar as our experts delve deeper into this, and identify the best practices for implementing an eGRC program in 2015.
Data center security is being reshaped by virtualisation, consolidation, and promising new technologies such as Software Defined Networking (SDN).
The adoption of the SDDC brings new challenges such as inspecting East-West traffic without the need to compromise on all the benefits of today's physical appliances.
After reviewing the diverging data protection legislation in the EU member states, the European Commission (EC) decided that this situation would impede the free flow of data within the EU zone. The EC response was to undertake an effort to "harmonize" the data protection regulations and it started the process by proposing a new data protection framework. This proposal includes some significant changes like defining a data breach to include data destruction, adding the right to be forgotten, adopting the U.S. practice of breach notifications, and many other new elements. Another major change is a shift from a directive to a rule, which means the protections are the same for all 27 countries and includes significant financial penalties for infractions. This tutorial explores the new EU data protection legislation and highlights the elements that could have significant impacts on data handling practices.
-This tutorial will highlight the major changes to the previous data protection directive
-Participants will understand the differences between these key terms
-Participants will learn the nature of the Reforms as well as the specific proposed change
Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.
Attendees will learn:
- SIEM architecture changes for visibility
- Increasing complexity of data analytics to explore
- SIEM taxonomy and trade-offs between generations
- Analyst recommendations & best practices
- Why resources are key to SIEM success
Server virtualization is a mature technology. More than 70% of all x86 architecture workloads are running in VMs on top of hypervisors. With the increase in virtualization of mission critical workloads plus clustering and high availability, it’s more challenging than ever to get the visibility and dynamic rule settings for North-South and East-West traffic. In this session, no future hype, learn what is happened today with FortiGate-VMX use cases to secure all of your hypervisors and provide a real-world agility traffic testing using Ixia Breakingpoint for the proof.
Information technology brings many benefits to a business, but it also brings risks. Knowing how to assess and manage those cyber risks is essential for success, a powerful hedge against many of the threats that your business faces, whether you are an established firm or pioneering startup. ESET security researcher Stephen Cobb explains how cyber risk assessment and management can work for you.
Are you giving the adversary unintended access through vulnerabilities in your system?
By only having one method of finding vulnerabilities or one way of mitigating them, the chances of the adversary getting through are increasingly high. This webinar will walk you through the current threat landscape, how vulnerabilities can be found, and how to mitigate control.
In this webinar you'll learn:
- What types of assessments work at which points in the software development lifecycle.
- What is the most popular way to deploy a WAF and why that's not a good idea as a single method of defense.
- Why finding and fixing your vulnerability isn't actually good enough.
The importance of protecting sensitive data is gaining visibility at the C-level and the Boardroom. It’s a difficult task, made even more so by the shortage of security experts. One option that more and more companies are pursuing is the use of managed security services. This can enable them to employ sophisticated technologies and processes to detect security incidents in a cost-effective manner. Should managed security be a component of your security mix?
In this webinar, Ed Ferrara of Forrester and Mark Stevens of Digital Guardian will discuss:
When does it make sense to utilize managed security services
How to the scope the services your company contracts out
Questions to ask when evaluating managed security services providers
The key criteria for selecting managed security providers
Considering the cloud, but want to know more about what your peers think about how secure it really is? Register for this webinar as we dive into some of the statistics from the Alert Logic Sponsored-Cloud Security Spotlight, a summary report built from the results of a survey in the Information Security LinkedIn community. Founder of the LinkedIn Group, Holger Schulze will join Alert Logic staff to dive into the outcomes of the survey, including:
•The hottest trends in cloud security according to the respondents,
•What people really think of the security of the cloud,
•The risks of, and solutions for, cloud security.
With the sophistication and highly targeted nature of attacks against governments, the adversary can use numerous approaches and actions to get in and move across the network. Palo Alto Networks Threat Intelligence—from the cloud or an on-premises government-run platform—constantly gathers intelligence on evasive applications and converts the intelligence back into all platform devices. This ensures that organizations maintain control of evasive applications to ensure authorized activity traverses the networks while unauthorized activity fails to route.
Join this webinar to Learn:
- How Government Agencies can develop and manage their own threat intelligence cloud on a closed, dedicated Palo Alto Networks WF-500 threat intelligence platform.
- How to create effective threat intelligence private clouds for a singular agency or for a group of Agencies, Ministries or Departments who wish to share their threat intelligence.
- How the threat intelligence cloud (public or private) analyzes and correlates intelligence from all platform security functions—URL Filtering, mobile security, IPS/threat prevention and the virtual execution engine or sandbox, WildFire™— and validated community input.
- How WildFire immediately discovers previously unknown malware and communicates the results to the platform to automatically generate signatures.
- How all threat intelligence is distributed to the network and endpoints to ensure they are protected.
- How this is all done automatically, reducing operational burden and shortening an organization’s response time.
- How this innovative architecture can be operated at a fraction of the cost it takes to deploy and manage an equivalent set of point products – APT, IDS/IPS, URL filtering and more – all correlating insights automatically in real-time for greatest network protection.