IT Security

Community information
The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
  • Knowing what IT assets you have and how to protect them is increasingly a challenge as globalization, virtualization and mobile assets create new endpoints and new opportunities for hackers to infiltrate. Now you can move beyond traditional scanner-based approaches to strengthen endpoint security with a free solution from Qualys.

    Discover how the Qualys AssetView gives you a fast, actionable view of all IT assets while helping to:

    > Gain comprehensive, scalable and always up-to-date view of endpoints — with continuously updated inventory of asset details, scaling to millions of assets

    > Deliver fast, accurate and actionable data — with a new layer of intelligence into the current state of endpoints, including details about services, file systems and registries as well as information to manage and secure systems

    > Minimize impact on systems and networks — by keeping itself lightweight and up-to-date to eliminate the need to reboot

    > Handle virtualized environments with ease — by keeping track of the constant proliferation of images inside and outside of the environment
  • In this webcast, you’ll gain insights into the state of insider threats and security solutions to detect and prevent them. We’ll review the results of a comprehensive crowd-based survey on insider threats in cooperation with the 260,000+ members of the Security Community on LinkedIn. We’ll also discuss the critical importance of protecting Active Directory and its resources from insider threats and provide best practices toward that goal.

    Holger Schulze, founder of the Information Security Community on LinkedIn, will review 5 key trends for insider threats, as well as the results of the 21-question survey of your IT security, compliance and admin peers, covering four main themes:

    1. Insider threats and vulnerabilities
    2. Threat detection
    3. Security tools and processes
    4. Recovery and remediation

    Then, Alvaro Vitta, principal security consultant, Dell Software, will provide his take on best practices for securing Active Directory and the resources it grants access to, as well as a brief overview of Dell solutions for governance, risk and compliance (GRC).
  • Traditionally, most organizations have used email for sending files to colleagues or clients. However, as files increase in size and email attachment limits are an issue, employees are forced to either use old-fashioned FTP or circumvent company regulations by turning to insecure consumer-grade applications. 72% of the people we surveyed do! Let us tell you about a better way.

    Join us to learn 4 key best practices:
    1) Don’t mess with what users know – continue to use Microsoft Outlook to drive file transfers (just don’t leave it to Outlook to deliver them)
    2) Don’t leave it to users to decide when something is too big or too sensitive to send by email
    3) Do make the experience better and faster for users (as opposed to more complicated and slower)
    4) Have a policy (and protection) that covers email-based sharing even when mobile

    With Workshare, employees can email links to files, eliminating the need for attachments, while continuing to us the familiar Outlook to do it. Policy-enforcement means companies can secure, track, and expire file access and activity beyond the corporate firewall.

    Workshare also uses its customizable policy engine to ensure that the content that is shared is secured and removed of any sensitive information before it is shared.
    Intelligently scan and secure documents too large or too important to send by email. IT can set policies to determine when a file is too large to send, or critically when to block or clean a file if it contains sensitive hidden data that would expose the company to risk.
  • The Nordic region is known for its natural resources, innovations in renewable energy and healthcare, proximity to the Arctic, and emphasis on transparency in government. However, these unique attributes make the region a prime target for cyber threat groups looking to capitalize on Nordic countries’ robust economies and distinct geopolitical concerns. FireEye Threat Intelligence assesses that threat actors aggressively target strategic industries and government and military organizations in search of valuable economic, political, or military intelligence.

    In this webinar we will be drawing on the findings from our recent report, Cyber Threats to the Nordic Region.

    Register now to learn about:

    •Some of the specific threat activity we have observed against Denmark, Finland, Iceland, Norway, and Sweden
    •Attacks on Critical Infrastructure in the Nordics
    •The motivations and drivers of future threat activity in the Nordics
    •How to respond to advanced attacks
  • Our dependencies are clear. Organisations have become virtual, and all of this progress relies on systems and infrastructure that no one organisation maintains, and there is no turning back. Significant time and resources are being dedicated to coping with mistakes and oversights, while remediation time following system or data compromise is steadily getting longer.
    Industry has been cornered into a reactionary position addressing incidents as they occur.

    Such concerns are set to dominate discussions at the 2nd Annual (ISC)² Security Congress EMEA, October 20-21 in Munich, Germany.

    Join (ISC)², Infosecurity Magazine and two of the several top notch (ISC)² Security Congress EMEA speakers to examine our progress, how to challenge our reactionary position, and what is required to look forward to the future.

    Moderator: Michael Hine, Deputy Editor, Infosecurity Magazine
    Panellists: Adrian Davis, Managing Director, (ISC)² EMEA; Yiannis Pavlosoglou, Director of IT Risk, UBS; Georg Freundorfer, Director Security EMEA, Oracle

    WIN A FREE TICKET TO CONGRESS!
    (ISC)² is giving away 3 delegate passes for the 2015 (ISC)² Security Congress EMEA, to delegates who view the webinar for a minimum of 50 minutes. Winners will be announced live at the end of the webinar and subsequently emailed with information on how to redeem their prizes. The free pass is valid for all sessions including pre-conference workshops and networking opportunities. For further details on the prize draw and full T&C’s, please copy and paste the following link to your browser: http://bit.do/isc2emeacongressprize
  • The consumerization of IT, bring your own device (BYOD), and software-as-a-service (SaaS) provide organizations with impressive productivity gains, but bring with them the challenge of secure management. Grady Boggs, Principal Security Specialist, illustrates the Microsoft comprehensive cloud solution, the Enterprise Mobility Suite (EMS), and details how users can stay productive while keeping corporate information safe and secure.
  • The dangers posed by advanced targeted attacks are real. Enterprises have come up against the limitations of approaches such as intrusion detection and signature-based malware detection. One promising avenue to explore is trusted crypto, which can help ensure that an application, for example, is doing just what its developers intended and has not been tampered with. Things can be taken a step further with trusted execution environments.

    In this webcast, John Grimm of Thales e-Security and John Pescatore of the SANS Institute will discuss the gaps in current best-practice defenses and the ways that trusted crypto and trusted execution environments can help fill those gaps.
  • You already know the power of application segmentation to deliver data center and cloud security—now you can take segmentation to the next level. Nano-segmentation is finally a reality.

    In 15 minutes, we’ll show you how nano-segmentation delivers the most granular, adaptive security across your data centers and public clouds.
    Register to find out how to:

    - Reduce your data center and cloud attack surface by 99%
    - Quarantine compromised servers in seconds
    - Achieve compliance in hours
  • Patching systems and applications is a huge challenge, and doing it manually is not an option.
    In this session Microsoft MVP Raphael Perez will look at the basics of SCCM Automation with PowerShell. You'll learn when automation should be used, get tips on making the most of WMI, SCCM PowerShell cmdlets and some of the techniques he uses when creating automation scripts.

    Live attendees of this session will automatically participate in a draw of three editions of Raphael’s latest publication: System Center 2012 R2 Configuration Manager: Automation from Zero to Hero

    About Raphael Perez: Raphael is one of the only three ‘Enterprise Client Management MVPs‘ based in UK, specialising in System Center Configuration Manager (SCCM) and with over a decade of front-line enterprise experience of working with Microsoft technology and Management solutions. Raphael has worked on a number of different enterprise SCCM, OS Deployment and Patch Management projects over the years.
  • Today’s cyber defenses generate a torrent of security alerts. Some of them can be useful, even essential. Many are not. And telling the difference isn’t always easy.

    When assessing security products, organizations often equate a large volume of alerts with more thorough threat detection. But as anyone who’s been roused awake by a car alarm at 3 a.m. knows, it’s the quality of these alerts—not the quantity—that really matters.

    This webinar will examine the four biggest problems with reactive, alarm-based defenses in conventional security deployments.

    Join us to:

    -Learn how to alleviate alert fatigue
    -Detect true threats, provide quality alerts and enhace them with ample context and insight so security teams can act on them
    -Sort out the alerts you must respond to from those you should respond so
    -Discover how to recognize multiple separate alerts that might be part of a multi-pronged attack on your network
  • Join cloud security expert Tricia Pattee on August 27 for a quick, cut-to-the-chase analysis on where to get the most bang for your security buck. The interactive, hour-long discussion will include:

    -The five most common security mistakes
    -Top six areas of security spend
    -How to maximize budget – and minimize risk
    -Hidden cloud security costs

    The presentation will include a Q & A to answer your specific questions about security budgeting and cost management.

    Register today.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency
  • Hybrid IT is fast becoming the new normal across organizations in Asia-Pacific. With the increasing utilization of data centers and cloud services across the Asia Pacific region, companies have gradually updated or upgraded their existing IT systems, giving rise to the Hybrid IT environment. Besides helping enterprises to drive digital disruption, the latest Hybrid IT environment is also enhancing the customer experience and encouraging business model innovation. As a result, there is greater acceleration in the adoption of a multi-vendor multi-cloud environment or Hybrid IT.Together with the Cloud, Hybrid IT is enabling the accelerated adoption of new technologies such as Big Data, the Internet of Things and Connected Industries. 

    Mayank Kapoor, Industry Principal, ICT - Data Center and Cloud Computing, Frost & Sullivan, Asia Pacific discusses these and key insights on how these new technologies are driving industry transformation not just across the ICT industry but also the Manufacturing, Automotive and Healthcare industries.
  • Verschlüsselung ist langsam, kompliziert und schwer zu managen! Diese Vorurteile sind lange überholt. Verschlüsselung ist heute wichtiger Bestandteil einer umfassenden Sicherheitsstrategie.
    Armin Simon zeigt Ihnen in diesem Webinar, wie Sie als Security-Verantwortlicher Verschlüsselung in Ihrem Unternehmen auf ein solides Fundament stellen. Welche Ansätze haben sich bewährt und wie finden Sie die für Ihr Unternehmen passendste Lösung?
  • Any data breach is costly and disruptive, but for pharmaceutical businesses, medical device companies, and others in the life sciences field, the need to protect and manage sensitive data (PHI, PII, and IP) make these challenges even more complex. The real world costs of compromised data can be staggering, not just in fines, but in employment and business reputation loss as well.

    Join FDA IT compliance expert Angela Bazigos, Chief Compliance Officer of Morf Media, and Performance Works on this deep-dive to learn how life sciences companies are managing their sensitive data in an environment of increasing risk and regulation. You’ll discover how to protect and manage this data to meet compliance regulations and significantly decrease the risk of data exposure, including that of highly-regulated HIPAA data.

    Register for this webinar to learn about the:
    * Increasing risk to PII, PHI, and IP data in an age of breaches and growing data dispersion
    * Changing regulatory landscape that adds greater complexity to corporate workflow
    * Best practices to monitor and respond to compliance and legal requirements for dispersed sensitive data, including mobile technologies and cloud services
    * Proactive approach to compliance to help your business avoid data risks and better address compliance and legal requirements

    Speaker Bios:
    Angela Bazigos, is the Chief Compliance Officer of Morf Media. She has 40 years of experience in Life Sciences spanning GLP, GCP, GMP, Medical Devices & 21 CFR 11 and has a patent aimed at speeding up Software Compliance.

    Ken Rosen, Co-Founder of Performance Works
    Ron Weismann, CMO of Performance Works
  • In this webinar, we will show with concrete examples why it is so important to implement correct user and data security controls to secure your cloud and virtual environments. You will see how easily controls can be bypassed and compromised, why software keys are simply not good enough, and how your personal life threatens your business and work life. This presentation will stress the importance of using data and user centric security models vs. conventional data security practices. Join (ISC)² and Gemalto-Safenet in this webinar to learn what we call: unsharing your data.
  • Organisations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals. However, once you have the right people in place, it is imperative to retain them and use their skills to embed positive-information security behaviours throughout the organisation.

    So in an era where cyber security is a C-suite business challenge, how can board colleagues work with security professionals and others within the enterprise to address these issues?

    Join Steve Durbin, Managing Director of ISF Ltd, for a 45 minute webcast, where he will discuss how organisations can develop and implement an information security awareness culture that will engage with employees at all levels.
  • The Cloud provider market is crowded and offerings vary greatly from provider to provider. How do you ensure that a Cloud product meets the particular needs of your business? Assistant General Counsel Dennis Garcia discusses how one goes about choosing a Cloud provider and provides tips and tricks as to how to approach the move to the Cloud within your organization to ensure a successful transition.
  • How do you create a secure Chef workflow in a DevOps organization? In this webinar, Senior Solutions Architect Matt Stratton and Support Engineer Josh Glass will share ways to secure the Chef server, the Chef client, and the workstation where you run Chef DK and knife commands. They will also discuss some techniques for implementing these security best practices in a DevOps organization.
  • How well is sensitive data understood and protected in organizations? Are you protecting what should be protected? In this session, you will hear the details of how and why sensitive data risk and protection should be the foundation of modern information security strategies and tactics. Given the eventuality of network breaches, organizations must do all they can to ensure that their data is understood and protected to reduce the magnitude and scope of data loss. We will reference a survey conducted by the Ponemon Institute and Informatica on what organizations know about their sensitive data, how data security controls are used, and the key issues and challenges of securing sensitive and private data. While security and privacy professionals have enumerable tools for information security, what they should target and protect is not clearly understood. Better data protection comes from understanding the risks of sensitive data and precisely applying controls to mitigate sensitive data loss.

    This data-centric approach to security provides numerous and immediate value for organizations to improve their data security and privacy profile, including:

    • Uncovering the unknowns of data risk as mobile, cloud & big data create exponential growth by identifying how sensitive data is growing and spreading across organizations and its associated risk
    • Targeting risks and data controls to focus security investments on the systems where sensitive data is created, shared and at risk
    • Improving security efficiencies, automating sensitive data risk analysis, and providing on-demand risk audit for regulatory compliance

    Please join us at this webinar to hear Adrian Lane, Security Analyst at Securosis, and Bill Burns, CISO at Informatica, discuss best practices and strategies for data-centric security. Josh Alpern, VP Business Development at Informatica, will also share his hands-on efforts in helping Informatica customers reduce sensitive data risk and improved breach resiliency.
  • Our SURVIVAL GUIDE webinar series has taught you how to FIX all of your problems and to make sure that your changes and policies are ENFORCED.

    Now it’s time to make your life easier AUTOMATING the repetitive and time-consuming processes involved with managing your SharePoint deployments.

    Sounds great, right? But what does that mean? How would you like to:
    * Get end users the resources they need quickly by providing clear direction about what services are available and how to use them?
    * Offer an out-of-the-box service catalog for your users to choose from?
    * Fulfill requests for provisioning, administration, security, content and lifecycle management changes without having to burden IT?
    * Automatically tag, classify, and apply retention policies from the creation of documents to full site collections?

    Register now to join AvePoint Field Product Manager Edmund White, as he shows you how our SURVIVE GUIDE can automate the steps involved in configuring, managing, and enforcing SharePoint governance and compliance policies.

    Don’t JUST SURVIVE, be a force for change and get back to focusing on more strategic, higher-value operations.
  • End-point data protection is fundamentally changing. End-points have moved from desktop to mobile with BYOD, and the data protection envelope is extending beyond simple backup and recovery solutions to include continuous data availability, security, and compliance.

    During this webinar learn how Syncplicity’s enterprise file sync and share solution helps extend the data protection envelope across your enterprise.
  • Protecting your organization from cyberthreats can be a challenging task, but choosing the right solution doesn’t have to be.

    In this live webinar, you’ll find out the 10 Things Your Next Cybersecurity Solution Must Do to block cyberattacks and protect allowed traffic from threats. Then learn how to effectively evaluate cybersecurity solutions through the Request for Proposal (RFP) process.

    Specifically, we’ll take a look at how to:

    •Overcome the gaps in visibility caused by the overwhelming volume of alerts and manual processes.
    •Efficiently correlate information to identify infected systems and weaknesses throughout the network, and then execute protections.
    •Bridge the gaps between different security products for cohesive and rapid detection, analysis, and protection.
  • 迅速採用新的科技能促進金融機構一直蓬勃發展,但升級為最新的科技卻伴隨未知的漏洞而成為容易被網絡攻擊的目標。

    加入Palo Alto Networks具有高度影響力的網路研討會,我們將討論你每天面對的資訊安全挑戰,以及我們獨特的平台如何解決這些問題。
  • An increasing number of government processes are digital and mobile. If your organization is seeking to transform service delivery to citizens, external partners, other agencies, and all levels of personnel, join us on September 10th for a unique educational digital event. This E-Signature Summit will bring together government organizations, partners and subject matter experts to provide the practical guidance and tools you need to leverage e-signatures within your department, agency or area of responsibility.
  • Join NFC World and SimplyTapp for a unique opportunity to put your questions on HCE, tokenization, Apple Pay, Android Pay and more to host card emulation pioneer Doug Yeager.
  • We live in a world where everything is driven by applications, connectivity, and mobility. Your customers are now far more likely to interact with your enterprise through software than a live person, and employees are conducting more business on mobile devices than traditional laptops and workstations. A critical success factor for thriving in this new reality is the ability for the enterprise to accurately identify users in a way that is both convenient to them and cost effective, while also protecting their identities and data from potential fraudsters.

    Join this webcast where Carol Alexander, Head of Authentication Solutions, and Charley Chell, Security Advisor, from CA Technologies will discuss how you can transparently leverage data from mobile devices to help identify the legitimacy of a user attempting to login or perform a sensitive transaction. Learn the key factors and considerations in using contextual authentication within your mobile applications to protect against inappropriate access and data breaches.
  • We are excited to announce the PA-7080 – a new data center chassis that redefines high performance security with a perfect blend of power, intelligence and simplicity. It delivers next-generation firewall and advanced threat prevention at speeds of up to 200 Gbps using an ultra-efficient single pass software engine.

    Please join this Palo Alto Networks webinar to hear first hand from our product marketing team where they will discuss the latest innovations from Palo Alto Networks as well as:

    •How the PA-7080 can protect your data at speeds of up to 200 Gbps
    •Next-generation security that controls your data center applications and blocks known and unknown threats
    •Native integration and automation features that can enable your security to be more agile
  • Emergency responders often talk about the "Golden Hour", the period of time where there is the greatest likelihood that prompt attention will mitigate impact and damage. The same holds true for the Cyber Attack Chain. At what phase in the chain should you concentrate on to get the best protection for your organization or credible threat intelligence information? Join Intel Security and (ISC)2 on Thursday, September 10, 2015 at 1:00PM Eastern for a discussion on the chain and where it might be best to focus your attention on the links of the chain to best defend your organization.