The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Like many organizations you may be managing a multi-faceted infrastructure leveraging virtual, private and public cloud environments. Given the complexity of these dynamic environments, you can be faced with limited visibility across platforms, performance lag, difficulty proving compliance and gaps within your security strategy. In this session we will discuss a comprehensive security model specific for VMWare environments that includes: vSphere, Horizon, vCloud and NSX, and you will learn how to:
•Enable automated security across multiple environments
•Correlate IT and security incidents and respond accordingly
•Ease security deployment and management for lower cost of ownership
When it comes to realizing the lofty goals of agile IT service delivery, non-stop data is a prerequisite. Non-stop data is stored both for fast access and for long term preservation, protection and analysis. It is evidenced by uncompromising application performance and continuous and compliant data availability. Non-stop data is the heart of always-on business processes.
Learn about the challenges to non-stop data:
- New storage models like software-defined storage and hyper-converged infrastructure
- Private, public and hybrid cloud services
- Changing knowledge and skills sets among IT staff
- Mobile commerce as a core business model
This webcast will identify what non-stop data is all about and what are the best practices for enabling data for optimal usage by contemporary businesses.
This presentation provides key findings from the 2015 Cyberthreat Defense Report from the analyst firm CyberEdge. Based on a survey of IT security decision makers and practitioners across North America and Europe, the report examines the current and planned deployment of security measures, including the use of threat intelligence. It also provides developers of IT security technologies and products with answers they need to better align their solutions with the concerns and requirements of end users.
Organizations across industries face an ongoing challenge to meet the stringent data-related regulatory compliance requirements. The major pain points boil down to accessing quality data that provides the necessary auditability and transparency required by auditors and regulators, and the ability to prove that sensitive data is being protected. Those data related problems present a daunting obstacle for your company to meet current as well as future compliance requirements.
A holistic, agile data governance program can help companies address the above data challenges and become regulation–ready. A well-designed data governance program delivers the following:
•Guaranteed access to clean, relevant, trusted and auditable data to create accurate and auditable reports to meet compliance mandates.
•Improved operational efficiency by enabling a collaborative and repeatable process across key stakeholders
•Enabling a true data-driven business environment for your organization to drive continued innovations and growth
Please join us to hear David Loshin, established industry expert in data governance and data quality, and Rob Karel, VP of Strategy and Product Marketing at Informatica to discuss best practices for data governance, how organizations can leverage data governance programs to address existing and future compliance requirements, and how to turn your data governance program into a strategic initiative that drives significant business benefits for your organization.
The need to share content -- securely, collaboratively, immediately -- is critical to your job. You’re working with outside agencies and business partners, sharing documents that contain sensitive data like product designs, ad campaigns and customer data, to name just a few.
According to research from the Ponemon Institute, more than six out of ten people report having accidentally forwarded files to individuals not authorized to see them. It’s time to create some good habits that will allow you to collaborate with internal and external resources and be 100% compliant with the regulations that govern your industry.
Please join us for an interactive presentation about how new habits and tools can make it easy for you to be efficient and compliant, without sacrificing speed or creativity.
The Top Five Best Practices for Controlling Third-Party Vendor Risks.
Target, Home Depot, eBay — look at almost any of the seemingly never-ending string of mega-data breaches, and you’ll find a common thread. Stolen or compromised user credentials, belonging to a privileged user with wide-ranging access to sensitive systems, served as the initial attack path. Often — in as many as two-thirds of cases — those credentials belonged to a third-party; a vendor or business partner who’s been granted internal access to your network. With those credentials in hand, attackers are free to roam about your IT infrastructure, seeking out and exploiting their ultimate goals. It’s a frustrating — and dangerous — challenge. You have to provide access to vendors, contractors, and business partners — but doing so often introduces unacceptable security risks.
But these risks are manageable. Join us to learn the top five best practices for regaining control of third-party access, and the processes and technology necessary to stop unauthorized access and damaging breaches. In this webcast, we’ll discuss:
• The identity, access, and security governance processes needed to protect your network
• How to ensure positive user identification to prevent credential theft and misuse
• Techniques to limit access to only those resources required to satisfy work or business requirements
• Preventing the unauthorized commands — and inadvertent mistakes — threatening your network
• Establishing monitoring procedures that flag violations and speed forensic investigations
As an (ISC)2 member or a practitioner considering certification or membership, wouldn't you like to have the ability to interact with an (ISC)2 Board Member, Director or Manager to ask questions or discover what's being worked on within the organization that will benefit the members or the industry in general? Our new webinar series, Inside (ISC)2 will feature various key personnel within the organization interacting with and answering questions from members and non-members alike in a moderated webcast setting. This is chance to find out, first hand, what's going at (ISC)2 and ask your questions of the key people making decisions at the organization. First up, join us on May 28, 2015 at 1:00PM as David Shearer, Executive Director, stops by to answer your questions.
Cloud and data center security can be dauntingly complex, and selecting the right vendor to engage with is a critical decision for any enterprise. However, cloud and data center security can be a difficult market to navigate. Are vendors backing up their marketing claims? How do different approaches stack up next to each other? What factors need to be taken into consideration when comparing products? Trend Micro has teamed with analyst firm ESG to sort these questions out, and encourage organizations to think differently when it comes to cloud and data center security.
ESG conducted an independent economic evaluation to investigate the differences between Trend Micro and traditional security approaches, and are conducting a live webinar to present their findings. ESG and Trend Micro will give insight into the cloud and data center security market, ESG’s Economic Value Validation methodology, and the conclusions that were reached about the value Trend Micro is providing to their customers. Join us to learn more!
How can your company ensure all threat vectors are protected? In this webinar you will:
- Find out what it takes to secure your organization from today’s evasive advanced cyber threats
- Discover how to detect blended attacks that point products miss
- Learn how to safeguard your intellectual property, critical infrastructure, and customer records from multi-vector, targeted attacks
- Understand how to respond to incidents faster by reducing the number of false positives your security team has to sift through
- Get introduced to the FireEye products that can help achieve enterprise network security
Today’s corporate worker is a mobile worker and requires anywhere access to enterprise services and applications. The evolution of mobile devices in the workplace has gone from a laptop and BlackBerry per user to a mix of three to five devices per user including laptops, smartphones and tablets that may be owned by the worker or enterprise.
Join David Goldschlag, SVP of Strategy for Pulse Secure, as he discusses how enterprises can cope with this explosion of mobile devices using the three C’s of enterprise mobility – Connectivity, Compliance and Containers. In this webinar you will learn:
1. How to use your PC security know-how to manage devices, provide VPN connectivity, and network access control
2. How you can leverage existing compliance enforcement for BYOD and corporate-owned mobile devices
3. How you can evaluate security containers to best meet your mobile application needs
The cyber market is an ever-changing industry. So how are insurance carriers currently assessing the risks their insured face? And how are they mitigating those risks?
In this webinar, Ira Scharf, our GM of Insurance, teams up with Advisen Insurance Intelligence to discuss how cyber exposures have grown and changed over the last 20 years, and how the insurance product has evolved to keep pace.
Watch this on-demand webinar to:
learn exactly how the underwriting process has developed over the years,
hear experts discuss the current trends in the industry, and
find out the latest tools carriers are adopting to better assess corporation’s cyber preparedness.
We do not want Big Data! We want the right data to answer the right questions!
Data is changing our world. Predictions using massive data not only have improved many products. At the same time, they have, in some industries, disrupted business models and created new ones.
What does an organization need to do to generate a new competitive advantage out of data? The answer might be surprising. “Change the state of mind.”
Companies often do not need big data. They essentially want small and actionable advice. Some predictions will need big data to surface relevant information, but not all. The key to success for many companies, however, is to enable “datadriven” decision making. Lutz will discuss the steps he has used in starting and developing his own company (later sold to WPP), as well as how he leads LinkedIn’s data science team.
A) Change the state of mind!
Enable everyone in the company to ask “data driven” questions. Lutz will show how this is the hardest part of the ongoing exercise, but why most businesses actually can achieve this with their current strategic abilities. Using examples we will learn what is the best way to formulate the “Ask”.
B) What data?
Data can be a source of disruption & innovation. Business models change because new data sources and enhanced computational power allows new services or improve old services. But which data to use? Domain knowledge is often more important than having “Big Data". Lutz will introduce a framework on how to think about data.
C) How to build a Data Team?
How can organizations build up data capabilities within your team. Contrary to the common discussion that a data scientist are not ‘hard to find’. Lutz will explain how every company can create a data science organization by just mixing the right skillets.
Rapidly deploy and dynamically manage secure networks at geographically distributed stores, branch locations, and on the road with Cradlepoint’s Enterprise Cloud Manager. This innovative cloud platform is the next generation management and application platform that helps you improve productivity, increase security and network reliability, and reduce costs; all while enhancing the intelligence of your network and business operations.
The webinar is a cloud presentation and live product demonstration.
Attendees will learn how to:
•Set up and configure groups of devices for “zero-touch” installation and continuous remote management.
•Troubleshoot their network, limit truck rolls, and reduce downtime
•Perform remote diagnostics – status reports, error logs, and alerts
•Easily upgrade firmware on multiple routers at once
•Use next generation Out-of-Band Management through the cloud
•Implement best-in-breed security applications from the cloud
Disruptive forces are accelerating a change in workplace technology, leaving organizational data at risk. In the past, IT was able to create a ‘walled garden’ with clearly set protocols for how data came in and out of the organization. This is no longer the case.
As a response, Workshare recently hosted a series of roundtables and polls, where we asked CIOs and senior IT professionals how trends in the workplace are affecting their IT strategy.
Join us as we discuss how these trends are influencing IT strategies today, as well as the best practice for reducing risk.
Ever wish you could get inside your QSA’s head before your next PCI audit?
Join QSA Adam Gaydosh of Anitian, and Nimmy Reichenberg, VP of Strategy at AlgoSec to get the inside scoop on what QSAs are looking for when they audit you. Aimed at security and networking professionals, this webinar will provide insider tips and tricks to help you prepare for and pass your audit – wherever your credit card data is stored – and remain continuously compliant even if you’re breached.
Don’t miss the chance to hear about the pitfalls your colleagues have already faced, and how to make the audit experience less stressful, including:
- Less is more: demystifying the scope of a PCI audit
- What’s in and what’s out: Segmenting your network for compliance
- Best practices for configuring your security infrastructure
- PCI in the public cloud – it’s not an oxymoron
From Heartbleed and Shellshock to the Target breach and the Sony hack, cyberattacks are daily news, and yet security and compliance are often not considered as a fundamental requirement when adopting cloud computing strategies.
Cyber crime is continuously evolving as criminals identify new ways of making money from the digital revolution. However, there is no such thing as a new crime. The techniques that we see criminals use and abuse today have their antecedents in the recent past as well as antiquity. By examining the evolution of how information has been recognised as valuable, and how techniques have evolved to protect information we can better understand how techniques will need to continue to evolve to protect against the latest criminal attacks.
The widespread adoption of cloud infrastructure exposes organisations to new threats but presents new opportunities for attackers. Indeed, criminals have enthusiastically embraced the cloud as a platform for their own activities and developed "crime-as-a-service".
Join Martin Lee, Intelligence Manager at Alert Logic for this live webinar which will discuss:
- Trends in UK Cyber Crime - how cyber crime has evolved and continues to evolve
- Typical motivations behind an attack, and what hackers do with the data they steal
- How to integrate security & threat intelligence capabilities into your cloud
According to Gartner, “through 2019, more than 50% of data migration projects will exceed budget and/or result in some form of business disruption due to flawed execution."(1) Furthermore, 1 in 6 large IT projects go over budget by 200%, according to a Harvard Business Review article. It is widely recognized that application migration and consolidation projects are “risky business” – high-ticket items for the corporation, with a scary chance of failing. If you are undertaking any IT modernization or rationalization project, such as consolidating applications or migrating applications to the cloud or ‘on-prem’ application, such as SAP, this webinar is a must-see.
The webinar is going to shine the light on the critical role that data plays in the success or failure of these projects. Application data consolidation and migration is typically 30% to 40% of the application go-live effort. There is a multitude of data issues that can plague a project like this and lead to its doom, and these are not always recognized and understood early on, which is the biggest problem.
In this webinar, Philip Russom of TDWI will walk us through the potential data pitfalls a corporation should consider when undertaking an application consolidation or migration project. Philip will share best practices for managing data in order to minimize risks and ensure on-time and on-budget delivery of these projects. Rob will discuss Informatica’s unique methodology and solution to support these best practices. Rob will also share real-life examples on how Informatica is helping customers reduce risks and complete application consolidation and migration projects on budget and on schedule.
1) Gartner report titled "Best Practices Mitigate Data Migration Risks and Challenges" published on December 9, 2014
Willbros, a leading infrastructure contractor serving the oil and gas industry, leverages Amazon Web Services (AWS) and Trend Micro Deep Security to quickly design and deploy agile, secure cloud solutions to protect their vital data. Moving to AWS allows organizations to leave their infrastructure behind and start fresh – architecting for flexibility and scalability. However, bottlenecks are created when traditional on-premises security approaches and tools are used. Learn how Willbros unleashed innovation in the energy industry by taking a greenfield approach to security in AWS. Attend this practical webinar by AWS, Trend Micro and Willbros to learn how you can design a flexible, agile architecture that meets compliance requirements and protects your most valuable asset – your data. Jason Cradit from Willbros will share their experience on how they achieved building robust and secure pipeline management systems in the cloud.
In this webinar you’ll learn how to:
- Architect a secure application using a combination of AWS services, Trend Micro services, and configurations
- Understand how host-based protection improves application security, as well as agility and flexibility
- How to protect workloads from attack, without hampering performance
•¿Sabía que el 14 de julio finalizará el soporte del producto Windows Server 2003?
oDespués de esta fecha , Microsoft dejará de emitir parches de seguridad , dejando a estos sistemas en un estado de vulnerabilidad alto frente a los ataques de día cero y otras formas de código malicioso.
•Conozca a que riesgos se expone si no hace frente a esta situación y como Symantec le ayuda a proteger sus sistemas ante la finalización del soporte para estos sistemas.
The application-layer is the number one attack vector, yet 2/3 of applications remain untested for vulnerabilities. This is because security professionals struggle to demonstrate the business case for a mature application security programme.
Seit Edward Snowden ist bekannt, wie systematisch Informationen ausgespäht und manipuliert werden. Was hat sich seither wirklich verändert und was ist die konsequente Schlussfolgerung? Wir zeigen Ihnen, wie sie auf Basis einer angepassten Sicherheitsstrategie die richtigen Lösungen für Ihre Sicherheitsanforderungen finden.
As the volume and diversity of mobile devices on your network continue to rise, so does the need to ensure that every device is safe. Cybercriminals leverage vulnerable endpoints as backdoors to the network and Gartner predicts the source of breaches will have shifted from workstations to tablets and smartphones by 2017.
As the attack surface of your network continues to multiply with each new device, network access control is essential to securing your assets and critical infrastructure.
Attend this webinar to get a complete understanding of NAC functionality and how you can leverage visibility, policies, and automation to secure the critical edge of your network, including:
- Safe Onboarding – Allow users to self-register their devices securely, to reduce the burden on IT Staff
- Device Profiling – Identifies and classifies every device on the network to provide greater visibility
- Endpoint Compliance – Ensure every device is safe enough to join the network, to reduce risk
- Network Automation – Dynamically provision network access based on policies that leverage user, device, and location
- Security Automation – Capture and automatically execute complex investigative workflows that are time consuming and error prone
- Rapid Threat Response – Dramatically reduce the time required to contain compromised or infected devices
DDoS attacks are rising in size, frequency and complexity; recent research from Arbor Networks discovered a 334 Gbps DDoS attack! What makes this concerning is that there isn’t a single DDoS protection product on the planet that can stop an attack of this magnitude. So what’s the solution? You need to leverage your network to stop DDoS attacks.
In this session, representatives from two industry leaders – Talbot Hack from Arbor Networks and Mike Geller from Cisco Systems – discuss best practices in leveraging your network for DDoS detection and mitigation.
This presentation will cover:
-The use of current and emerging technologies such as, Netflow, BGP, Flowspec, S&D/RTBH and SDN/NFV
-An introduction to a joint Arbor-Cisco solution which embeds Arbor’s Threat Management System (TMS) technology in the Cisco’s ASR 9000 router for network embedded, virtual DDoS protection
Yes, there are annual studies that calculate the cost of the average data breach. And yes, within weeks of a major data breach the headlines shift from number of records lost to estimated cost. So it is unsurprising, if troubling, that a recent survey of enterprise executives indicated that the #1 thing they are most concerned about protecting from cyber attack is customer data. However, there are other important aspects to making a business case for improving your security posture. This webcast will discuss what we feel you should be concerned about losing and why…and it’s not just customer records that require costly breach notification.
Evolving consumer trends and rising costs dictate the technological necessities that quick serve and fast casual restaurant franchises must adopt to remain competitive. While innovation is creating revenue opportunities, it is also leaving franchises more vulnerable than ever to cybercrime. In an age where consumers are all connected and information travels in the blink of an eye, a breach doesn’t just hurt the single hacked location, it damages the entire brand.
Don’t miss this webinar with Dr. Jonpaul Leskie, a global IT security consultant and franchise owner, who will be joined by ControlScan security and compliance experts. Together, they will examine three new popular technologies that franchise owners are deploying in their organizations to increase profits, and how those same technologies can create risky gaps in their security leaving them vulnerable to breach.
End-point data protection is fundamentally changing. End-points have moved from desktop to mobile with BYOD, and the data protection envelope is extending beyond simple backup and recovery solutions to include continuous data availability, security, and compliance.
During this webinar to learn how Syncplicity’s enterprise file sync and share solution helps extend the data protection envelope across your enterprise.
The End of Support (EOS) of Microsoft Windows Server 2003 in July 2015 will put millions of enterprise servers at risk. And according to a recent study by leading analyst firm Enterprise Strategy Group (ESG), “More than 80% of enterprise and midmarket organizations still support Windows Server 2003 to some extent.” Newly discovered vulnerabilities will not be patched or documented by Microsoft. Hackers know this and will be targeting new exploits at the considerable number of Windows Server 2003 servers still in use. In this webinar, ESG will share the significant findings from its recent survey of Microsoft Windows Server 2003 customers. Also, Trend Micro will discuss how to protect your legacy Windows 2003 server environment while you plan your move to newer platforms. Join us and learn how to:
* Protect and secure your Windows 2003 Servers after EOS
* Build a comprehensive security strategy with virtual patching (IPS), file integrity monitoring, and anti-malware
* Ensure your organization is protected across physical, virtual, and cloud environments as you migrate to newer platforms such as Windows Server 2012 and Azure
Een exclusieve inkijk op het gebied van cybersecurity. Door middel van een presentatie en een live demonstratie, uitgevoerd door een van onze security experts. Het cyberlandschap evolueert continu. Het aantal aanvallen neemt niet alleen schrikbarend toe, maar worden ook steeds geavanceerder. Hiervoor heeft Fox-IT een detectie- en response platform ontwikkeld dat op basis van actuele intelligence functioneert.
Managed Service Providers have a key role to play in ensuring ALL IP-based technology used by their customers is working and meeting their needs. Join this webinar and learn how MSPs can increase monthly recurring revenues with Viakoo's services and subscription offerings. Gain more customers and make more money by providing a critical service that many customers are finding falls between the gaps of their IT teams and physical security teams.
As a security professional, information sharing with other organizations is big part of your job. However, when it comes to information about attacks and vulnerabilities, there are limited accepted resources—leaving knowledge sharing to an informal process with only a few select contacts.
Now you can get better information about the top vulnerabilities that need your attention and what to do about them. Learn more about the US-CERT Top 30, a publication that provides guidance in the vulnerability field.
Join this webcast for a closer look, so you can:
> Learn about the top 30 vulnerabilities — that comprise most of targeted attacks against critical infrastructure
> Understand how the US-CERT condenses — security data into a single report
> Apply and implement recommendations — against your infrastructure
> Share this new data point with your colleagues — at other companies
Open source tools and code have become pervasive in applications development and infrastructure alike. In just the past year, over 5000 vulnerabilities have been reported against open source components, so it may not be as secure as one would think. Such vulnerabilities can lead to security bugs like Heartbleed and Poodle. Knowing the components you are using and their possible vulnerabilities is critical to maintaining the security at your organization. Join (ISC)2 and Black Duck Software on June 4, 2015 at 1:00PM Eastern for a discussion on securing open source tools.
Do you run mission critical applications in the cloud? If the answer is yes, then you already know how important it is to have visibility into all aspects of your infrastructure. An alert telling you your application is down is no longer sufficient. Today’s IT managers need to be made aware of potential problems before they arise.
Join me, Dan Waymire, Sr. Account Manager at HOSTING, for a webinar on May 28th at 3 p.m. EST to learn how Hosting can provide unprecedented visibility into your infrastructure, allowing you to be one step ahead of service impacting events. Leveraging the industry leading ScienceLogic platform, I will cover the following:
•A demonstration of how you can build real-time dashboards showing availability, utilization, and performance of your entire IT infrastructure
•A walk-through of an Executive dashboard showing your leadership team the application availability in real time
•IT manager dashboards capable of showing utilization & performance of web servers, database servers, switches, and firewalls all in a single pane of glass
For many organizations, adherence to regulatory guidelines is the ruler by which to measure their security posture. While compliance is an important part of overall risk management, studies have shown that security education in areas like secure application development and security awareness can help in preventing attacks and deterring cybercriminal activity.
In this interactive, online session, you will learn how course-based eLearning empowers employees to recognize potential security risks throughout their daily workflow. Hear examples of how organizations can implement effective, scalable training - enabling the business to protect its assets and software developers, testers and security leads to build secure applications from inception to deployment.
James Hanlon, Security Strategist at Symantec, looks at both the current cyber poisons and potential antidotes to the cyber security challenge. The discussion will focus current threat landscape and the changes we are seeing in regard to hacking and cyber attacks. It will pose the questions to whether global intelligence & data analytics is an approach that can be used counter the most advanced threats.
Attackers are getting smarter, while repurposing what we thought were outdated techniques. So, how can your organisation stay safe?
In the past decade we’ve seen the emergence of the world’s youngest profession – the Cyber-Intruders. These actors, often working normal 9 to 5 hours, Monday to Friday, are paid to break into systems and steal sensitive information or scope out a target for their employer.
Crime-as-a-service has become a reality in cyber-space, with specialisms emerging which make it akin to a mini-industrial revolution. The techniques they use are often novel, though not always. Out-dated technology as well as lessons unlearned by organisations mean that persistent attackers can breach networks with relative ease.
This talk aims to present the current state of the cyber threat landscape, what are the latest tricks attackers are using, and what should organisations focus on to keep data and systems secure.
Cloud computing will not reach its full potential without the full development and stable management of standards. Customers expect the freedom of choice, increased control, and interoperability as a tool for fair competition and unfettered innovation in cloud services. Effective interoperability demands common technical and legal parameters, which are related to open standards and governance. This CloudWATCH webinar provides user experience on standards-based interoperability. It will see authors and users of standards already implemented in EGI Federated Cloud. Learn from the experience of others as they showcase benefits and best-practices.
If you are using a cloud standard or would like to
- Why is it needed
- Are the benefits as expected?
- What pitfalls have you had?
- What moments of enlightenment have you had?
Information security is becoming more and more vital to organisations in an ever changing landscape with the role of the Chief Information Security Officer (CISO) growing in magnitude with hacker based activity, cloud computing, and work-from-anywhere initiative adding to the complexity. New privacy regulations, social media and BYOD have added further challenges and put additional strains on compliance…
In this webcast, Hadi Hosn, Managing Principal Consultant at Dell SecureWorks, will discuss the five key areas we believe a CISO should focus today to help shape and drive a security programme. Hadi will focus on the most important areas that are applicable in all market sectors and centre in on those activities that, in his experience, deliver the most value, security improvement and return on investment.
Key topics covered include:
•Understanding your organisation’s extended enterprise
•How to improve visibility into what’s going on in your environment
•Building a culture of security in your organisation