The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Enterprises cannot move to the cloud quickly enough. In fact, Gartner estimates that by 2020, “cloud-first” and “cloud-only” will be standard corporate policies rather than exceptions.
That’s a big problem for traditional security infrastructures. There’s a hodgepodge of disparate, disconnected security products that were not made to secure the cloud. Some vendors have “cloud-washed” their products, but these deliver questionable value. In real-world situations, these products perform poorly, lack critical functionality, and cannot provide the visibility time-strapped security teams require to be effective.
ProtectWise and Ixia make it easy to secure workloads in the cloud, including multi-cloud environments, in addition to traditional on-premises networks. Running entirely from the cloud, the ProtectWise Grid delivers pervasive visibility via automatic real-time and retrospective threat detection, long-term retention of full-fidelity packet capture (PCAP) and unlimited forensic exploration. Ixia CloudLens™ simplifies capture of network traffic from public cloud, virtual, or physical environments and delivers it to The ProtectWise Grid seamlessly. Through this integration, ProtectWise and Ixia give security teams a single solution for end-to-end visibility across heterogenous public cloud, enterprise, and hybrid environments.
Attend this webinar and learn how easy it is to secure the cloud with the joint ProtectWise-Ixia solution and:
Why security in mixed- and multi-cloud environments can be difficult
How moving to the cloud limits visibility for legacy security solutions
How a modern approach to security provides pervasive visibility
Our R&D teams have had a busy year thus far and we would like to invite you to learn more about recent releases and updates made to the SentinelOne platform.
Rajiv, our VP of Product Marketing, will lead you through the changing threat landscape and provide an overall platform update. Including:
VDI - full memory protection, threat visibility on decommissioned devices, and more
Updates to On-Premise Appliance for Fed, Gov, and GDPR use cases
A brief demo of SentinelOne with AWS workspaces
Highlights about recent ransomware attacks and our new executive team
2016 was a “Ransomware Horror Show”. If you've been in the IT trenches over the past year, you've probably noticed that announcements of new ransomware strains are accelerating and there is no end in sight for 2017.
In this webinar, we will cover the final 3 sections of the very popular KnowBe4 Ransomware Hostage Rescue Manual in depth.
Join Erich Kron CISSP, Technical Evangelist at KnowBe4 for the webinar “Ransomware Hostage Rescue Guide, Part 2”. We will look at recent infections, give actionable info that you need to prevent infections, and cover what to do when you are hit with ransomware.
To effectively respond to today’s complex cyberattacks, security teams need to coordinate their people and technology throughout the entire incident response (IR) process. When IR orchestration is supported by automation, organizations can accelerate their response and make their IR team more intelligent.
In this video, IBM Resilient CTO Bruce Schneier compares and contrasts orchestration and automation, and outlines how organizations can orchestrate response with an incident response platform.
Microsoft is struggling to stop phishing and ransomware in Office 365. Now there is a solution. Over 70 of the leading security vendors have joined together in one platform to create the most complete, cloud-native protection for SaaS-based email. Best of all, it works in parallel with Microsoft and Gmail to deploy as simply as an app-store one-click application.
As a Salesforce admin, you can allow your users to authenticate with a YubiKey any time they’re challenged to verify their identity. Once provisioned, users simply insert and tap their YubiKey to complete verification. It’s a secure, convenient alternative to using Salesforce Authenticator or one-time passwords sent by email or SMS.
In this on-demand webinar, Itzik Koren (Salesforce) and Jerrod Chong (Yubico) demonstrate why it is important to activate U2F with single sign-on (SSO) on Salesforce.com, and the cost savings you can achieve with YubiKey as a hardware-based second factor.
In this webinar, we’ll show you real-life examples of the ways Yubico and Centrify provide context-based, adaptive authentication across enterprise users and resources. Across a wide range of use cases, Centrify and Yubico provide IT the flexibility to enforce security without user frustration.
Centrify Identity Service can leverage the easy-to-use, multi-function YubiKey for use cases such as:
-- Smart card AD-based login to Mac or Linux
-- Smart card login to Centrify’s cloud service for SSO, secure remote access, or administration
-- OATH OTP as a second factor for secure SSO to cloud apps
-- OATH OTP for MFA to privilege elevation on servers
-- Physical NFC token-based MFA for secure access to apps on mobile devices
We’ll show you secure, simple, scalable solutions that both admins and users love.
We asked Amnon about the current key issues in data security and why having up-to-date threat information is becoming increasingly important, in what way malware attacks can be prevented, and how this intelligence can be harnessed and applied to the mobile and cloud environments.
We also learn about Check Point Software’s new security architecture, Software Defined Protection, and how it can be used to control your security environment by combining intelligence with segmenting your network.
View Amnon’s Executive Interview to learn how Check Point Software’s new architecture and other security solutions can be of benefit to your organisation.
Business units want a policy that allows them to save everything. Legal wants the minimum saved. IT just wants something easy to execute. What should we do? A committee is formed, with legal, IT, records management, HR, and others. The committee meets. Discussions ensue: Which are business records? How long should we save them? Do we allow exceptions?
The committee meets again. And again. We’re stuck.
Join Ed Rawson , Michelle Hanrahan, Shawn Cheadle and Mark Diamond as they discuss strategies for building consensus across your organization and making sure your initiative doesn't get stuck!
About the speakers:
Ed Rawson is a strategic, results-oriented thought leader who has dedicated over 30 years of his career to helping organizations manage their paper and digital content lowering cost and increasing productivity. Ed has helped organizations to align information with business value and operational direction to maximize the return on investments, lowering risk and maintaining compliance.
Michele Hanranhan is Records Manager at Sound Transit since January 2015 and is leading a RIM group to implement ECM solution organization wide. She previously worked at Federal Home Loan Bank of Seattle, PATH, and Washington State Department of Transportation and has over 16 years of experience in Records and Information (RIM) with a variety of business, government and non-profit organizations.
Shawn Cheadle is General Counsel to the Military Space line of business at Lockheed Martin Space Systems. He supports government and international contracts negotiations, drafting and dispute resolution. He also supports information governance, eDiscovery, records management, counterfeit parts investigations, and other functional organizations at Lockheed Martin. He is an ACC Global Board Member, current Information Governance Committee Chair and former Law Department Management Chair, and former Board member and President of ACC Colorado.
Smart cards are highly secure and used globally in environments with enhanced security concerns and usability demands. However, smart cards are cost prohibitive for many organizations. The YubiKey changes that.
Watch our webinar on the YubiKey as a smart card for computer login. This webinar included end-user demonstrations on Windows, Windows RDP, and Mac machines.
- Cost-saving advantages of the YubiKey as a smart card
- Native support across Windows, Mac, and Linux
- Best practices for configuration and deployment considerations
In this webinar we are going to:
- explore top cyber threats that fintech companies face
- identify the monitoring and detection compliance requirements common to Federal and State Regulations
We will be talking to Angelo Purugganan, Chief Information Security Officer, at Arctic Wolf Networks, to get his perspective on the how security analytics and continuous monitoring can simplify compliance using a SOC-as-a-Service provider.
Most fintech transactions today happen at a fast pace, served through web applications using a combination of mobile devices and legacy systems, with some level of protection. While beneficial to small and medium fintech companies, consumers and regulatory agencies are apprehensive about protecting customers personal data and detecting cyber attacks over the internet which impact the integrity of financial transactions.
When it comes to your data, regardless of your country or industry, you likely have compliance regulations to adhere to. We understand the challenges this can bring to your IT and compliance teams.
Adopting the NIST Cybersecurity Framework (CSF) is one way that can help you achieve compliance with the many regulations you may be affected by. Developed in the United States, the CSF has been adopted by many organizations, including those in the international community with one example being the government of Italy, who has incorporated the Framework into its own National Framework for Cyber Security.
Join us for a webcast hosted by Symantec Chief Cybersecurity Business Strategist, Renault Ross CISSP, MCSE, CHSS, CCSK, CISM as he dives into the CSF to:
• Identify sensitive data, where it is and who is accessing it
• Protect that data by establishing policies which prevent exposure
• Detect threats to which could extrapolate data by several means
• Respond to threats with automated actions
• Recover after a threat to produce reports to prove compliance
The clock is ticking on the latest cloud compliance mandate: NIST Special Publication 800-171, otherwise known as DFARS (Defense Federal Acquisition Regulation Supplement). Any organization or contractor that holds or processes unclassified Department of Defense (DoD) data must ensure that they comply with the new DFARS clause.
December 31, 2017 is the ultimate deadline by which to prove compliance, so action is recommended as soon as possible.
In this webinar, Patrick Gartlan (CloudCheckr CTO), Jeff Bennett (Allgress President/COO), and Tim Sandage (AWS Sr. Security Partner Strategist) will lead an interactive workshop on what DFARS regulation means for your business, specifically:
✔ Specific requirements of the DFARS regulation
✔ Key controls that CloudCheckr provides to help you meet DFARS requirements
✔ Tools from Allgress that map DFARS requirements to CloudCheckr features
The sophisticated Eastern European cybercrime group implicated in the Chipotle hack is known for its financial targets. Learn how Carbanak launches a phishing campaign, from Michael Zeberlein, an expert in cyber-counterintelligence, advanced adversary hunting, malware analysis and digital forensics.
The talk will go over:
—The verticals being targeted
—Payloads and planning
—Specific campaigns and victims
Standards organizations like SNIA are in the vanguard of describing cloud concepts and usage, and (as you might expect) are leading on how and where security fits in this new world of dispersed and publicly stored and managed data. In this webcast, SNIA experts Eric Hibbard and Mark Carlson will take us through a discussion of existing cloud and emerging technologies (such as the Internet of Things (IoT), Analytics & Big Data, and so on) – and explain how we’re describing and solving the significant security concerns these technologies are creating. They will discuss emerging ISO/IEC standards, SLA frameworks and security and privacy certifications. This webcast will be of interest to managers and acquirers of cloud storage (whether internal or external), and developers of private and public cloud solutions who want to know more about security and privacy in the cloud.
Topics covered will include:
Summary of the standards developing organization (SDO) activities:
- Work on cloud concepts, CDMI, an SLA framework, and cloud security & privacy
Securing the Cloud Supply Chain:
- Outsourcing and cloud security; Cloud Certifications (FedRAMP, CSA STAR)
Emerging & Related Technologies:
- Virtualization/Containers, Federation, Big Data/Analytics in the Cloud, IoT and the Cloud
Your employees are using more cloud apps than ever, and mobile workers frequently work without turning on their VPN. You need new ways to extend protection anywhere your employees work — and you need it to be simple, yet incredibly effective.
Exciting innovations in network security-as-a-service offer distributed organizations the potential to extend and meaningfully increase security effectiveness. Join this 451 Research webinar with Cisco Security to hear a discussion about new cloud-delivered protection for mobile workers, lean branch offices, and cloud applications.
In the webinar we will discuss:
- The changing cloud security landscape
- The emergence of the Secure Internet Gateway
- Important buying considerations for companies looking to add these capabilities
Public cloud providers operate on a shared responsibility model, which places the onus on the customer to define and secure the data and applications that are hosted within cloud infrastructure. To that end, it is critical that organizations accurately and selectively pinpoint which cloud workloads and virtual IT assets must be monitored, updated and patched based on developing threats to customer data and applications.
In this webcast, Mark Butler, Chief Information Security Officer at Qualys, and Hari Srinivasan, Director of Product Management for Qualys Cloud and Virtualization Security will detail how you can gain complete visibility of your organization’s entire cloud asset inventory and security posture to help you keep up with shared security responsibility models across public cloud infrastructure.
The presentation will cover:
> Challenges surrounding increased migration to public clouds
> Using automation for secure DevOps
> How to ensure effective and efficient operations
This webcast will include a Q&A session, as well as a live demonstration of how to deploy Qualys seamlessly and deeply into public cloud environments with new features.
Sometimes there is a mandate to delete large quantities of emails and files very quickly, either after litigation or simply because senior management gets fed up with too much electronic junk. When needing to delete a lot quickly, traditional “manage and let expire over time” approaches don’t work. On the other hand, blanket, delete-everything approaches can run afoul of record retention and legal requirements. What’s an organization to do?
About the Speaker:
Dan Elam is one of the nation’s best known consultants for information governance. As an early industry pioneer, he created the first needs analysis methodology and early cost justification models. Dan’s involvement has been in the design and procurement of some of the largest systems in the world. Today Dan helps Contoural clients develop business cases and establish strategic road maps for information governance. He is the former US Technical Expert to ISO and an AIIM Fellow.
Law enforcement and defense organizations need secure access to sensitive data, and to provide services and to collaborate with others, while protecting the public, and any confidential information. Faced with these challenges, meeting compliance regulations such as Criminal Justice Information Services Security Policy (CJIS-SP) , is a priority for most organizations, especially as audits draw near.
Did you know that the Criminal Justice Information Services Security Policy (CJIS-SP) requires that data be encrypted when it is transmitted outside a secure facility, even within the same agency
“When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via cryptographic mechanisms (encryption)”
Join us for an informative webinar where you will learn how to secure your data in transit as it moves across your internal and external network, to help ensure compliance with the FBI mandate.
•Overview of CJIS-SP mandate
Network vulnerabilities and how Ethernet encryption can help secure data in motion
•Use cases – hear how various agencies have successfully deployed network encryption to secure their data and meet audit requirements
•Mapping solutions to the needs of your organization
For more information on dealing with multi-factor authentication in the CJIS audit, check our part one in the series: https://www.brighttalk.com/webcast/2037/258091
Retailers are faced with the challenge of fast evolving consumer buying processes. Today and in the future consumers have greater choice in terms of how when and where they buy. Consumers expect an omnichannel experience across all available touch points with retailers.
According to the 2017 Customer Experience Benchmarking Report, 85% of retail and consumer goods organisations recognise CX as a competitive differentiator. Join us for this webinar where we’ll be discussing the retail specific findings from the report.
Even the most sophisticated adversaries know it’s far easier to steal credentials and use them for covert activities than it is to locate a zero-day vulnerability in an external-facing system. Plus, since attackers will take the easiest path, most breaches still rely on stolen credentials.
Join our Unit 42 threat intelligence analyst for an insightful perspective on credential-based attacks and phishing. In addition to presenting its unique attack life-cycle, she will:
• Identify trends and techniques in methods used for credential theft and abuse.
• Review how cyber criminals have changed their tactics to compromise networks.
• Examine who is being targeted, and why.
• Discuss techniques to stop credential leakage.
AWS cloud is one of the leading cloud providers in the market—and Amazon solutions like Trusted Advisor, Cost Explorer, CloudTrail, CloudWatch, and Inspector can help organizations begin to manage their IaaS infrastructure more efficiently. However, the valuable data provided by these services can be more efficiently leveraged with tools that offer deeper visibility and control.
Join us to learn tools and tips to take your AWS investment to the next level, including:
- Forecasting and tagging tips to predict and optimize cloud spend
- A comprehensive approach to monitoring to ensure secure and compliant infrastructure
- Proactive risk detection and automated remediation tactics
What steps are you taking to minimise your risk of becoming a data breach victim? In this webinar, Symantec and a guest speaker from Forrester share best practices to proactively protect your critical data with data-centric security.
Get advice on preventing data breaches from these industry experts:
• Guest Speaker Heidi Shey, Senior Analyst, Forrester. Heidi serves Security & Risk Professionals with solutions for data security and privacy. She also researches sensitive data discovery, data loss prevention, cybersecurity, customer-facing breach response and more.
• Nico Popp, Senior Vice President, Information Protection, Symantec. Nico is the former CTO of VeriSign Security Services where he led efforts to develop new products and services for Trust Services and Identity Protection.
Join these authorities as they explain how a holistic approach to data security and identity puts you back in control.
Ransomware. Business email compromise (BEC). Social media phishing. Counterfeit mobile apps. Today’s advanced attacks use different tactics and vectors, but they all have one thing in common: they target people, not just infrastructure.
In this webinar, we use original research and data collected from real-world Proofpoint deployments around the world to explore who is being targeted, how attackers are getting people to click, and what you can do about it.
Register now to learn about:
•The latest social engineering targeting trends and techniques
•Top email fraud tactics, including business email compromise (BEC) and social media account phishing
•The rise of fraudulent mobile apps and how criminals target users on the go
Protecting sensitive client and corporate data is one of the most important responsibilities in any organization. So if your current solution isn’t working for all stakeholders, is it really working at all?
1. Increase security and compliance, while maintaining user-friendliness
2. Deploy encryption without interrupting normal business processes
3. Ease the daily burden of your data security administration
Why is software so riddled with security defects? Are developers to blame? Is it just the nature of software? We’ve found that there are four primary ways that vulnerabilities end up in your software. Understanding these sources and how to prevent them is a good first step in making your apps less like a red carpet for cyberattackers, and more like a moat.
Benefits of attending:
1.Learn how vulnerabilities are getting in your code and how to keep them out from a VP of Engineering
2.Gain actionable tips and advice on application security– from a development manager who lives it day to day
3.Move beyond the buzz about the insecurity of open source components – what is the solution?
4.Identify the best ways to help developers learn to code more securely
5.Gain insight from the latest research into which languages are introducing what vulnerabilities
Legislators in Europe continue to expand the scope of the laws governing information security and personal data protection. As a result, organizations serving consumers and businesses in the region need to understand the implications these laws will have on their use of open source to build software applications.
During this educational webinar led by Dan Hedley, Partner, IT and Commercial from Irwin Mitchell, we’ll provide guidance on the General Data Protection Regulation (GDPR) and why a comprehensive approach to open source security management is essential for GDPR observance. In addition, we’ll review open source management best practices in context of other industry-specific developments like the Network and Information Services Directive and the Electronic Identification Regulation.
The upcoming GDPR legislation represents a sea change for organisations that store or process data relating to EU residents. With penalties for violations up to 4% of annual global turnover, organisations are scrambling to comply with GDPR provisions. Effective data governance and access control helps enterprises manage risk effectively, comply with regulations and gain competitive advantage through agile decision.
Join Srikanth Venkat, Sr. Director Product Management and Ana Gillan, Solutions Engineer as they discuss effective data governance and its role in complying with regulations such as GDPR. They will also cover Atlas and Ranger, the governance and security components of Hortonworks Data Platform and their role in effective data governance.
This webinar is not intended to constitute legal advice. Viewers should consult with their own legal counsel regarding compliance with GDPR and other laws and regulations applicable to their particular situation and intended use of any Hortonworks products and services. Hortonworks makes no warranties, express, implied, or statutory, as to the information in this webinar.
Application delivery infrastructure resources are increasingly strained. The new features in modern Application Delivery Controllers along with the demands for SSL to comply with search engine ranking algorithms are major contributors to the problem. It means organizations have to find ways to scale their ADCs. But do they scale up? Or scale out? And how?.
Join us for this live webinar to discover:
oThe drivers for the requirement of scalable application delivery infrastructure like SSL adoption and expanding ADC feature sets
oThe pitfalls and limits of vertically scaling your ADC
oHow you can use equal-cost multi-path (ECMP) routing to horizontally (and nearly infinitely) scale your ADC
oHow to use Route Health Injection (RHI) to ensure availability of your ADC cluster
oExamples of organizations who have accomplished this with HAProxy
IT planners have far more options as to where to run their workloads than ever before. On-premises data centers, co-location facilities and managed services providers are now joined by hybrid multi-clouds – a combination of Software-, Infrastructure- and Platform-as-a-Service (SaaS, IaaS, and PaaS) execution venues. All have unique operational, performance and economic characteristics that need to be considered when deploying workloads.
In this Webinar Carl Lehmann, Principal Analyst with 451 Research, and Don Davis, Technology Director for Iron Mountain’s Data Center business will discuss how industry leading enterprises determine the best execution venues for their workloads by addressing:
•The market and technology trends that influence workload, data center and cloud strategy
•How to evaluate the characteristics of various workloads and execution venues
•How to manage workloads across on-premises and off-premises ecosystems
Attendees will learn how to formulate an IT strategy that can be used to guide the decision criteria needed for placing workloads on their best execution venues, and enable the migration and ongoing management of workloads across a hybrid multi-cloud enterprise architecture.
- Broadcast LIVE from Las Vegas during Black Hat 2017 -
As cyber threats are evolving at a rapid pace, and firewalls and antiviruses are considered antiquated solutions, companies are constantly looking for the most advanced ways to protect their critical data.
Artificial intelligence and machine learning are now an integral part of cybersecurity. With cyber attacks becoming more serious, and in some cases endangering human lives, artificial intelligence could be the key to security.
Join this panel of top security experts as they discuss the role of AI and machine learning in cyber attacks, cyber protection and what the future of security looks like.
- The impact of AI/ML on security
- Trends in cyber attacks
- How to best protect against them and secure our critical assets
- Demetrios "Laz" Lazarikos, Three Time CISO, Founder of Blue Lava
- Sven Krasser, Chief Scientist, CrowdStrike
- Alex Pinto, Co-Founder & Chief Data Scientist, Niddel
- Jisheng Wang, Senior Director of Data Science, CTO Office - Aruba, a Hewlett Packard Enterprise company
Technology is improving retail operations and enhancing the customer experience. The “Smart Store” has come to life with the rise of the Internet of Things, inspiring stores to adopt applications such as digital signage and IoT sensors.
Sign up for this webcast with Ken Hosac, Vice President at Cradlepoint, to learn more about how Smart Stores concepts are changing the dynamics of the shopping experience, creating new retail store standards, and how it’s all dependent upon a foolproof network connection.
More than 90% of targeted attacks start with email fraud. Learn how to gain insight into, and effectively defend against, these attacks.
Join us for a Proofpoint technical webinar, brought to you by engineers, for engineers. This session will focus on effectively defending your domains from impostors and fraudsters attacking your organization, your customers and your partners.
Topics will include:
• The Threat Landscape
• SMTP Standards and Evolution
• Stop Attacks with Visibility & Authentication
• Configuring Email Protection to help block imposter threat
• Creating DMARC reporting in less than 10 minutes
SQL injection attacks enable attackers to tamper with, delete or steal sensitive data from corporate databases. In this webinar, Zach Jones, senior manager for static code analysis from WhiteHat Security’s Threat Research Center, will discuss SQL injection attacks and how to best defend against them.
In this webinar, we will:
- Provide examples of vulnerable code
- Discuss data boundary concepts between input and target interpreters
- Explain the differences and advantages of using parameterized queries versus custom stored procedures
- Discuss the pitfalls of using selective parameterization or trying to sanitize inputs by escaping or encoding them manually
WhiteHat Security has extensive experience working with customers to identify and fix the latest web application vulnerabilities. Join us to gain a deeper understanding of common web application vulnerabilities, get expert technical advice on defensive tactics, and learn best practices to safeguard your apps from being exploited.
Interconnected networks are critical to the operation of a broad and growing range of devices and services, from computers and phones to industrial systems and critical infrastructure.
The integrity and security of routers, switches, and firewalls is essential to network reliability, as well as to the integrity and privacy of data on these networks. As increasingly sophisticated attacks are launched on network equipment, strong protection mechanisms for network equipment, both on the device and service level, is required.
TCG recently has issued its Guidance for Securing Network Equipment with use-cases and implementation approaches to solve these problems, designed to help system designers and network architects get the best security possible from this powerful technology.
Join TCG experts to learn about using device identity, securing secrets, protecting configuration data, inventorying software, conducting health checks, using licensed feature authorization and more.
Steve Hanna, Senior Principal at Infineon Technologies, currently chairs TCG’s Embedded Systems and IoT groups and driving the effort for a new industrial IoT group within the organization. He has been active in the Industrial Internet Consortium and its security efforts as well. He is the author of several IETF and TCG standards and published papers, an inventor or co-inventor on 41 issued U.S. patents; and holds a Bachelor’s degree in Computer Science from Harvard University.
Michael Eckel is a Security Technologist at Huawei Technologies. Previously, he was a researcher and software developer at Fraunhofer SIT; mobile software developer at boostix and a web and software developer for a number of other companies. He holds a masters degree in computer science. Eckel currently participates in the Trusted Computing Group’s NetEQ subgroup, working to secure vulnerable network equipment.
The effects of a credential-based attack differs by organization and by job function. In this session, we will cover a look at how these attacks affect different types of organizations, along with the analysis and demonstration of how an attack is done.
In this session, hear about:
* Credential theft industry research coverage
* Industry analysis of the problem space
* Application of the credential theft lifecycle in light of recent attacks
- Broadcast LIVE from Las Vegas during Black Hat 2017 -
Small and medium businesses face countless threats, most of which have a human at their origin. These criminals, driven by financial gain, are essentially business owners – not unlike yourself – who are looking to spend as little money and as few resources as necessary to generate as much revenue as possible. Therefore, most cybercriminals target businesses that have a false sense of security.
Why would a cybercriminal spend a fortune going after a Fortune 1,000 when they can spend a few bucks to crack a small business? Exactly!
During this live webinar, we’ll explore the types of threats that small and medium businesses face and the business risk associated with these threats. It’s easier to get hacked than you think and it’s only a matter of time before it happens. Will your business be prepared? Are you doing everything you can to protect yourself beforehand?
Knowing that perfection is not possible, our panel of experts will look at 4 key steps that small and medium businesses should take to reach a reasonable level of cybersecurity:
- How to conduct an analysis to determine risk and the need to focus on cybersecurity within your business
- How to assess the cost of a breach, a loss of information and the impact that a cybersecurity event can have on your customers and partners
- How to create a plan to protect your systems, information, revenue and customers’ data
- Best practices for guiding your implementation, from segmentation to employee access control policies to information protection controls
Join us for an extremely informative session geared towards small and medium business owners and their IT staff.
Sean Martin, CISSP, Editor-in-Chief, ITSPmagazine
Rusty Sailors, President / CTO at LP3 and Chairman, Protecting Tomorrow
Russell Mosley, Director, Infrastructure & Security, Dynaxys
Tom Caldwell, Senior Director of Engineering at Webroot
- Broadcast LIVE from Las Vegas during Black Hat 2017 -
Innovation is moving so fast. Each day there's a new device or technological service to hit the market designed to make our lives easier, more convenient, and perhaps even healthier. They listen to us, watch us, learn about us. They help us make decisions. They “guess” our next move - our pending desire. They make decisions - even take action on our behalf. As a society we snatch up these new devices as quickly as they hit the shelves and use them with open arms, unknowingly putting our privacy and safety at risk.
How many devices are there? What are they used for? In this session, we’ll focus on the side effects associated with devices used to run our countries, our cities, our homes, our lives - even our physical being.
Ultimately, it’s about the lack of cybersecurity - because there is a lack of cybersecurity, there’s no conversation about it, and therefore there is no understanding (awareness) of what’s at risk for using these devices. It’s not necessarily a bad thing - but the fact we are making uninformed decisions as a society means we could be putting ourselves and our loved ones at risk without even knowing it.
This panel is part 1 of 2 parts - it’s all about the lack of security and the side effects it has on us as individuals and as a society. What are we trading in exchange for using these devices to make our lives “better”? Bottom line... are you (we) surrendering to the technology?
- Ted Harrington, Executive Partner at Independent Security Evaluators
- Gary Hayslip, Vice President & CISO, Webroot
- Mike Ahmadi, Director of Critical Systems Security, Synopsys Software Integrity Group
- Chenxi Wang, Host of The New Factor on ITSPmagazine
SSL/TLS Industry requirements are changing at an unprecedented pace. Over the last couple of years, new requirements have been passed down by the CA and browser community to help further solidify the security practices around obtaining and using SSL/TLS and other types of publicly trusted certificates. Over the next 12 months, more important changes are being introduced to continue that trend. Join Dathan Demone, Product Manager at Entrust Datacard, who will discuss both past and future changes that will have a major impact on all certificate subscribers. In this Webinar, we will discuss topics such as:
• New changes coming to browsers and how they notify end users about the proper use of SSL/TLS on all web pages
• Changes to certificate lifetime policies and verification rules that are being introduced in 2017
• New requirements around Certificate Transparency that are being introduced in October, 2017
• Updates to recommended security best practices and new vulnerabilities in the world of SSL/TLS
• Certificate Authority Authorization and how this can be used to protect your organization against fraud
Throughout 2017 organisations will continue to be confronted by increasingly frequent and complex cyber threats. It’s not a matter of if your organisation will be compromised, but when.
A traditional prevention-centric strategy naively assumes all threats can be blocked at the perimeter, which leaves you blind to the threats that do get in. Many organisations are shifting to a more balanced strategy including detection and response. Enter Threat Lifecycle Management (TLM) - your playbook for rapidly detecting and responding to cyber-attacks.
In this webcast, Seth Goldhammer, senior director of product management at LogRhythm, explains what TLM is, and demonstrates how the end-to-end security workflow helps reduce your mean time to detect and respond to cyber threats.
The Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network. The team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet.
What types of malware do we catch most often in the wild? Which network services do attackers commonly target? What are the most popular attacks in different regions of the world? Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.