The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
This session will provide insight into what we’ve observed from today’s threat landscape by continuous monitoring of our clients’ security estates. The data, gathered from analysis of trillions of security relevant logs, six billion attempted attacks, global honeypots and sandboxes located in over 100 different countries and 10,000 clients networks across five continents, equips us to advise on the key recommendations that organisations can adopt to assist in bolstering their cyber defences in the digital age.
What does an IT/ITES organization need to consider in its efforts to protect itself from fraud, including data breaches?
These organizations need to provide assurance to customers, clients, internal stakeholders and regulatory bodies that any data being collected and processed by businesses is secure or risk massive fines, public embarrassment, loss of business, or even a closure of it.
•How to manage data security on shared computing resources?
•How to secure storage and transfer of data on company-owned, or company-managed endpoints?
•How to facilitate the path to meeting organizational and industry compliances?
•How to ease the daily burden of your data security administration functions?
SaaS apps are now extensively adopted by organizations – some procured by IT, others adopted by the users themselves. You’re already likely witnessing large amounts of data being transferred between users and these apps. As corporate data moves to the cloud, the risk of a data leakage increases with users accessing enterprise apps on unmanaged devices or storing corporate data on risky, unsanctioned apps.
Join this webinar to learn how to prevent data exposure and maintain compliance by protecting your data within enterprise SaaS apps and blocking unsanctioned apps. You’ll learn about:
•A real-world customer journey for complete data security in SaaS.
•Common threats leading to data leaks from popular SaaS apps.
•Benefits of adopting a platform approach to SaaS security.
2016 was a year marked by extraordinary attacks, with cyber attackers conducting multi-million dollar virtual bank heists, attempting to disrupt electoral process, and organising some of the biggest distributed denial of service (DDoS) attacks on record, powered by a botnet of IoT devices.
Join our Senior Director of Cyber Security Services for Asia Pacific and Japan, Mr Peter Sparkes, in this webinar for an in-depth analysis on the latest cyber threats trends, and find out why:
• Targeted attacks aimed at politically motivated sabotage and subversion has increased at alarming rates
• One in 131 emails contained a malicious link or attachment – highest rate in five years
• Ransomware infections increased by 36 percent, with size of ransoms spiking 266 percent
• CIOs have lost track of how many cloud apps are used inside their companies – When asked most will say up to 40 when in reality the number nears 1,000
Be the first to gain insight into the latest cyber threat trends in the Asia Pacific region, and learn about best practices and steps you can take to improve your security posture in 2017.
Register for the Symantec 2017 Internet Security Threat Report Webinar today.
The demand for business to be more agile and stay competitive is driving a change in the way applications are developed, deployed and adopted. The challenge has become balancing the agility needs of the business with improving the security of the applications and, more importantly, securing the data as it moves between the various clouds. Gaining visibility and preventing attacks attempting to gain access to the data, whether from an external location or through a lateral attack, becomes imperative in all locations where the applications and data reside, without adding additional cost or complexity. Organizations require visibility, control and prevention capabilities across any cloud environment, enabling consistent security policies and protection no matter where it is deployed.
This webinar will cover:
• Visibility: Consistent visibility across clouds is one of the most common issues with multi-cloud deployments.
• Threat prevention: Block known and unknown threats is a critical requirement to protect applications and data no matter where they reside.
• Automation: The ability to natively integrate into a variety of environments to match the dynamic and on demand nature of cloud services.
• Centralized management: Manage your virtualized and physical firewalls from a single management console, delivering consistent policy and features across all clouds.
The world is experiencing a ransomware attack like no other. While the wave of infections was spreading from East to West, a kill switch was identified that slowed the campaign considerably. Then another kill switch was needed, then another. Against popular belief, these kill switches are only effective against the original strain of the malware. In this presentation, we will review a variant without a registerable web site kill switch and how to protect against it.
Join this webinar and ask your most pressing WannaCry questions.
About the Presenter:
Mounir Hahad, Ph.D. is Sr Director at Cyphort, a Security Analytics company headquartered in Santa Clara, CA. Mounir is the head of Cyphort Labs, the group responsible for conducting threat research within Cyphort and driving detection enhancements for Cyphort’s Advanced Detection Fabric which uses behavioral analysis along with machine learning to detect advanced threats and correlate those incidents with ingested information from third party solutions. Mounir holds a Ph.D. in computer science from the University of Rennes. Prior to Cyphort, Mounir held various engineering management positions with Cisco’s Security Technology Group and with IronPort Systems.
WannaCry has made a statement, impacting more than 300,000 victims across more than 150 countries.
Join us to learn how threats like ransomware can become so widespread so quickly, the impact that not being prepared and protected can have on your business, and how to ensure you are well positioned to avoid the IT chaos future threats may pose.
Attacks like the Google Docs phishing scam that swept across the internet in early May showed a level of sophistication above regular phishing scams. More importantly, it will likely happen to other online services, thanks to a common login mechanism that is used by hundreds of websites.
Join this panel of security experts as they discuss:
- The nuts and bolts of the Google Docs worm
- How it was resolved
- What to expect in the future
- How to avoid becoming a victim to phishing scam: What to look out for and what NOT to do
- Travis Smith, Principal Security Researcher at Tripwire
- Cameron Naghdi, Sr. Security Engineer at Malwarebytes
- Filippo Valsorda of the Crypto Team at Cloudflare
Join us for this rare opportunity to hear Mark Kelton, a former senior CIA official, who concluded his career as Deputy Director of the National Clandestine Service for Counterintelligence, discuss the insider threat.
Mr. Kelton led the unit that protected the Nation’s most closely guarded secrets – and by virtue of his experience overseeing the Intelligence Community’s “Gold Standard” Insider Threat Detection program, Mr. Kelton has comprehensive expertise in the detection, investigation and mitigation of Insider Threats.
What happens when cybercriminals get hold of exploits developed at the NSA? We found out earlier this month with the WannaCry ransomware attack, which quickly spread within organizations around the globe. In this webinar, we will discuss the weaknesses in existing IT defenses that WannaCry exposed, what the attack portends for the rest of 2017, and—most importantly—what IT organizations can do to defend themselves against increasingly potent threats.
During this live webinar, learn the latest enhancements to the CloudCheckr Cloud Management Platform. Todd Bernhard, Product Marketing Manager for CloudCheckr, will highlight the newest noteworthy features, and show you how you can stay updated going forward.
The CloudCheckr service is updated frequently… every week in fact, so it’s a challenge to stay informed on all of the new features. Attend this webinar and learn the important updates including:
- Leverage price drops and new pricing policies for AWS Reserved Instances
- Access over 450 Best Practice Checks
- Save time and effort with “Fix Now” capabilities
Rejoignez-nous pour un webinaire en live avec David Grout, Directeur Technique Europe du Sud, qui explorera les tendances qui définissent le paysage actuel des menaces en se basant sur les investigations des équipes Mandiant en 2016.
Inscrivez-vous aujourd’hui pour découvrir :
•Les nouvelles tendances d’hameçonnage
•Les changements en termes de volume et de méthodologie
•Les apports de la cyber veille et de l’intelligence sur les attaques émergentes
•Les approches défensives pour mieux se protéger
•Comment la GDPR impacte les sociétés en EMEA
•Comment l’Europe se situe par rapport à l’Amérique du Nord et à l’Asie
Attend this webcast to learn more about how to better equip your healthcare organization in the fight against Ransomware and Cybersecurity threats. Some of the discussion points will include: The Current Cybersecurity Threat to Healthcare and Dell Technologies' Unique Approach to Security Transformation, Isolated Recovery Strategy.
Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them.
Viewers will learn:
• Current trends in Cyber attacks
• FFIEC Cyber Assessment Toolkit
• NIST Cybersecurity Framework principles
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
• Automated approaches to integrate Security into DevOps
About the Presenter:
Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention.
Ransomware campaigns continue to evolve. Organizations can defend their business with intelligence that uncovers the tactics attackers are leveraging to inflict harm. At the same time, your employees are a valuable resource in defending against ransomware and provide security teams with useful information to take proactive measures. Security leaders and their teams are challenged with doing more with less. Integrated solutions and automation to fight ransomware enables analysts to be more efficient and accurate in the operation.
Join PhishMe and Recorded Future as they uncover the latest ransomware campaigns and how employees and analysts play an important role in defending the enterprise.
• What are researchers and other companies seeing as part of the threat landscape?
• What can teams do to protect and respond and what resources do you need to prepare?
• What are the benefits of integrating tools together and how can this help you?
By understanding the inner workings of exploit kits, you’ll be better equipped to protect your organization from them. Join Scott Simkin from Unit 42 as he breaks down how today’s attackers are automatically exploiting vulnerabilities in common systems.
You’ll learn about:
- Why exploit kits are increasing in popularity
- The process for launching exploit kit campaigns
- How to defend your organization from exploits
Cyber-attacks can originate from anywhere, but there appears to be an unabated trend of pointing the finger on either "sophisticated attackers" or, more blatantly, naming and blaming nation-states like Russia, China and now North Korea (alright, maybe even Iran).
The truth about attribution (who is the attacker) is often overlooked for something more dramatic, especially in situations where sensitive information or brand reputation is at risk.
The tactic is simple. Switch the focus from internal bad practices and shift the blame to “sophisticated, nation states and or criminal gangs.” Lazy, but effective.
Join Amar Singh and Joseph Carson, from Thycotic, as they both discuss the real reason behind why cyber attacks succeed (no - not because of Russia or China)and the steps you can take to make the job of hackers, both sophisticated and otherwise, much harder.
Enforcement of the EU General Data Protection Regulation (GDPR) is looming, giving you less than 12 months to prepare. And it has major implications for every organization that processes EU personal data – regardless of where they are based.
With the cost of non-compliance set at an astronomical 4% of global annual revenue – not to mention damage to reputation – the time to protect yourself is now.
On May 23rd, join Absolute’s data protection experts alongside leading technology and compliance lawyer Jonathan Armstrong, as they share practical insights on the global implications of GDPR. Register today and learn:
• GDPR compliance – what’s required and what’s at stake
• Organizational steps you need to take now to avert disaster
• The best security approaches to ensure compliance and protect your data – and your brand
Half of businesses admit security is their biggest concern to increasing user mobility. Securing enterprise mobility has been an ongoing and arduous topic for IT security professionals. Maintaining high-assurance security, while offering access to company resources to an on-the-go workforce has become a balancing act. So much so, a third of businesses actually prevent employee access to company resources via mobile. This is likely not a long term or sustainable solution to the problem.
So how do you find a compromise that won’t kill your security strategy? There are currently many technologies from derived credentials to mobile PKI. IT professionals are feeling the pressure to find a viable, user friendly, easy-to-deploy and secure options. In this webinar, we will discuss the current solutions in-depth and how they impact your current IT security policies. Attendees will learn more about:
-Software-based security versus hardware-based security
-How this impacts your back-end systems
-Technology such as derived credentials and mobile PKI
-Implementing a mobile PKI solution
In today's world, a cybersecurity incident can quickly become a risk to an organization's reputation. Reputational risk management is a critical business practice to ensure that your organization is doing everything possible to minimize the potential damage to its character or value.
Join our panelists Jake Olcott, VP of Business Development at BitSight, Siobhan Gorman, Director at Brunswick Group, and John Fiore, Former CIO of BNY Mellon as they discuss:
- How to mitigate reputational risk through cybersecurity risk management
- Ways in which reputational risk can affect your company's bottom line
- What executive leaders and board members care most about in regard to reputational risk
- Examples of successful and unsuccessful reputational risk management
- How security officials should be thinking about reputational risk management in their data security initiatives
Compliance with industry regulations is no longer a check-in-the-box exercise. Organizations are working to embed policy compliance into processes and frameworks to protect themselves not just from penalties, but also from cyber threats.
Join this Webinar to learn how Eversource, the largest energy delivery company in New England, is using Tufin to achieve continuous compliance with NERC CIP, and how you can ensure regulatory compliance, relieve audit preparation, and increase productivity. Don't miss the expert guidance from G2 Deployment Advisors on how dynamic, customizable process automation can ensure continuous compliance with corporate policies and industry regulations.
Today’s enterprises are continuously evolving to support new applications, business transformation initiatives such as cloud and SDN, as well as fend off new and even more sophisticated cyber-attacks on a daily basis. Many network and security professionals believe that they need latest and greatest new tools to address these challenges. But what if you already have what you need, up and running in your organization? Today’s security policy management solutions do a far more than automate traditional change management tasks.
Following on from last month’s webinar, Product Manager Jonathan Gold-Shalev will present 5 more ways you can use a security policy management solution to manage security, reduce risk and respond to incidents, while maximizing business agility and ensuring compliance across your disparate, ever-changing, hybrid networks.
In this technical webinar Jonathan will focus on how to:
•Automatically discover and map application connectivity
•Migrate application connectivity to another data center, the cloud, and throughout the development lifecycle
•Enhance C-level visibility
•Ensure your disaster recovery firewalls are secure and up-to-date
•Plan new for applications and application changes even before your server exists
With continued improvements in payments security through technologies such as P2PE and EMV, the PCI community has been effective at combating crime in a wide variety of financial institutions, retail environments and enterprises. As the use of stolen or fraudulent cards for in-person card present transactions becomes more difficult, criminals are shifting their focus to online activities. To stay ahead of the bad guys, merchants and institutions need tools that are specifically designed to address these challenges.
There are powerful solutions that enable organizations to securely protect payment transactions and retain control over their consumers’ buying experience, while integrating with existing payment flows. Join us to hear more about proven ways to safeguard sensitive crypto process and protect payment transactions while eliminating the exposure to sensitive cardholder data.
Presenter: Smrithi Konanur
Global Product Manager – Payments, Web, & Mobile, HPE Security – Data Security
Smrithi Konanur has over 14 years of computer software industry experience including more than 7 years of experience in Payment Industry. Her main focus in her current role is providing data security solutions for PCI, P2PE, tokenization, PII, and PHI in different channels like in-store(POS systems), e-commerce/browser-based applications and other mobile applications. Her background ranges from technical product development, management, integration, product management, and product strategy. She holds a Masters in Computer Engineering and multiple management continuing education programs.
The challenges that organizations face today are increasingly more complex than in the past. The constant change of the global economy, dynamics of business risks and opportunities, and an increased threat of cyber-attacks add complexities we’ve never faced. As organizations rely on more and more third parties to grow and thrive, they’re exposed to higher levels of risk, and regulators are focused on the need for organizations to manage 3rd party risk more effectively.
Manual processes, silos in contract administration, and technology and resource constraints can all lead to significant errors in the third party supply chain that leads to violation of privacy guidelines and security breaches, which cause substantial fines, penalties, and damage to brand value. On this webinar our panel of experts will discuss the risks and repercussions associated with third party contract management shortcomings, common gaps in third party contract management processes, examples of how new solutions and technologies can help organizations optimize their third party processes, and effective strategies for managing 3rd Party Risk.
Even the most sophisticated adversaries know it’s far easier to steal credentials and use them for covert activities than it is to locate a zero-day vulnerability in an external-facing system. Plus, since attackers will take the easiest path, most breaches still rely on stolen credentials.
Join the FBI and our own Unit 42 threat intelligence team as they present their insightful perspective on the cyberthreat landscape in 2017, with an emphasis on credential-based attacks and phishing. In addition to presenting their unique attack lifecycle, they will:
* Identify trends and techniques in methods used for credential theft and abuse.
* Review how cybercriminals have changed their tactics to compromise networks.
* Examine who is being targeted, and why.
* Discuss techniques to stop credential leakage.
* Review the FBI’s role in combating this destructive attack.
Defending against cyberattacks is tough enough, especially when attackers pose as authenticated users on your network.
Join the FBI and Palo Alto Networks® Unit 42 to learn what to do when you discover intruders on your network, and how to prevent their attacks from succeeding
Enterprises are adopting a hybrid infrastructure model to take advantage of rapid deployment of cloud-based services and higher computing power. This change in IT paradigm creates a need for CISO’s and their security teams to have solutions that protect applications wherever they reside as they move between on-premises and the cloud. Imperva offers a flexible, hybrid model to deliver DDoS and application protection augmented by crowd-sourced and curated threat intelligence. This session will show the flexibility of Imperva Application Security that will allow you to secure applications as they move to the cloud while future proofing application security investments.
The digital business is growing at a rate IT can’t match without over-worked staff and costly data storage. Over the next few years, more reliance on cloud hosting and software-defined networks will send your stress levels up and your IT visibility down… unless you take advantage of a smarter workflow designed to scale IT with real-time insight, on-prem and in the cloud.
Backed by machine learning for “always-on” anomaly detection, the ExtraHop platform redefines analytics for a more productive—and proactive—you.
What we know and have trained users about phishing attacks has changed. Old methods no longer apply.
IT teams have deployed filters and taught our users to detect phishing attacks by scanning for suspicious URLs, spoofed login pages, and unrecognized senders. We've told people to change passwords, turn on two factor authentication and watch for suspicious logins.
None of these methods can defend against the next generation of automated, malicious API-based phishing attacks that are invisible to users and unmonitored by SaaS.
Once exclusive to advanced state-sponsored actors, the recent Google Docs worm pushed this sophisticated method into the headlines.
In this webinar we will dig deep into the next generation of phishing attack and describe the new methods every IT team must deploy to defend against them. Because the vulnerability is not unique to Google, we will also discuss Office 365, Box, Salesforce and other popular business apps.
Our Hunter Spotlight series kicks off with Alan Orlikoski. From his 16+ years of security experience, Alan will share:
• Organizational strategies that work for both hunters and SOC managers
• How to create and sustain effective hunting teams
• Best practices and tools in the field
About the hunter:
Alan Orlikoski is a Security Engineer and Incident Responder with over 17 years of experience. He analyzes and tests existing incident response plans, conducts forensic investigations and provides incident response and forensics training. Alan has an extensive computer forensics background and has been a leader in some of the largest incident response and security operations center development programs in the history of the respective companies.
Web application security is becoming increasingly complex due to the continuously evolving threat landscape, the diverse nature of web applications, and the broad range of systems needed to manage security.
Qualys simplifies web app security with an end-to-end solution.
During this webcast, presenters Vikas Phonsa and Frank Catucci will show you how you can:
* Scan your apps using Qualys Web Application Scanning (WAS)
* Deploy one-click virtual patches for detected vulnerabilities in Qualys Web Application Firewall (WAF)
* Manage it all from a centralized, cloud-based portal