The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Are you still running Windows Server 2003? In July 2015, Microsoft will end support for Windows Server 2003, leaving more than 12 Million machines publically vulnerable. If your organization must remain on the Windows Server 2003 platform after support ends, an advanced solution needs to be employed to protect the unpatchable.
Join Palo Alto Networks to learn how organizations can employ an effective compensating control to protect against software vulnerabilities after Windows Server 2003 end of support.
With the increased regulation and scrutiny of the past decade, it is important for organizations to implement best practices in order to maintain control and achieve compliance with evolving regulatory requirements.
Compliance teams of the brave new world are set up to discuss risks with the key business leaders, and have sufficient resources to ensure company compliance programs are implemented effectively. Their software applications for managing enterprise governance, risk management, and compliance (eGRC) continue to mature with impressive features and functions, and they are making notable strategic advances by linking these three business functions for more informed decision-making, to reduce risk exposure, lower audit costs, and demonstrate compliance.
To replicate similar success in your eGRC program, you will need to focus on selling GRC value, practicing good GRC project management, and embedding GRC into corporate culture. Join this educational panel webinar as our experts delve deeper into this, and identify the best practices for implementing an eGRC program in 2015.
With companies adopting SaaS applications more rapidly than ever before, the risk of cloud data loss has also risen. As many as 40% of companies that use cloud based applications have reported data loss since 2013, according to reports from the Aberdeen group and Symantec – but until cloud data disasters hit home, businesses tend not to prioritize cloud data backup.
In this BrightTALK-exclusive webinar, you’ll learn about the biggest cloud data losses of the year, and how to make sure they don’t happen in your organization.
2014 was a year pack with hacker attacks on payment card infrastructures but we’re not out of the woods yet. Dell’s threat research team have regularly observed new active pieces of advanced Point-of-Sales (POS) malware in 2015. Why so many retailers still soft targets? For cyber criminals, retail is where the money is. The possibility of spiriting away and selling thousands or millions of credit card details and chunks of consumer information is powerful incentive.
Successful Information Governance enables organizations to take control of their information, ensure compliance, reduce costs, and ultimately achieve greater profitability. Watch the webinar on demand, Real Customer Successes: Business Transformation through Information Governance, to hear expert insights on how real-world customers have successfully leveraged Information Governance programs.
Barclay Blair of the Information Governance Initiative and OpenText's Stephen Ludlow discuss how customers have successfully implemented Information Governance programs that streamline processes, increase productivity, and reduce costs to transform their businesses. You’ll learn:
•How leading organizations have been able to amplify the value in their information
•How to measure the success of an Information Governance implementation
•What drivers lead customers to implement an Information Governance program
This short video shows how distributed cryptography technology from CertiVox provides strong authentication and a simple user experience without compromising security. M-Pin eliminates the password database and therefore, risk of breach. It offers low cost of ownership and helps satisfy security compliance and policy requirements. M-Pin provides federated authentication to SAML and RADIUS enabled applications to help you take back control of unsanctioned shadow IT deployments.
If you’re not engaging your customers, you could be losing them. Last year alone, 66 percent of global customers switched service providers due to poor customer experience—up 4 percent from the previous year, according to Accenture. They estimate that this “switching economy” puts $5.9 trillion up for grabs globally every year. That’s a large sum to leave up to chance!
Register for the virtual roundtable, Expert Speed Round: 7 CEM Trends in 40 Minutes, to hear experts discuss Walters’s observations and answer pressing questions around how to succeed in Customer Experience Management.
Marci Maddox, OpenText
Kim Celestre, Forrester
Scott Marshall, Amerisource Bergen
Roopesh Nair, Sapient Nitro
Leo Mindel, Sotic Digital Sports Agency
ISO 31000 was published as a standard on the 13th of November 2009, and provides a standard on the implementation of risk management. A revised and harmonised ISO/IEC Guide 73 was published at the same time. The purpose of ISO 31000:2009 is to be applicable and adaptable for "any public, private or community enterprise, association, group or individual." Accordingly, the general scope of ISO 31000 - as a family of risk management standards - is not developed for a particular industry group, management system or subject matter field in mind, rather to provide best practice structure and guidance to all operations concerned with risk management.
If there is one thing that can be said about the threat landscape, and cybersecurity as a whole, it is that the only constant is change. This can clearly be seen in 2014: a year with far-reaching vulnerabilities, faster attacks, files held for ransom, and far more malicious code than in previous years.
Join us on 26th May, at 10:00 - 10:45 to understand the growing threat landscape and how this affects your business.
On this webcast we will cover;
•The main security challenges and trends in 2014
•Highlight how threats operate to allow you to better informed
•Key takeaways for executive / functional leaders
According to Aberdeen, 50% of businesses say managing consistent customer experiences continues to be a top challenge. Today’s buyers demand higher levels of personalization with each interaction they have with a company. Customer Communications Management (CCM) can help personalize communications by capturing customer requirements on-the-go.
Watch the webinar on demand, Reshape Customer Conversations through Real-time Customer Information, to learn about:
- Business value of managing consistent and timely customer interactions
- Best practices to ensure consistency of customer messages across your business
- The growing role of content in delivering personalized customer experiences
To keep up with soaring volumes of information, A strong Information Governance program is no longer a nice-to-have: It’s a must have. View Part 1 in the information governance webinar series, 5 Top Trends in Information Governance, to hear expert insights into the current state of information management, including investment priorities, technology adoption trends, and the top challenges facing enterprise decision-makers. Join guest speaker Forrester analyst Cheryl McKinnon and Liz Kofsky from OpenText as they discuss the findings from Forrester’s latest recent research in records management, information governance, enterprise content management (ECM) and archiving trends.
•The latest trends in information management
•How to overcome the top information governances challenges facing organizations
•Where to start your information governance program and how to get to successful information management
In this high stakes world of cyber security, no vertical has more at risk data than federal agencies. Business hacks can certainly be devastating to the bottom line, but an attack on federal data can be a matter of national security. Fortinet continues to grow its reach by not only securing networks but using its valuable threat intelligence to stop cyber attacks in their tracks. Fortinet recently announced a partnership with the Department of Homeland Security which helps the company improve access to the latest cyber threat intelligence and helps strengthen customers worldwide from increasingly sophisticated and potentially damaging threats. Digital Strategist, Jonas Tichenor has more from Washington D.C.
As software applications are increasingly distributed through cloud and mobile platforms, the risk of vulnerabilities rises. Application managers need ways to control their disparate applications and to build security into the development process.
We are giving you the keys to run your own Ultimate Test Drive (UTD) events.
Have an engineer who holds a current CNSE certification with Palo Alto Networks? Your company is now eligible to run a UTD event whenever and wherever you want. Just schedule the class, invite users, and get driving!
Not familiar with the Ultimate Test Drive? A UTD is a half-day workshop, developed to move prospects to an evaluation by providing them with hands-on experience to help them overcome any fear of switching from a legacy firewall. Palo Alto Networks has created scenarios with step-by-step instructions for this workshop, based on some of the most common problems that prospects need solved, but can’t do with any legacy firewall.
Join this 60 minute webinar to learn how to schedule, coordinate, instruct and follow up on the Ultimate Test Drive Program.
Software developers often struggle with two competing priorities: delivering code within aggressive timelines and incorporating security into the development lifecycle. This webinar helps developers learn how to code securely without killing productivity. Join Adrian Lane, CTO & Analyst at Securosis, and Maria Loughlin, VP of Engineering at Veracode, as they discuss practical steps developers can take to start incorporating security into day-to-day planning, processes and culture. You will learn how to leverage best practices from both the Agile methodology and DevOps in order to automate security and integrate it into the SDLC.
This webinar will describe the challenges faced by cloud and web service providers when attempting to monitor, manage, and troubleshoot across large data centers and networks, whether fully owned or hosted. It will describe the benefits of using a unified visibility plane as the solution to address these challenges, in a cost-effective and streamlined manner, whether it is for security, performance, and/or troubleshooting purposes.
With the rapidly accelerating nature of attacks on network infrastructure and software systems approaches such as static block lists, manual policy configurations and other current prevention techniques have become outdated. Through the use of distributed computing, contextualization and machine learning it is possible to build tools that analyze data across multiple threat vectors allowing for the development of predictive algorithms and a greater understanding of an organizations threat landscape. We will walk through common machine learning techniques, discuss contextualization, how predictive logic works and see a demonstration of contextualized threat intelligence.
This webinar will go through 10 proven ways to assure your business can be resilient to any sort of downtime event including disaster recovery as a service, instant recovery, recovery assurance, archiving, and other best practices.
Electronic Healthcare Records (EHRs) and the information they contain have become the top target of cybercriminals around the world. Several high profile healthcare-related data breaches have made the headlines in recent months and more are sure to come. What is it about the information contained in EHRs that is so enticing and how can it be better secured? Join (ISC)2 and Sophos on May 21, 2015 at 1:00PM Eastern for a discussion of the security of healthcare data and approaches on how to better protect this type of information.
Data center security is being reshaped by virtualisation, consolidation, and promising new technologies such as Software Defined Networking (SDN).
The adoption of the SDDC brings new challenges such as inspecting East-West traffic without the need to compromise on all the benefits of today's physical appliances.
After reviewing the diverging data protection legislation in the EU member states, the European Commission (EC) decided that this situation would impede the free flow of data within the EU zone. The EC response was to undertake an effort to "harmonize" the data protection regulations and it started the process by proposing a new data protection framework. This proposal includes some significant changes like defining a data breach to include data destruction, adding the right to be forgotten, adopting the U.S. practice of breach notifications, and many other new elements. Another major change is a shift from a directive to a rule, which means the protections are the same for all 27 countries and includes significant financial penalties for infractions. This tutorial explores the new EU data protection legislation and highlights the elements that could have significant impacts on data handling practices.
-This tutorial will highlight the major changes to the previous data protection directive
-Participants will understand the differences between these key terms
-Participants will learn the nature of the Reforms as well as the specific proposed change
Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.
Attendees will learn:
- SIEM architecture changes for visibility
- Increasing complexity of data analytics to explore
- SIEM taxonomy and trade-offs between generations
- Analyst recommendations & best practices
- Why resources are key to SIEM success
Server virtualization is a mature technology. More than 70% of all x86 architecture workloads are running in VMs on top of hypervisors. With the increase in virtualization of mission critical workloads plus clustering and high availability, it’s more challenging than ever to get the visibility and dynamic rule settings for North-South and East-West traffic. In this session, no future hype, learn what is happened today with FortiGate-VMX use cases to secure all of your hypervisors and provide a real-world agility traffic testing using Ixia Breakingpoint for the proof.
Information technology brings many benefits to a business, but it also brings risks. Knowing how to assess and manage those cyber risks is essential for success, a powerful hedge against many of the threats that your business faces, whether you are an established firm or pioneering startup. ESET security researcher Stephen Cobb explains how cyber risk assessment and management can work for you.
The importance of protecting sensitive data is gaining visibility at the C-level and the Boardroom. It’s a difficult task, made even more so by the shortage of security experts. One option that more and more companies are pursuing is the use of managed security services. This can enable them to employ sophisticated technologies and processes to detect security incidents in a cost-effective manner. Should managed security be a component of your security mix?
In this webinar, Ed Ferrara of Forrester and Mark Stevens of Digital Guardian will discuss:
When does it make sense to utilize managed security services
How to the scope the services your company contracts out
Questions to ask when evaluating managed security services providers
The key criteria for selecting managed security providers
Considering the cloud, but want to know more about what your peers think about how secure it really is? Register for this webinar as we dive into some of the statistics from the Alert Logic Sponsored-Cloud Security Spotlight, a summary report built from the results of a survey in the Information Security LinkedIn community. Founder of the LinkedIn Group, Holger Schulze will join Alert Logic staff to dive into the outcomes of the survey, including:
•The hottest trends in cloud security according to the respondents,
•What people really think of the security of the cloud,
•The risks of, and solutions for, cloud security.
Are you giving the adversary unintended access through vulnerabilities in your system?
By only having one method of finding vulnerabilities or one way of mitigating them, the chances of the adversary getting through are increasingly high. This webinar will walk you through the current threat landscape, how vulnerabilities can be found, and how to mitigate control.
In this webinar you'll learn:
- What types of assessments work at which points in the software development lifecycle.
- What is the most popular way to deploy a WAF and why that's not a good idea as a single method of defense.
- Why finding and fixing your vulnerability isn't actually good enough.
With the sophistication and highly targeted nature of attacks against governments, the adversary can use numerous approaches and actions to get in and move across the network. Palo Alto Networks Threat Intelligence—from the cloud or an on-premises government-run platform—constantly gathers intelligence on evasive applications and converts the intelligence back into all platform devices. This ensures that organizations maintain control of evasive applications to ensure authorized activity traverses the networks while unauthorized activity fails to route.
Join this webinar to Learn:
- How Government Agencies can develop and manage their own threat intelligence cloud on a closed, dedicated Palo Alto Networks WF-500 threat intelligence platform.
- How to create effective threat intelligence private clouds for a singular agency or for a group of Agencies, Ministries or Departments who wish to share their threat intelligence.
- How the threat intelligence cloud (public or private) analyzes and correlates intelligence from all platform security functions—URL Filtering, mobile security, IPS/threat prevention and the virtual execution engine or sandbox, WildFire™— and validated community input.
- How WildFire immediately discovers previously unknown malware and communicates the results to the platform to automatically generate signatures.
- How all threat intelligence is distributed to the network and endpoints to ensure they are protected.
- How this is all done automatically, reducing operational burden and shortening an organization’s response time.
- How this innovative architecture can be operated at a fraction of the cost it takes to deploy and manage an equivalent set of point products – APT, IDS/IPS, URL filtering and more – all correlating insights automatically in real-time for greatest network protection.
Willbros, a leading infrastructure contractor serving the oil and gas industry, leverages Amazon Web Services (AWS) and Trend Micro Deep Security to quickly design and deploy agile, secure cloud solutions to protect their vital data. Moving to AWS allows organizations to leave their infrastructure behind and start fresh – architecting for flexibility and scalability. However, bottlenecks are created when traditional on-premises security approaches and tools are used. Learn how Willbros unleashed innovation in the energy industry by taking a greenfield approach to security in AWS. Attend this practical webinar by AWS, Trend Micro and Willbros to learn how you can design a flexible, agile architecture that meets compliance requirements and protects your most valuable asset – your data. Jason Cradit from Willbros will share their experience on how they achieved building robust and secure pipeline management systems in the cloud.
In this webinar you’ll learn how to:
- Architect a secure application using a combination of AWS services, Trend Micro services, and configurations
- Understand how host-based protection improves application security, as well as agility and flexibility
- How to protect workloads from attack, without hampering performance
According to Gartner, “through 2019, more than 50% of data migration projects will exceed budget and/or result in some form of business disruption due to flawed execution."(1) Furthermore, 1 in 6 large IT projects go over budget by 200%, according to a Harvard Business Review article. It is widely recognized that application migration and consolidation projects are “risky business” – high-ticket items for the corporation, with a scary chance of failing. If you are undertaking any IT modernization or rationalization project, such as consolidating applications or migrating applications to the cloud or ‘on-prem’ application, such as SAP, this webinar is a must-see.
The webinar is going to shine the light on the critical role that data plays in the success or failure of these projects. Application data consolidation and migration is typically 30% to 40% of the application go-live effort. There is a multitude of data issues that can plague a project like this and lead to its doom, and these are not always recognized and understood early on, which is the biggest problem.
In this webinar, Philip Russom of TDWI will walk us through the potential data pitfalls a corporation should consider when undertaking an application consolidation or migration project. Philip will share best practices for managing data in order to minimize risks and ensure on-time and on-budget delivery of these projects. Rob will discuss Informatica’s unique methodology and solution to support these best practices. Rob will also share real-life examples on how Informatica is helping customers reduce risks and complete application consolidation and migration projects on budget and on schedule.
1) Gartner report titled "Best Practices Mitigate Data Migration Risks and Challenges" published on December 9, 2014
From Heartbleed and Shellshock to the Target breach and the Sony hack, cyberattacks are daily news, and yet security and compliance are often not considered as a fundamental requirement when adopting cloud computing strategies.
Cyber crime is continuously evolving as criminals identify new ways of making money from the digital revolution. However, there is no such thing as a new crime. The techniques that we see criminals use and abuse today have their antecedents in the recent past as well as antiquity. By examining the evolution of how information has been recognised as valuable, and how techniques have evolved to protect information we can better understand how techniques will need to continue to evolve to protect against the latest criminal attacks.
The widespread adoption of cloud infrastructure exposes organisations to new threats but presents new opportunities for attackers. Indeed, criminals have enthusiastically embraced the cloud as a platform for their own activities and developed "crime-as-a-service".
Join Martin Lee, Intelligence Manager at Alert Logic for this live webinar which will discuss:
- Trends in UK Cyber Crime - how cyber crime has evolved and continues to evolve
- Typical motivations behind an attack, and what hackers do with the data they steal
- How to integrate security & threat intelligence capabilities into your cloud
Ever wish you could get inside your QSA’s head before your next PCI audit?
Join QSA Adam Gaydosh of Anitian, and Nimmy Reichenberg, VP of Strategy at AlgoSec to get the inside scoop on what QSAs are looking for when they audit you. Aimed at security and networking professionals, this webinar will provide insider tips and tricks to help you prepare for and pass your audit – wherever your credit card data is stored – and remain continuously compliant even if you’re breached.
Don’t miss the chance to hear about the pitfalls your colleagues have already faced, and how to make the audit experience less stressful, including:
- Less is more: demystifying the scope of a PCI audit
- What’s in and what’s out: Segmenting your network for compliance
- Best practices for configuring your security infrastructure
- PCI in the public cloud – it’s not an oxymoron
Rapidly deploy and dynamically manage secure networks at geographically distributed stores, branch locations, and on the road with Cradlepoint’s Enterprise Cloud Manager. This innovative cloud platform is the next generation management and application platform that helps you improve productivity, increase security and network reliability, and reduce costs; all while enhancing the intelligence of your network and business operations.
The webinar is a cloud presentation and live product demonstration.
Attendees will learn how to:
•Set up and configure groups of devices for “zero-touch” installation and continuous remote management.
•Troubleshoot their network, limit truck rolls, and reduce downtime
•Perform remote diagnostics – status reports, error logs, and alerts
•Easily upgrade firmware on multiple routers at once
•Use next generation Out-of-Band Management through the cloud
•Implement best-in-breed security applications from the cloud
Disruptive forces are accelerating a change in workplace technology, leaving organizational data at risk. In the past, IT was able to create a ‘walled garden’ with clearly set protocols for how data came in and out of the organization. This is no longer the case.
As a response, Workshare recently hosted a series of roundtables and polls, where we asked CIOs and senior IT professionals how trends in the workplace are affecting their IT strategy.
Join us as we discuss how these trends are influencing IT strategies today, as well as the best practice for reducing risk.
Today’s corporate worker is a mobile worker and requires anywhere access to enterprise services and applications. The evolution of mobile devices in the workplace has gone from a laptop and BlackBerry per user to a mix of three to five devices per user including laptops, smartphones and tablets that may be owned by the worker or enterprise.
Join David Goldschlag, SVP of Strategy for Pulse Secure, as he discusses how enterprises can cope with this explosion of mobile devices using the three C’s of enterprise mobility – Connectivity, Compliance and Containers. In this webinar you will learn:
1. How to use your PC security know-how to manage devices, provide VPN connectivity, and network access control
2. How you can leverage existing compliance enforcement for BYOD and corporate-owned mobile devices
3. How you can evaluate security containers to best meet your mobile application needs
The cyber market is an ever-changing industry. So how are insurance carriers currently assessing the risks their insured face? And how are they mitigating those risks?
In this webinar, Ira Scharf, our GM of Insurance, teams up with Advisen Insurance Intelligence to discuss how cyber exposures have grown and changed over the last 20 years, and how the insurance product has evolved to keep pace.
Watch this on-demand webinar to:
learn exactly how the underwriting process has developed over the years,
hear experts discuss the current trends in the industry, and
find out the latest tools carriers are adopting to better assess corporation’s cyber preparedness.