IT Security

Community information
The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
  • Cybersecurity is a mess. The number of guides, standards, laws, rules, and regulations grows every day, and most organisations don’t have the ability or the resources to handle the continuously changing (and expanding) set of requirement:

    In this webinar run jointly by (ISC)2 and Unified Compliance, you will learn

    · How to efficiently manage complex compliance requirements by creating customised control sets and compliance templates in seconds

    · What harmonisation of compliance across multiple regulations, standards & frameworks looks like—including Sarbanes Oxley to FFIEC, PCI, GLBA and HIPAA to CMS, NERC, NIST, and ISO among others

    · How to understand and clarify overlaps and conflicts between documents in your regulatory requirements

    · How to save time and eliminate duplicate efforts by asserting compliance across multiple authority documents simultaneously

    Taking this new approach will save organisations considerable time, effort, and resources when it comes to audit and cybersecurity compliance. More importantly, this will improve the efficiency and effectiveness of their overall Governance, Risk Management, and Compliance programs.
  • With a struggle to bridge the gap in their enterprise security operations, many companies know they need to progress, but they don’t know how. If your organization is struggling with this, we can help.

    It’s essential to be able to evolve from:
    1. Alert to action
    2. The unknown to the known
    3. Policy to implementation

    Join us to learn how we are addressing the top 3 operational concerns in security to help you gain better control of your enterprise network.
  • Participez à ce webinaire pour savoir comment offrir rapidité et protection à votre réseau tout en respectant vos contraintes budgétaires. Les entreprises telles que la vôtre s’appuient sur des connexions rapides et abordables pour se tourner vers le cloud. Si vous savez utiliser SSL pour chiffrer les données, c’est aussi ce que font les cybercriminels pour chiffrer les programmes malveillants. Votre réseau haut débit exige une protection ultrarapide.
  • Nehmen Sie an diesem Webinar teil und finden Sie heraus, wie Sie von einem sicheren und schnellen Netzwerk profitieren, ganz ohne Ihr Budget zu sprengen. Immer mehr Organisationen setzen auf schnelle, erschwingliche Breitbandverbindungen, um die Vorteile der Cloud für ihr Geschäft zu nutzen. Möglicherweise verwenden auch Sie, wie viele Unternehmen, SSL zur Datenverschlüsselung. Leider tun das auch Cyberkriminelle, um Malware zu verschlüsseln. Für ein High-Speed-Netzwerk braucht es aber einen High-Speed-Schutz.
  • It's not about IF, but WHEN - This statement has been over hyped by media and Sales people love it as they want to sell you something. There is a lot of negative news around cyber security and rightly because Data breaches have become a part of our daily news. BUT 90% of the breaches could have been avoided according to a recent report by Online Trust Alliance 2015 had best practices and security controls been applied correctly.

    So what can we do about it?

    From this webinar, I would like to bring some cyber defence strategies into play which i have been researching on lately. There is no silver bullet to Cyber Security. "You dont need another Security product".

    Prepare for the worse by having a sound cyber resilience strategy in place.

    Takeaways from this webinar -

    a) Best Practice - Defence in Depth
    b) Cyber Defence strategy models
    c) Cyber Resilience Framework
  • This presentation will highlight lessons learned from many years of responding to targeted attacks by nation state actors and other groups. We will highlight why adversaries continue to successfully compromise their targets at-will, and provide insight to the investigative techniques and security controls that can keep-pace with attacker methodologies. (Hint: there are no silver bullets, and buying more security widgets is not always the answer to these challenges!) We’ll discuss the benefits, and potential pitfalls, of the emerging market for “threat intelligence”. Finally, we'll take the risk of predicting the future and provide some thoughts on how targeted attacks and state-sponsored threats may continue to evolve.

    - Identify frequently-missed blind-spots and operational failures that help attackers persist in a compromise environment
    - Discover how to better utilise existing resources and technologies to reduce the time gaps between successful compromise, detection, and remediation
    - Identify which approaches to remediation have been most successful at driving attackers out of a compromised environment and limiting the likelihood of re-compromise
    - Understand how targeted and state-sponsored attackers are evolving their methodologies in response to increased exposure and analysis
    - Learn practical ways in which threat intelligence can be utilised to detect and respond to attackers
  • Join this webinar to learn how to achieve both speed and protection for your network, while staying on budget. Organizations like yours are leveraging fast, affordable broadband to move to the cloud. And while you may use SSL to encrypt data, cybercriminals also use it to encrypt malware. Your high-speed network demands high-speed protection.
  • For more than two decades organizations worldwide have failed at creating the security awareness we have aimed for. Instead of continuing doing things we already know are failing to give us the results we need, Mr. Roer and his team set out to analyse what the key elements in successful awareness programs are, and what the major reasons for failure are. The research project was the basis to create the Security Culture Framework, a free and open methodology on organizing successful awareness campaigns that creates lasting cultural change. Today, the framework is being used by a large number of organizations around the world, to build and maintain security culture. In this talk, Mr. Roer will walk you through the four basic principles of the Security Culture Framework, and explain how to be successful when building security culture.
  • Combating insider threats is an extremely daunting task. Even more challenging is to unearth and defend crimes that could be committed by potential malicious insiders who are organized and enjoy a high degree of trust. This presentation shall discuss the current state of insider threats, the detection mechanisms available, why they are not enough and also suggest practical methods that can help detect and prevent potential frauds. Elucidated through a case study, this presentation shall walk you through on how we developed and implemented a framework using BIG DATA technology, user attributes and proven methods of behavioral science to unearth potential malicious insiders. With a detection rate of 90 percent, this is a highly adaptable model and gets easily integrated within your SIEM/Incident management and delivers great Return on Investment.
  • Shan Lee is the Head of Information Security at JUST EAT Plc where he is passionate about promoting a "Security Culture" in what is a fast moving and rapidly expanding, multinational environment.

    In this presentation he will touch upon the following subjects: security culture, awareness, education, and the problems around the real threat being the (non-malicious) employees that don't even realise their online behaviour is a problem.
  • As the trend of employees using smartphones and tablets as corporate access devices in the workplace grows, businesses of all sizes continue to see information security risks being exploited. These risks stem from both internal and external threats including mismanagement of the device itself, external manipulation of software vulnerabilities and the deployment of poorly tested, unreliable business applications.

    During this webinar Steve Durbin, Managing Director of ISF, will explain why it is important for organisations to embrace these new technologies to develop and deploy effective enterprise-wide strategies and to safeguard their data.
  • Our personal and professional attack surfaces have never been greater, and they are only expected to grow as organizations and individuals continue to increase their reliance on the digitally connected world for a variety of tasks.

    Throughout 2014, and into 2015, Verisign iDefense® Security Intelligence Services observed cyber criminals increasing their focus on attacking point-of-sale (PoS) systems and developing and deploying new banking malware. Global events continue to drive a higher frequency and severity of hacktivist activities and pro-state cyber operations. Vulnerable legacy and open-source operating systems continued to complicate the security of critical networks.

    This report presents an overview of the key cyber security trends Verisign has noted and expects to see throughout the remainder of 2015. It features conclusions drawn from Verisign iDefense research and analysis covering cyber-crime, hacktivism and vulnerabilities.
  • This session will be about the process that takes place once a data breach occurs. The pressure is extremely high and various teams have to come together in this time of emergency, including incident response team, the board and the executive management, the PR team, risk management and legal. Goals are to strategize and minimize the damage, contain the threat, and ensure that the business continues running in spite of a major incident and at the same time public concerns and pressure are addressed in an efficient manner.

    Talk points:

    Getting the call
    Arriving on scene (first observations and attacker profile analysis)
    Crisis management with key internal tenants
    Evidence collection and preservation, digital forensic investigation and analysis