IT Security

Community information
The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
  • Most governments have already created, or are in the process of creating, regulations that impose conditions on the safeguard and use of Personally Identifiable Information (PII), with penalties for organizations who fail to sufficiently protect it. Organizations need to treat privacy as both a compliance and business risk issue, in order to reduce regulatory sanctions as well as reputational damage and loss of customers due to privacy breaches.

    So how will organisations manage infrastructure across multiple domains without falling foul of emerging privacy and data management legislation, particularly when cloud services and personal devices are the norm?

    During this webinar, Steve Durbin, Managing Director of ISF, will discuss how the security function and the board will need to work together to ensure that current regulatory trends and emerging technologies are aligned to maintain business effectiveness and connectivity.
  • Welcome to the registration page for the Livestream of the 14th Annual SAS Government Leadership Forum. By registering for the Livestream, you can view all of the action happening at the live conference in Washington, DC, all from your device.

    Today more than ever, data is interwoven in our lives. We know the positive, progressive things that big data enables. We’ve also seen the dark side, marked by cybercrime, fraud, privacy breaches and more. To make better decisions faster that lead to real change, it’s crucial that everyone involved in those decisions has access to the right information. SAS® makes this possible. Join us for this exciting forum to learn about all the innovative technologies that are transforming how we run government, our businesses and the world. You’ll see firsthand how SAS makes analytics accessible to everyone today to uncover new and exciting opportunities that effect real change, faster than ever thought possible.

    Forum Highlights:

    Keynote presentation by Alec Ross, former Senior Adviser for Innovation to Secretary of State Hillary Clinton and author.
    General sessions featuring government and SAS executives on fast-evolving analytical technology and how it’s changing our world.
    Breakout sessions on best practices and stories of innovation in fraud and improper payments, cyber security and more.

    Join the conversation by tweeting #SASGOV!
  • Companies everywhere are drowning in data. They are collecting more of it, and at an accelerated pace, while at the same time depending on it more than they have before. Data centers are being constructed around the world to house all this information, but research shows that more than two-thirds of what is being kept is worthless.

    That’s where Veritas comes in.

    The demand for our information management services has never been higher, as there will be more than 44 zettabytes of data in the world by 2020. Using current approaches, IT organizations will be incapable of managing that data – they don’t have the financial or human resources. At Veritas, our business is structured on addressing this issue. We are focused on helping companies harness the power of their information – wherever it resides – by driving availability and revealing insights across heterogeneous environments.

    Join this webcast to learn more about the Veritas vision, where an information-centric approach is taken over infrastructure-centric and we explain our three core beliefs;
    • More data does not deliver more value
    • Infrastructure availability does not mean application availability
    • Not all data is created equal
  • As organizations become more and more data-centric, the way this data is put to use and delivered via applications and services holds the key to the organization’s overall competitiveness and success.

    A consolidated data center environment provides an optimized platform for innovation, applications and services delivery, cost reduction and efficiency.

    Consolidation in the data center has multiple facets, all introducing security challenges and risks that must be recognized and dealt with.

    This session will introduce the consolidated data center environment, the technologies deployed, their related security challenges and the possible solutions available.
  • MDM and MAM solutions for BYOD create a poor user experience. In this video, watch 5-year old Brooke onboard an iPad to Bitglass Mobile Security in seconds, with one step. Easy Peasy!!
  • Now you can get continuous, automated detection and protection against any vulnerability, anytime, with the next generation of Qualys Vulnerability Management (VM). Join us for this webcast to watch a live demonstration of the comprehensive VM solution from Qualys.
  • Protecting your organization from cyberthreats can be a challenging task, but choosing the right solution doesn’t have to be.

    In this live webinar, you’ll find out the 10 Things Your Next Cybersecurity Solution Must Do to block cyberattacks and protect allowed traffic from threats. Then learn how to effectively evaluate cybersecurity solutions through the Request for Proposal (RFP) process.

    Specifically, we’ll take a look at how to:

    •Overcome the gaps in visibility caused by the overwhelming volume of alerts and manual processes.
    •Efficiently correlate information to identify infected systems and weaknesses throughout the network, and then execute protections.
    •Bridge the gaps between different security products for cohesive and rapid detection, analysis, and protection.
  • Protecting your organization from cyberthreats can be a challenging task, but choosing the right solution doesn’t have to be.

    In this live webinar, you’ll find out the 10 Things Your Next Cybersecurity Solution Must Do to block cyberattacks and protect allowed traffic from threats. Then learn how to effectively evaluate cybersecurity solutions through the Request for Proposal (RFP) process.

    pecifically, we’ll take a look at how to:

    •Overcome the gaps in visibility caused by the overwhelming volume of alerts and manual processes.
    •Efficiently correlate information to identify infected systems and weaknesses throughout the network, and then execute protections.
    •Bridge the gaps between different security products for cohesive and rapid detection, analysis, and protection.
  • Learn how to take control of your data by using advanced encryption, centralized key management and cutting edge access controls and policies. In this session, Imam Sheikh, Dir. Product Management at Vormetric, and Tricia Pattee, HOSTING Product Manager will discuss how to proactively address PCI Compliance in the cloud, protect intellectual property and comply with data privacy and system integrity regulations. Join this informative webinar to learn about HOSTING and Vormetric data encryption security solutions and best practices that have helped leading Fortune 500 businesses protect their sensitive data across their private, public and hybrid cloud environments!

    What you'll learn:
    • How data encryption helps prevent data breaches
    • How to address PCI compliance requirements in the cloud
    • How to safeguard cardholder information that is stored in a variety of different databases and versions
    • The HOSTING and Vormetric approach to securing data in motion and at rest
  • While network security encompasses both the physical and software preventative measures to prevent and monitor unauthorized accesses or misuse of a computer network, the adoption of a password management policy and strategy can be foundational to the prevention of unauthorized uses of network resources. In many cases, simple password management is the weakest link. In this webcast, we'll explore what needs to be done to strengthen this important and oft overlooked aspect of network security and discuss password synchronization, and self-reset functions that can save time and money - and a lot of post-it notes as well.
  • Dieser Live-Webcast zeigt Ihnen, wie Qualys und Kenna gemeinsam die Schwachstellenscans von Unternehmen mit Bedrohungsdaten verbinden, um effektives Schwachstellenmanagement auf Risikobasis zu ermöglichen. Die Teilnehmer lernen Strategien kennen, um praxisrelevante Bedrohungsdaten auf ihre Schwachstellenmanagement-Pogramme anzuwenden.
  • Was geschieht, wenn Hacker in Ihre Systeme eindringen, und wie Sie schnell reagieren können.

    Diese Woche zeigen wir Ihnen, wie Sie einen potenziellen Angriff schnell und noch vor dem Verlust von Daten erkennen können. Mithilfe von ATP-Technologien können Sie schneller und flexibler auf die Situation reagieren und die folgenden drei Fragen leichter beantworten: „Wie?“, „Was?“ und „Wo?“

    Im zweiten Teil dieser dreiteiligen Webcast-Reihe erfahren Sie, wie ATP-Technologien gewährleisten können, dass Ihr Unternehmen darauf vorbereitet ist, schnell zu reagieren, sollte es Ziel eines Angriffs werden.
  • Qué sucede cuando los elementos maliciosos penetran en su infraestructura y cómo reaccionar rápidamente.

    Durante esta semana comentaremos cómo podemos detectar vulneraciones potenciales rápidamente, antes de que se pierdan los datos. La tecnología para amenazas avanzadas le proporciona una respuesta rápida y ágil, y al mismo tiempo le ayuda a responder tres sencillas preguntas: cómo, qué y dónde.

    Únase a nosotros en nuestro segundo capítulo de esta serie de tres partes, con el fin de que entienda cómo las tecnologías ATP pueden encargarse de que su empresa esté lista para reaccionar rápidamente en caso de que ocurra una vulneración.
  • Cyber-attacks are growing in complexity, and the rise of Advanced Persistent Threats (APTs) and insider threats has made organisations and government agencies more aware of their vulnerability. A comprehensive defense requires capabilities that go far beyond the firewall to protect against attackers that have penetrated the network perimeter. While no point security solution—technology-based or otherwise—can fully protect an organisation from cyber-attacks and APTs, today’s availability of cross-domain security solutions can help organisations protect themselves better than ever before.

    In this roundtable discussion, participants from the National Bank of Kuwait, Accenture and CA Technologies will examine the current cyber security challenges facing organisations, including in the Middle East, and debate how the need for identity-centric security is critical today.

    Tamer Gamali, President, (ISC)² Kuwait Chapter; Board Member, (ISC)² EMEA Advisory Council; CISO, National Bank of Kuwait

    Shirief Nosseir, Business Lead, Information Security for the CA Technologies business in the Eastern Europe, Middle East and Africa
    Simone Vernacchia
    IT Strategy, Infrastructure & Security Consulting & Outsourcing Director, Accenture Middle East

    (ISC)² is giving away 3 non-member passes for the ISC)² SecureDubai Conference (November 24) to delegates who view the webinar for a minimum of 45 minutes. Winners will be announced live at the end of the webinar and subsequently emailed with information on how to redeem their prizes. For further details on the prize draw and full T&C’s, please copy and paste the following link to your browser:
  • The complexity of today’s security networks, and the vast streams of data flowing toward network administrators, make security networks difficult to manage and threats tough to find.

    Automation, deployed in the right way, can significantly reduce complexity, manual data mining, and human errors in your security deployments.

    As a network administrator, you have to strike the right balance between manual efforts and automation to get the most value:

    ·Deploy too little automation and you may open up your company to the dangers of human error and your team to long, stressful working hours

    ·Deploy too much automation and you may lose control of important nuances in both network management and security

    Join us for this webinar to learn how the right level of automation can alleviate your workload, improve your security, and streamline the management process in your security deployments, and how Palo Alto Networks network security management solution offers you that critical level of automation.
  • As spear phishing continues to be one of the top security threats, enterprises have looked to user training programs to bolster their defenses. One of the main challenges security awareness professionals face is implementing a phishing training program which shows continuous improvement and value to their organization. How do you start and build upon a training program to showcase continuous success?

    The key to implementing an effective program is to focus on the biggest threats and leverage behavioral metrics to drive your program. During this webinar, Diana Garcia, Manager, Customer Onboarding and Training, will cover:

    -How do you implement a phishing awareness program and run it continuously?
    -What are the key elements of a successful program and what does it look like?
    -How do you show the value this program and your trained users add to the security organization?
  • Well-maintained perimeter defenses are a key part of any security strategy. However, when attacked, you must be able to rapidly investigate cyber attacks to determine their scope and impact. You must quickly and effectively contain threats and secure your network. What should you look for, and what are the best ways to search for threats?

    Our years of front-line incident response and security analysis experiences deliver the answers you need.

    Join this interactive webinar as experts from the FireEye as a Service and Incident Response teams share best practices for investigating attacks and conducting network forensics, including:

    •Critical use cases for network forensics
    •Best practices for accelerating your network forensics process
    •Unique techniques to identify and investigate threats in your
    •How to leverage FireEye Enterprise Forensics products

    Our experts encourage your questions and comments! Register today to learn how to enhance your network forensics processes.

    The FireEye Team
  • Конвергенция используемых Вами традиционных инфраструктур резервного копирования с устройствами Veritas NetBackup ─ это оптимальная стратегия для Вашего бизнеса. Это самый эффективный способ существенно упростить резервное копирование и восстановление данных.
    Одно усовершенствованное решение позволит Вашей компании масштабировать среду любого размера и типа — физическую, виртуальную или облачную. А увеличение производительности и эффективности поможет сэкономить время и деньги. У Ваших сотрудников будет достаточно времени, чтобы сосредоточиться на работе с клиентами и деятельности, которая увеличивает Ваш доход. А увеличение дохода обеспечит Вам больше возможностей для внедрения инновационных решений.
    Сколько же денег можно сэкономить с помощью Veritas NetBackup, особенно в виртуализированной среде?
  • Die Konvergenz herkömmlicher Backup-Infrastrukturen mit Veritas NetBackup-Appliances ist die richtige Strategie für Ihr Unternehmen. Es ist die effizienteste Methode, um Ihr Backup und Ihre Wiederherstellung deutlich zu vereinfachen.
    Mit einer einzigen optimierten Lösung kann Ihr Unternehmen sein Backup für Umgebungen jeder Größe skalieren – ob physisch, virtuell oder cloudbasiert. Leistung und Effizienz werden erhöht und Sie sparen Zeit und Kosten ein. So haben Ihre Teams mehr Zeit, sich auf Ihre Kunden und gewinnbringende Projekte zu konzentrieren. Denn höhere Gewinne bedeuten, dass Sie mehr in Innovation investieren können.
    Wie viel Kosten können Sie also mit Veritas NetBackup einsparen, insbesondere in einer virtualisierten Umgebung?
  • La convergence des infrastructures de sauvegardes personnalisées avec les appliances Veritas NetBackup est la stratégie adaptée à votre entreprise. Il s'agit de la manière la plus efficace de simplifier considérablement votre sauvegarde et votre récupération.
    Grâce à une solution rationalisée, votre entreprise peut évoluer vers n'importe quelle taille et n'importe quel type d'environnement (physique, virtuel ou cloud). Grâce à l'amélioration des performances et de l'efficacité, vous économiserez du temps et de l'argent. Vos équipes auront alors le temps de se concentrer sur vos clients et sur les activités génératrices de revenus. Et grâce à cette augmentation de revenus, vous pourrez innover.
    Alors, combien pouvez-vous économiser avec Veritas NetBackup, en particulier dans un environnement virtualisé ?
    Inscrivez-vous dès maintenant à notre Webcast diffusé le 7 octobre
  • Veritas NetBackup appliance è la soluzione efficace e innovativa che semplifica e ottimizza le procedure di backup e recovery.
    Una soluzione pratica che garantisce la scalabilità necessaria per adattare il tuo business ad ambienti, fisici, virtuali e cloud. Performance ed efficienza cresceranno insieme ai profitti: i tuoi team potranno dedicarsi ai clienti e alle attività di business, promuovendo al meglio l'innovazione!
    Che benefici puoi ottenere con le appliance NetBackup di Veritas?
    Scoprilo partecipando al nostro Webcast del 7 ottobre.
  • Don’t stay behind. Embrace convergence
    Staggering complexity. Relentless growth. Bare metal, Virtual, Private Cloud? Sound like your data center and the daily challenges you face in your backup infrastructure?

    Register for this webcast and get straight answers on simplifying enterprise data protection, scaling for growth, and increasing agility. You’ll learn how Veritas NetBackup reduces complexity through comprehensive integration, a converged platform, and efficiencies through automation and self-service operation.

    Attend the webcast and learn how to:
    •Reduce the increasing complexity of protecting a modern enterprise IT environment
    •Scale with the relentless growth of the modern enterprise data center
    •Adapt your backup infrastructure to challenge your traditional backup model?
    •Ensure you understand how your can modernize your backup with converged backup appliances

    Learn how to you can focus your team on activities that drive revenue.
  • Last year, hackers targeted retail companies and their POS systems to steal vast amounts of credit card and financial data. This year, things have changed as cyber criminals are now going after identities, making data breaches much more personal. While credit cards can be easily replaced, personal identities cannot. This webinar looks at the major data breach trends in 2015. Who is doing the hacking, how they are doing it, and what industries are being targeted most. In addition, listeners can get a new understanding of how to approach to data security and “Secure the Breach”.
  • The importance of cryptography in the security systems continues to increase, and has become a mainstream issue. Yet it is a complex topic that is misunderstood by many. This 60 minute webinar reveals important new research into common pitfalls and misconceptions about crypto security. Originally presented at Black Hat 2015, this session discusses how random numbers and entropy are generated and how they are consumed by the most common crypto applications and protocols including SSL/TLS.

    Attendees will have the opportunity to ask questions about the research and gain a better understanding of what’s really going on with random number generation in their own systems and assess the practical impact on the their overall security posture.
  • For years, most endpoint security strategies have revolved around endpoint anti-virus, but this approach is clearly unable to keep pace with modern threats. To mitigate their risks, IT organizations need to rethink their current endpoint security strategies and move past these reactive security technologies. In order to set organizations down the right path, we will present Forrester’s five design principles of an effective endpoint security strategy, helping security professionals to place attack surface reduction and tool integration as their central focus points within their own strategies. Ultimately, this will allow organizations to better deal with the influx of new device types and data access requirements while reducing the likelihood of data breaches.
  • This webinar explores the best practices for distributing policies, determining when and how to provide education and how to build awareness campaigns. We often think that once a policy has been formally issued the job is done, but that is far from the truth. Properly communicating the policy is only the start.

    Attendees will learn the challenges, best practices, and benefits of a well thought out policy communication plan.
    Register now to join IT GRC industry expert, Michael Rasmussen as he discusses best practices in policy awareness and communication.
    Learning Objectives:
    - Define the key parts of a policy communication plan
    - Identify methods for tracking and delivering training and attestations
    - Determine ways to enable employee access to policies and related materials
    - The role of training and education
    - The policy portal – delivering an interactive employee experience for policy management
    - Getting employee questions answered
    - Attestations, read and understood, certifications
    - How technology enables employee engagement on policy
  • By 2020, more than 7bn inhabitants of Earth will be using over 35bn devices to communicate, collaborate, negotiate and perform transactions.

    To put it into perspective, there are only about 8.7bn connected devices now.

    The surge will come quickly and organizations will scramble to take advantage of monetizing this digitally connected world. Identities are at the forefront as the digital passport to an online world of goods and services because a single view of an individual customer is the key to knowing that person better and building a deeper personal and business relationship with them. Join Oracle and (ISC)² on October 8, 2015 at 1:00PM Eastern to learn about the new identity economy.
  • Since 1999, Oracle has included a Java Virtual Machine (JVM) within the database. That makes it old enough to drive and well past time to get a real job. In today’s data-obsessed world, that job is fortifying Oracle’s database with a healthy dose of analytics to give your database the power to handle the data challenges of the 21st century.

    There are numerous advantages to adopting a 100% Java code base for in-database analytics. Security is doubly enhanced by performing all analytics in the database. The code is highly portable as the identical java classes that run in the database will run on any client with any operating system. Plus the modern paradigm of taking the algorithms to the data is elegantly achieved with minimal effort.

    Until now, a single Java solution with all these qualities wasn’t available. By using JMSL Numerical Libraries, you get a suite of algorithms with routines for predictive analytics, data mining, regression, forecasting, and data cleaning. JMSL is scalable and can be used in Hadoop MapReduce applications. Now, JMSL Numerical Libraries makes Java in the database more than useful -- it makes it unbeatable.

    This webinar walks through the argument of why embedded analytics is better and provides examples using an Oracle database and JMSL. And if you’re not convinced, tell us so in the live, interactive Q&A!
  • We are pleased to introduce Aperture, a unique approach to securing sanctioned SaaS applications.

    Join us for a webinar where you’ll learn how Aperture’s detailed analysis and analytics on SaaS usage prevents data risk and compliance violations — and is helping companies, like yours, gain better control of their SaaS applications.

    Aperture also delivers:

    ●True visibility into SaaS usage
    ●Granular control of SaaS access
    ●Data exposure control
    ●Threat protection extension
    ●Minimal impact to users and networks

    Register today!
  • Learn how data encryption and encryption key management address compliance for healthcare providers and payers. Join Derek Tumulak, VP Product Management at Vormetric, and Tricia Pattee, HOSTING Product Manager as they discuss how HIPAA/HITECH regulations impact electronic protected health information (PHI) and best practices to safeguard sensitive patient data.

    Discover how:
    • HIPAA and HITECH regulatory mandates impact data security for healthcare institutions
    • Strong encryption and policy-based access controls provide a separation of duties between data security and system administrators
    • Secure key management and policy management ensure consistency in applying policies and encryption keys to both structured and unstructured data
    • Rapid implementation is achieved because encryption is transparent to users, applications, databases and storage systems
    • The HOSTING and Vormetric cloud solution can satisfy HIPAA and HITECH compliance requirements in the cloud
  • Na het bijwonen van dit webinar weet u hoe u een mobiele IT-omgeving kunt implementeren die door het dynamisch aanpassen van de security instellingen overal voldoet aan de geldende regelgeving. Medewerkers zijn op deze manier altijd en overal productief en in staat de juiste dienstverlening te verlenen. Zo kunnen medewerkers van een financiele instelling niet alleen op iedere werkplek binnen kantoor, maar ook bij klanten thuis volgens het beleid van hun organisatie werken. Medewerkers in een ziekenhuis zijn in staat om op hun eigen werkplek, als ook bij de patient aan het bed in hun eigen vertrouwde omgeving te werken, zonder dat de privacy van gegevens in gevaar komt. En ook thuiswerken kan op deze manier mogelijk worden gemaakt binnen ieder bedrijf dat waarde hecht aan flexibel werken voor hun medewerkers, zonder de beveiliging uit het oog te verliezen.
  • Comprenez ce qui s’est passé et rétablissez l’activité rapidement

    Au cours des deux premiers webcasts, nous avons vu pourquoi les violations sont inévitables et comment détecter rapidement un menace avancée. Dans ce dernier épisode, nous allons voir comment Advanced Threat Protection peut efficacement résoudre le problème et supprimer les malwares de vos systèmes. Rétablir l’activité, cependant, ne suffit pas : il faut aussi améliorer sa préparation pour l’avenir. Nous y viendrons également

    Inscrivez-vous ici.

    Webcast 1: Advanced Threat: que faire en cas de violation de sécurité inévitable? -

    Webcast 2 - Advanced Threat Protection : j’ai subi une violation de sécurité, que s’est-il passé ? -
  • The growing sophistication and evasiveness of cyber threats have redesigned the paradigms of the information security landscape. Since traditional signature-based technologies alone cannot keep the pace with advanced threats, a breed of new technologies has been developed to fill the gap in what seems an endless arms race against malware creators. In the same time, the volatility of the perimeter, direct consequence of the growing adoption of cloud services, dramatically broadens the vulnerability surface of the organizations, requiring a new approach for the CISOs in terms of both technologies and policies.

    In this webcast we will analyse the current threat landscape related to advanced malware, demonstrating that, unlike what is commonly believed, it is not necessarily related to state-sponsored operations, but it is frequently used even in opportunistic attacks (and in several cases also available as a P/SaaS model).

    After showing the characteristics that make a malware “advanced” (evasion at the endpoint and network level, polymorphism, etc), the webcast will outline the foundations of a multi-layered approach needed to detect, contain and mitigate the threats posed by advanced threats.
  • Entienda qué ha ocurrido y cómo restablecer sus operaciones rápidamente

    En este último capítulo hablaremos sobre cómo la tecnología para las amenazas avanzadas puede también solucionar y eliminar de forma efectiva el malware de sus sistemas. Pero sabemos que no quiere simplemente reanudar sus operaciones, sino que también prefiere estar mejor preparado de cara al futuro. Por ello también describiremos un enfoque concreto para ayudarle a conseguirlo.

    En los dos primeros webcasts hemos comentado por qué una vulneración puede ser inevitable y cómo puede detectar rápidamente una amenaza avanzada.

    1) Inscríbase ahora -
    2) Inscríbase ahora -
  • Businesses are spending so much money on security -- almost $47 billion in 2013 -- and yet the number of breaches continues to increase. To mitigate the risks of increasingly sophisticated, innovative and persistent threats, we need to change the way we think about our security programs. In this webcast, Art Gilliland, General Manager of HP Enterprise Security Products, talks about the challenges all enterprises face from the bad guys -- and the critical steps businesses must take to defend against today's most advanced threats.
  • Jason will introduce some of the major challenges associated with monitoring and logging cyber security events, highlighting the need to identify indicators of compromise at a much earlier stage and in a more consistent, insightful manner.

    He will present a cyber-security monitoring framework, emphasising the benefits of taking a balanced, intelligence-led approach, based on fundamental log management and situational awareness. He will then look at what a cyber-security incident actually is and outline how to prepare for and respond to a cyber-security incident effectively – ensuring that it is properly followed up - helping to reduce the frequency and impact of future cyber security incidents.

    Finally, Jason will introduce a cyber-security incident response maturity model, showing how you can measure the maturity of a cyber-security incident response capability.