IT Security

Community information
The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
  • Today’s cyber defenses generate a torrent of security alerts. Some of them can be useful, even essential. Many are not. And telling the difference isn’t always easy.

    When assessing security products, organizations often equate a large volume of alerts with more thorough threat detection. But as anyone who’s been roused awake by a car alarm at 3 a.m. knows, it’s the quality of these alerts—not the quantity—that really matters.

    This webinar will examine the four biggest problems with reactive, alarm-based defenses in conventional security deployments.

    Join us to:

    -Learn how to alleviate alert fatigue
    -Detect true threats, provide quality alerts and enhace them with ample context and insight so security teams can act on them
    -Sort out the alerts you must respond to from those you should respond so
    -Discover how to recognize multiple separate alerts that might be part of a multi-pronged attack on your network
  • Join cloud security expert Tricia Pattee on August 27 for a quick, cut-to-the-chase analysis on where to get the most bang for your security buck. The interactive, hour-long discussion will include:

    -The five most common security mistakes
    -Top six areas of security spend
    -How to maximize budget – and minimize risk
    -Hidden cloud security costs

    The presentation will include a Q & A to answer your specific questions about security budgeting and cost management.

    Register today.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency
  • Cloud Access Security Brokers (CASBs) are one of the hottest new security technologies on the market. Recommended by Gartner, they provide visibility and control in a new IT world now based in public cloud applications and corporate data being accessed by employee BYOD devices.
  • It’s happened. The nightmare that has haunted your sleep is now reality: your company has been breached.

    There will be plenty of time to look back. Now is the time for action. Your response in the trying days ahead will make all of the difference in restoring customer trust and minimizing backlash—both external and internal. Timely communication is the lynchpin.

    This webinar provides practical, actionable best practices to securely integrate email into your breach response communication plan, keeping the phishers and criminals at bay while ensuring that timely information reaches your customers. So you can be the hero, not the scapegoat.
  • Non-targeted, opportunistic, targeted, and insider are 4 threat types, or groupings, that have been understood by the security community at large for years. These groupings of threats are largely based on motivation, prevention, detectability, cost, and impact to those affected. On the defensive side, the concept of defense in depth where you secure the outer perimeter to prevent threats, monitor the interior perimeter for anomalous behavior, and apply tight restrictions to the most sensitive data and system has also been a proven approach to minimizing the impact of threats.

    Join Wade Woolwine and Mike Scutt from Rapid7’s threat detection and incident response team to discuss how making threat groupings, the attack lifecycle, and defense in depth part of your overall security program planning can help you apply your resources in a way to maximize prevention, detection, and response for a more effective ROI.
  • As the threat landscape continues to evolve and expand, how best can your security solution adapt to the changes? To keep up with the pace, IT security needs quick and accurate information in order to identify and remediate these incidents. The new updates for Trend Micro OfficeScan and Trend Micro Control Manager offers you just that. A better security with products working together to provide customized defense to help you rapidly adapt and respond to this ever evolving threats.
    Join this webinar to learn:
    1.Trend Micro’s new technology to protect against Ransomware
    2.What’s new with the release of OfficeScan 11 SP1 and Control Manager 6.0 SP3
    3.How does our “Connected Threat Defense” fits in your company security
  • Join Taylor Ettema, Global Product Manager and Sean McMahon, Senior Systems Engineer for this impactful webinar.

    This webinar will cover how to:

    Simply deploy Threat Prevention, URL Filtering, WildFire and a next-generation firewall policy from your Palo Alto Networks enterprise security platform.

    Get up and running quickly with real-world policy recommendations, including integrated logging and reporting of all key threat events.

    Turn on automated discovery and protection for unknown, zero-day malware and exploits with WildFire.
  • Today’s advanced persistent threats (APTs) evade traditional security controls with techniques such as SSL encryption and require an integrated, simple and automated approach that can detect and defend at each stage of an attack. View this online demonstration of how the Palo Alto Networks enterprise security platform protects organizations from known threats, zero-day exploits, unknown malware, and the complete spectrum of APTs.
  • Omnichannel shopping and the Internet of Things are creating device proliferation and expanding the diversity of customer demands. Is your network ready?

    The converging wired and wireless worlds, along with best-in-breed cloud management applications, are offering ultimate network flexibility allowing for greater security, ease-of-management, and cost savings at the Edge.

    Join our webinar to discuss a direction for future-proofing your network platform with speaker and thought leader Ken Silay.

    Attendees will learn:
    •Trends and challenges in today’s network landscape
    •What are the elements of a future-proof network
    •What issues you need to consider to future-proof enterprise networks
    •How WAN Diversity is enabling IT productivity

    Who Should Attend?
    •Network Administrators/Engineers/Architects
    •IT Directors/Vice Presidents

    About Ken:
    Ken has held technology leadership positions throughout his career across multiple industries including retail, healthcare, consumer goods, medical devices and the United States military. He is as effective designing and implementing a strategy for corporate innovation as he is streamlining business process that yield hundreds of thousands of dollars in business and technology improvements. As problem solver and recognized thought leader, he is skilled at fusing analytic and creative thinking to deliver innovative solutions.

    Ken was selected as a 2015 Top Innovator by Retail Touch Points and Chairperson for the 2015 RIS News Technology Conference. Combining his technical education with solid people and business management experience he has forged effective partnerships to deliver large-scale projects and technical process improvements. He believes in leadership by example and is a trusted mentor. Ken is a change agent who would rather be the catalyst for change than the victim of it.
  • When did we forget that old saying, “prevention is the best medicine”, when it comes to cybersecurity? The current focus on mitigating real-time attacks and creating stronger defensive networks has overshadowed the many ways to prevent attacks right at the source – where security management has the biggest impact. Source code is where it all begins and where attack mitigation is the most effective.

    In this webinar we’ll discuss methods of proactive threat assessment and mitigation that organizations use to advance cybersecurity goals today. From using static analysis to detect vulnerabilities as early as possible, to managing supply chain security through standards compliance, to scanning for and understanding potential risks in open source, these methods shift attack mitigation efforts left to simplify fixes and enable more cost-effective solutions.
  • Patching systems and applications is a huge challenge, and doing it manually is not an option.
    In this session Microsoft MVP Raphael Perez will look at the basics of SCCM Automation with PowerShell. You'll learn when automation should be used, get tips on making the most of WMI, SCCM PowerShell cmdlets and some of the techniques he uses when creating automation scripts.

    Live attendees of this session will automatically participate in a draw of three editions of Raphael’s latest publication: System Center 2012 R2 Configuration Manager: Automation from Zero to Hero

    About Raphael Perez: Raphael is one of the only three ‘Enterprise Client Management MVPs‘ based in UK, specialising in System Center Configuration Manager (SCCM) and with over a decade of front-line enterprise experience of working with Microsoft technology and Management solutions. Raphael has worked on a number of different enterprise SCCM, OS Deployment and Patch Management projects over the years.
  • You already know the power of application segmentation to deliver data center and cloud security—now you can take segmentation to the next level. Nano-segmentation is finally a reality.

    In 15 minutes, we’ll show you how nano-segmentation delivers the most granular, adaptive security across your data centers and public clouds.
    Register to find out how to:

    - Reduce your data center and cloud attack surface by 99%
    - Quarantine compromised servers in seconds
    - Achieve compliance in hours
  • The consumerization of IT, bring your own device (BYOD), and software-as-a-service (SaaS) provide organizations with impressive productivity gains, but bring with them the challenge of secure management. Grady Boggs, Principal Security Specialist, illustrates the Microsoft comprehensive cloud solution, the Enterprise Mobility Suite (EMS), and details how users can stay productive while keeping corporate information safe and secure.
  • Our dependencies are clear. Organisations have become virtual, and all of this progress relies on systems and infrastructure that no one organisation maintains, and there is no turning back. Significant time and resources are being dedicated to coping with mistakes and oversights, while remediation time following system or data compromise is steadily getting longer.
    Industry has been cornered into a reactionary position addressing incidents as they occur.

    Such concerns are set to dominate discussions at the 2nd Annual (ISC)² Security Congress EMEA, October 20-21 in Munich, Germany.

    Join (ISC)², Infosecurity Magazine and two of the several top notch (ISC)² Security Congress EMEA speakers to examine our progress, how to challenge our reactionary position, and what is required to look forward to the future.

    Moderator: Michael Hine, Deputy Editor, Infosecurity Magazine
    Panellists: Adrian Davis, Managing Director, (ISC)² EMEA; Yiannis Pavlosoglou, Director of IT Risk, UBS; Georg Freundorfer, Director Security EMEA, Oracle

    (ISC)² is giving away 3 delegate passes for the 2015 (ISC)² Security Congress EMEA, to delegates who view the webinar for a minimum of 50 minutes. Winners will be announced live at the end of the webinar and subsequently emailed with information on how to redeem their prizes. The free pass is valid for all sessions including pre-conference workshops and networking opportunities. For further details on the prize draw and full T&C’s, please copy and paste the following link to your browser:
  • The Nordic region is known for its natural resources, innovations in renewable energy and healthcare, proximity to the Arctic, and emphasis on transparency in government. However, these unique attributes make the region a prime target for cyber threat groups looking to capitalize on Nordic countries’ robust economies and distinct geopolitical concerns. FireEye Threat Intelligence assesses that threat actors aggressively target strategic industries and government and military organizations in search of valuable economic, political, or military intelligence.

    In this webinar we will be drawing on the findings from our recent report, Cyber Threats to the Nordic Region.

    Register now to learn about:

    •Some of the specific threat activity we have observed against Denmark, Finland, Iceland, Norway, and Sweden
    •Attacks on Critical Infrastructure in the Nordics
    •The motivations and drivers of future threat activity in the Nordics
    •How to respond to advanced attacks
  • Traditionally, most organizations have used email for sending files to colleagues or clients. However, as files increase in size and email attachment limits are an issue, employees are forced to either use old-fashioned FTP or circumvent company regulations by turning to insecure consumer-grade applications. 72% of the people we surveyed do! Let us tell you about a better way.

    Join us to learn 4 key best practices:
    1) Don’t mess with what users know – continue to use Microsoft Outlook to drive file transfers (just don’t leave it to Outlook to deliver them)
    2) Don’t leave it to users to decide when something is too big or too sensitive to send by email
    3) Do make the experience better and faster for users (as opposed to more complicated and slower)
    4) Have a policy (and protection) that covers email-based sharing even when mobile

    With Workshare, employees can email links to files, eliminating the need for attachments, while continuing to us the familiar Outlook to do it. Policy-enforcement means companies can secure, track, and expire file access and activity beyond the corporate firewall.

    Workshare also uses its customizable policy engine to ensure that the content that is shared is secured and removed of any sensitive information before it is shared.
    Intelligently scan and secure documents too large or too important to send by email. IT can set policies to determine when a file is too large to send, or critically when to block or clean a file if it contains sensitive hidden data that would expose the company to risk.
  • In this webcast, you’ll gain insights into the state of insider threats and security solutions to detect and prevent them. We’ll review the results of a comprehensive crowd-based survey on insider threats in cooperation with the 260,000+ members of the Security Community on LinkedIn. We’ll also discuss the critical importance of protecting Active Directory and its resources from insider threats and provide best practices toward that goal.

    Holger Schulze, founder of the Information Security Community on LinkedIn, will review 5 key trends for insider threats, as well as the results of the 21-question survey of your IT security, compliance and admin peers, covering four main themes:

    1. Insider threats and vulnerabilities
    2. Threat detection
    3. Security tools and processes
    4. Recovery and remediation

    Then, Alvaro Vitta, principal security consultant, Dell Software, will provide his take on best practices for securing Active Directory and the resources it grants access to, as well as a brief overview of Dell solutions for governance, risk and compliance (GRC).
  • Knowing what IT assets you have and how to protect them is increasingly a challenge as globalization, virtualization and mobile assets create new endpoints and new opportunities for hackers to infiltrate. Now you can move beyond traditional scanner-based approaches to strengthen endpoint security with a free solution from Qualys.

    Discover how the Qualys AssetView gives you a fast, actionable view of all IT assets while helping to:

    > Gain comprehensive, scalable and always up-to-date view of endpoints — with continuously updated inventory of asset details, scaling to millions of assets

    > Deliver fast, accurate and actionable data — with a new layer of intelligence into the current state of endpoints, including details about services, file systems and registries as well as information to manage and secure systems

    > Minimize impact on systems and networks — by keeping itself lightweight and up-to-date to eliminate the need to reboot

    > Handle virtualized environments with ease — by keeping track of the constant proliferation of images inside and outside of the environment
  • Hybrid IT is fast becoming the new normal across organizations in Asia-Pacific. With the increasing utilization of data centers and cloud services across the Asia Pacific region, companies have gradually updated or upgraded their existing IT systems, giving rise to the Hybrid IT environment. Besides helping enterprises to drive digital disruption, the latest Hybrid IT environment is also enhancing the customer experience and encouraging business model innovation. As a result, there is greater acceleration in the adoption of a multi-vendor multi-cloud environment or Hybrid IT.Together with the Cloud, Hybrid IT is enabling the accelerated adoption of new technologies such as Big Data, the Internet of Things and Connected Industries. 

    Mayank Kapoor, Industry Principal, ICT - Data Center and Cloud Computing, Frost & Sullivan, Asia Pacific discusses these and key insights on how these new technologies are driving industry transformation not just across the ICT industry but also the Manufacturing, Automotive and Healthcare industries.
  • Verschlüsselung ist langsam, kompliziert und schwer zu managen! Diese Vorurteile sind lange überholt. Verschlüsselung ist heute wichtiger Bestandteil einer umfassenden Sicherheitsstrategie.
    Armin Simon zeigt Ihnen in diesem Webinar, wie Sie als Security-Verantwortlicher Verschlüsselung in Ihrem Unternehmen auf ein solides Fundament stellen. Welche Ansätze haben sich bewährt und wie finden Sie die für Ihr Unternehmen passendste Lösung?
  • Any data breach is costly and disruptive, but for pharmaceutical businesses, medical device companies, and others in the life sciences field, the need to protect and manage sensitive data (PHI, PII, and IP) make these challenges even more complex. The real world costs of compromised data can be staggering, not just in fines, but in employment and business reputation loss as well.

    Join FDA IT compliance expert Angela Bazigos,Chief Compliance Officer of Morf Media, and Druva to learn how life sciences companies are managing their sensitive data in an environment of increasing risk and regulation. You’ll discover how to protect and manage this data to meet compliance regulations and significantly decrease the risk of data exposure, including that of highly-regulated HIPAA data.

    Register for this webinar to learn about the:
    * Increasing risk to PII, PHI, and IP data in an age of breaches and growing data dispersion
    * Changing regulatory landscape that adds greater complexity to corporate workflow
    * Best practices to monitor and respond to compliance and legal requirements for dispersed sensitive data, including mobile technologies and cloud services
    * Proactive approach to compliance to help your business avoid data risks and better address compliance and legal requirements

    Speaker Bios:
    Angela Bazigos, is the Chief Compliance Officer of Morf Media. She has 40 years of experience in Life Sciences spanning GLP, GCP, GMP, Medical Devices & 21 CFR 11 and has a patent aimed at speeding up Software Compliance.

    Ken Rosen, Co-Founder of PerformanceWorks
    Ron Weismann, CMO of PerformanceWorks
  • In this webinar, we will show with concrete examples why it is so important to implement correct user and data security controls to secure your cloud and virtual environments. You will see how easily controls can be bypassed and compromised, why software keys are simply not good enough, and how your personal life threatens your business and work life. This presentation will stress the importance of using data and user centric security models vs. conventional data security practices. Join (ISC)² and Gemalto-Safenet in this webinar to learn what we call: unsharing your data.
  • Organisations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals. However, once you have the right people in place, it is imperative to retain them and use their skills to embed positive-information security behaviours throughout the organisation.

    So in an era where cyber security is a C-suite business challenge, how can board colleagues work with security professionals and others within the enterprise to address these issues?

    Join Steve Durbin, Managing Director of ISF Ltd, for a 45 minute webcast, where he will discuss how organisations can develop and implement an information security awareness culture that will engage with employees at all levels.
  • How well is sensitive data understood and protected in organizations? Are you protecting what should be protected? In this session, you will hear the details of how and why sensitive data risk and protection should be the foundation of modern information security strategies and tactics. Given the eventuality of network breaches, organizations must do all they can to ensure that their data is understood and protected to reduce the magnitude and scope of data loss. We will reference a survey conducted by the Ponemon Institute and Informatica on what organizations know about their sensitive data, how data security controls are used, and the key issues and challenges of securing sensitive and private data. While security and privacy professionals have enumerable tools for information security, what they should target and protect is not clearly understood. Better data protection comes from understanding the risks of sensitive data and precisely applying controls to mitigate sensitive data loss.

    This data-centric approach to security provides numerous and immediate value for organizations to improve their data security and privacy profile, including:

    • Uncovering the unknowns of data risk as mobile, cloud & big data create exponential growth by identifying how sensitive data is growing and spreading across organizations and its associated risk
    • Targeting risks and data controls to focus security investments on the systems where sensitive data is created, shared and at risk
    • Improving security efficiencies, automating sensitive data risk analysis, and providing on-demand risk audit for regulatory compliance

    Please join us at this webinar to hear Adrian Lane, Security Analyst at Securosis, and Bill Burns, CISO at Informatica, discuss best practices and strategies for data-centric security. Josh Alpern, VP Business Development at Informatica, will also share his hands-on efforts in helping Informatica customers reduce sensitive data risk and improved breach resiliency.