IT Security

Community information
The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
  • Join Tom Kellerman, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who need to develop and implement a comprehensive cyber security strategy. Tom will highlight critical information including 2015 cyber threat trends and how risk management strategies have changed.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
    • And more...
  • A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.

    If a security device produces an alert in the forest, who’s there to hear it?

    The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.

    You will learn:
    1.How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
    2.Why next generation sandboxing and full-system emulation are the keys to combatting evasive malware threats
    3.The expertise needed to accurately identify and diagnose the threat once the alert is received
    4.How to ensure your organization has the ability to respond effectively to the incident and close all the backdoors a threat actor may have opened
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • Join Tom Kellermann, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who are ready to take the reins of a real and effective plan to secure their organization, their data, and their careers against targeted attacks.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
  • 2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Cutting down on the time taken to complete complex document review cycles allows the modern lawyer to operate at the pace required by their industry.

    Join our webinar to learn top tips for shortening these review cycles without losing document integrity and risking corruption. We’ll also cover what technologies are available to provide a quick and accurate way to improve document review efficiency.
  • FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • We all want our families and homes to be safe with the convenience of remote monitoring, but do these smart home security devices really make our families safer or put them at more risk by inviting easier access to our homes electronically via insecure Internet of Things? In a follow-up to HP’s 2014 report on the Internet of (Insecure) Things we explore the security of popular off-the-shelf connected Home Security Systems and discuss various testing techniques we used in our study along with recommendations for manufacturers, developers and consumers.
  • From unobtrusive advanced malware detection technologies to automated threat response and actionable mobile-friendly dashboard – manage security from any device, any time, ESET will present new solutions for securing your endpoints and new ways to manage them.
  • The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • Organizations are having to cover more ground than ever when it comes to security. Yet businesses often lack the in-house skills and resources, so security leaders are turning to MSSPs to help bear the burden to ensure every area of risk is adequately attended to.

    Join us for an interactive discussion with guest speaker, Forrester Research VP and Principal Analyst, Ed Ferrara, to learn how MSS is changing the conversation for businesses to achieve security goals. Help drive the conversation by submitting a question for Ed in advance so we can tackle your biggest security concerns such as:

    • Overcoming the skills shortage
    • Where to focus the budget – spending trends across industries
    • The value of security – pitching it as an investment not a cost to business leaders
    • Improving business outcomes – leveraging MSSPs as a tactical arm to optimize IT security, efficiency and value
  • Most IT providers have offers related to big data, cloud, mobility and security, and companies are looking at IT as the way to reduce costs and be competitive during an economic crisis. Investments in IT trends such as cloud computing and big data will rise thanks to a new player in the game: the business departments. This analyst briefing will show why companies are investing in IT, and what will change in 2015.

    Why you should attend:

    - Discover how many companies will adopt big data, cloud, mobility and security in 2015
    - Understand the current scenario of these trends in Latin America
    - Learn what will be different in 2015 regarding each trend
  • Providing a seamless user experience from browsing to purchase requires consistent uptime and performance, and seasonal traffic spikes require elastic scalability. In this webinar, we'll explore these and other big data challenges faced by e-commerce businesses and how the cloud can provide a winning solution. We’ll review mobile shops login data analysis, dynamic content, affiliate programs, infrastructure reference architecture, mobile plate- form integration with social media, and network integration and built-in instant messaging uses cases.
  • For any developer, choosing the right compute infrastructure and back-end database is a critically important decision. In this webinar, we'll explore specific challenges that mobile app and game developers face and how the cloud can provide a winning solution. We’ll also explore cloud solutions for big data challenges for MMOG, built-in analytics, online and offline MOG online modes, infrastructure reference architecture, and social network and cross-platform game use cases.
  • The risks and opportunities which digital technologies, devices and media bring us are manifest. Cyber risk is never a matter purely for the IT team, although they clearly play a vital role. An organisation's risk management function need a thorough understanding of the constantly evolving risks as well as the practical tools and techniques available to address them
  • Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • In the past, women had many challenges that are not there today or have been transformed to something else. An example is that, in the past, a woman with children might have lesser chances of getting a competitive or managerial position. Today, she is able to go out for a job of her choice but might struggle to find a balance between home issues and the expectation to continuously exceed at the job. What women and in general all professionals need today is a mentor to guide them through personal and career aspirations. A good mentor is usually aware of corporate intricacies and latest developments to advise potential mentees in meeting their personal and career objectives.

    In this webcast we will look at the importance of mentoring, about how to become and be a great mentor and how to seek one out. Also, what should you provide as a mentor, and what should your colleague expect from you?

    We will be joined by Emili Evripidou and Vicki Gavin from the Women In Security group, as well as information security professional Sandip Wadje to talk about his experience of coaching and mentoring to graduates, junior professionals and expats moving to the UK. We will be live at 2pm GMT on the 10th March.
  • Part 1. Lead the Enterprise Collaboration Revolution: How to Inspire, Transform and Drive Sustainable Adoption

    The enterprise social revolution is brewing in the enterprise today. Mobile technologies, business velocity, collaborative engagement, advanced analytics, and unified communications are converging to deliver the promise of enterprise collaboration success.

    Organizations that miss this paradigm shift from transactional systems to engagement systems will face dire consequences. How can you ensure that enterprise social technologies will be embraced and adoption will be sustainable?

    Join industry thought leader Dux Raymond Sy in this interactive session as he shares how you can positively transform your organization and lead the enterprise social revolution. You’ll learn how to apply practical steps to drive culture change and effective techniques to promote sustainable adoption with enterprise collaboration technologies


    Part 2. 3 Ways AvePoint Takes the Pain Out of Migration to SharePoint
    Now that you have decided to opt for SharePoint, how do you get there? In this webcast, we’ll discuss the potential obstacles you’ll face during a migration project. Then we’ll show you three ways AvePoint can expedite your path to SharePoint, including:

    •Optimizing migration resources by automating remediation of stale
    content

    •Minimizing business disruption over the course of migration projects
    with customizable scheduling

    •Maintaining all relevant content, permissions, and metadata
  • Reacting to threats and remediating breaches can’t wait. Your compliance plan may be in place – but can you execute fast?

    Join BMC Software and Qualys to see how to get complete IT compliance and reduce the risk and cost in your organization. Hear how to reduce the window of exposure to vulnerabilities and be more proactive in preventing aggressive threats. In this webinar, you will learn to:

    ·Break down the SecOps gap and internal silo’s
    ·Easily detect security issues with new automated, online technology
    ·Quickly analyze operational dependencies and the potential impact of proposed fixes
    ·Enforce governance policies and change approval requirements
    ·Execute validated remediation actions rapidly
    ·Document actions and results in real time


    Plus, learn how to improve communications between security and operations to ensure a speedy resolution to compliance issues.
  • The Mobile World Congress Conference brings industry leaders, visionaries and innovators together to explore trends that will shape the mobile industry.

    This briefing will discuss emerging trends, top issues and provide the key takeaways based on feedback from meetings held at the 2015 Mobile World Congress.
  • Our dependence on software continues to grow, powering some of our nation’s most critical infrastructure. To secure our cyber assets, we need to apply high standards to our software suppliers as well as the third party parts built into our software. Join the discussion on:

    •How open source and component-based development is driving the need for a software supply chain
    •Techniques and technologies used to vet software suppliers and components
    •The role of potential legislation in managing software risk

    If you are concerned about protecting our software infrastructure – join the discussion.
  • With the exponential growth of data generation and collection stemming from new business models fueled by Big Data, cloud computing and the Internet of Things, we are potentially creating a cybercriminal's paradise where there are more opportunities than ever for that data to end up in the wrong hands. The biggest challenge in this interconnected world is merging data security with data value and productivity. If we are to realize the benefits promised by these new ways of doing business, we urgently need a data-centric strategy to protect the sensitive data flowing through these digital business systems. In this webinar, Ulf Mattsson explores these issues and provides solutions to bring together data insight and security to safely unlock the power of digital business.
  • Constantly evolving threats can be more difficult to counter—unless you have full visibility into potential vulnerabilities of your infrastructure. Built on the leading cloud security and compliance platform, Qualys gives you immediate, global visibility of IT vulnerabilities with continuous monitoring.
  • As much as Silicon Valley startup execs love to portray Microsoft as a dinosaur, the fact is that Office 365 adoption is accelerating in the enterprise. Office 365 offers a promising compromise for enterprises deciding, “to cloud or not to cloud": Bring cloud-based productivity tools under the company’s security umbrella so that people can work the way they want to, without sending sensitive company data astray. The idea that you can simply shift responsibility for your company’s data security to Microsoft, however, couldn’t be further from the truth. You can achieve Office 365 data security... but only through a partnership that involves, at its core, a comprehensive in-house security plan, together with Office 365’s built-in security functionality.

    In this webinar, Rich Campagna, VP Products at Bitglass, and Chris Hines, Product Marketing Manager, will help you understand where Microsoft’s security responsibility ends, and where yours begins, highlighting key gaps to keep in mind as you make the move to Office 365, and how to solve them.
  • Le traditionnel paysage du datacenter a changé pour toujours, laissant l'infrastructure virtualisée délivée comme un service. Nous assistons, en effet, à une virtualisation qui s’est étendue bien au-delà de l'informatique , avec le stockage et la virtualisation réseau qui sont devenus rapidement la norme pour la plupart des organisations. Ce modèle est vrai indépendamment du fait que l'infrastructure soit gérée en interne dans l’entreprise ou dans le Cloud. Etant donné que l'infrastructure devient hautement virtualisée et se dirige de plus en plus vers le cloud privé , les ressources informatiques traditionnelles doivent aussi évoluer au risque de devenir inutile.

    Découvrez comment Symantec peut vous aider à renforcer l'agilité du datacenter grâce à une infrastructure élastique, la mise en place d'un modèle de services et l'exploitation de l'intelligence informatique.

    •Améliorer l'élasticité de l’infrastructure
    •Fournir des ressources as-a-Service
    •Cultiver l’Intelligence informatique
  • Cyber Essentials is about providing clarity on good basic cyber security practice. By focussing on basic cyber hygiene, you will be better protected from the most common cyber threats. This Government and Industry backed scheme helps your charity or business to become certified Cyber Essential. This can improve your security, engender better end user trust and even gain you free cyber insurance...

    Give01Day, the cyber supporter of charities, has created this series of webinars to help you learn more about the Cyber Essentials scheme, how to get your house in order and where to go for certification and further help.

    In this first webinar we discuss who the scheme is aimed at, what it entails and how charities in particular can benefit. We also highlight the Cyber Streetwise website as a useful resource.

    Joining Give01Day on this webinar is the approved certifying body IASME. Viewers will have the opportunity to submit questions during the Q&A session at the end of the webinar.
  • In most targeted attacks, threat actors use existing vulnerabilities as point of entry to exploit vulnerable systems. Many organizations understand the importance of closing the holes by patching the system immediately, however, in reality it is an impossible task. Zero-day vulnerabilities leave the system perpetually vulnerable, leaving attackers free to zero-in to take advantage of the hole. All it takes is one vulnerability for a system to be compromised.

    This Virtual Patching webinar discusses the options organizations have to better manage vulnerabilities. It presents new methods to help organizations adapt & mitigate known & unknown vulnerabilities.
  • Recent security research shows that web applications are one of the primary attack vectors involved in data breaches. Virtually every web application on the Internet will inevitably be targeted and therefore organizations need an easy to use, accurate and scalable solution to identify web application vulnerabilities before their adversaries exploit them.

    Join us to learn how Qualys WAS 4.0 with Progressive Scanning provides organizations like ThousandEyes with powerful new capabilities to enhance testing coverage and provide flexible scan scheduling, reducing the burden on understaffed IT security teams.
  • The rise of malware and malicious insiders brings application security into clear focus. Well written software, security testing and code obfuscation mitigate risk but the most critical applications in the most risky locations need to go one step further to become tamper resistant. Trusted applications that handle sensitive data, control valuable IP and perform critical processes can be isolated and protected within secure execution environments. Mobile phones, embedded devices and data center servers all adopt physical hardening to secure the applications they host. This webinar focuses on protecting business applications that support high-tech manufacturing, content distribution, online authentication – in fact any situation where you need to know for sure that your application is doing precisely what the developer intended – nothing more, nothing less.
  • Today's business initiatives include developing stronger security to help protect against vulnerabilities, minimizing corporate risk and meeting compliancy requirements. Investments in intelligent Identity and Access Management (IAM) can help organizations meet these objectives, lower IT operating costs, and improve productivity. Join (ISC)2 and Courion Corp on March 12, 2015 at 1:00PM Eastern for the 1st part of a 3 part series where we'll provide guidelines to help you create a compelling business case for IAM technology and the ability to provide continuous monitoring that makes you aware quicker and react faster to risk.Also included will be real-life examples of how investments IAM infrastructure technology can enhance your security posture.
  • Well-maintained perimeter defenses are a key part of any security strategy. Organizations increasingly recognize that they must also complement their perimeter defenses with strong forensics capabilities to investigate and analyze attacks. When attacked, an enterprise needs to be able to rapidly investigate and determine the scope and impact of the incident so they can effectively contain the threat and secure their network.
    In interactive this session, you will learn about:
    • The key use cases for network forensics
    • The typical organization that acquires network forensics technologies
    • How FireEye Enterprise Forensics enables the proper response to today’s cyber attacks
  • Please join AvePoint and MISA Ontario at 2-3 p.m. on Thursday, March 12, 2015 as we discuss best practices for designing SharePoint environments aligning with mobility trends.

    In this 60-minute webinar, Sag Baruss, Senior Solutions Architect for AvePoint, will introduce the implications of bringing SharePoint to the next generation of mobile devices and a BYOD-enabled workforce – including case studies to illustrate best practices in information architecture.
  • "To protect and serve"" is a good motto for IT, as there seems to be an expectation that IT exists only to create new technology solutions in response to the demands of the business: to serve. It's not true. The Information Technology department exists to protect the IT interests of the owners of the organisation whilst also serving IT's customers and users. The two don't always align.

    IT is entrusted with custody of the organisation's IT assets. Sometimes it is not in the best interests of the organisation to abandon those investments or to increase the risks to the confidentiality, integrity and availability of the information, in order to meet demands for new IT from the customers.

    Join IT Skeptic, consultant and commentator, Rob England as he explores IT's evolving role in striking a balance in extracting maximum value from existing investments against facilitating the generation of value from new investments.

    This session is approved for 1 Continual Professional Development (CPD) priSM credit.
  • If you could see your network assets the way hackers do, you’d know a lot more about your vulnerabilities. To secure your information systems requires control and continuous visibility of the entire network and its various components.
  • The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure. Join us on March 17th to learn how the Internet of Things will play a role in your future and what changes will be happening in security.
  • 2014 is in the bag and what a year it was - for the hacker and cybercriminal community that is.

    2014 was full of high profile data breaches and significant new vulnerabilities, some of which affected the very core of the online world. This session will combine looking back at 2014’s key events and a good dose of Fortinet’s cyber crystal ball to come up with some predictions for what we can expect during the upcoming 12 months.