Hi [[ session.user.profile.firstName ]]

IT Security

  • Got Open Source Questions? Get Practical, Actionable Advice from the Experts. Got Open Source Questions? Get Practical, Actionable Advice from the Experts. Karen Copenhaver, Partner, Choate Hall & Stewart/Counsel, Linux Foundation; Mark Radcliffe Partner, DLA Piper/Counsel OSI Live 60 mins
    Despite open source software's long history - Linux just turned 25 - legal and risk questions about open source use still abound. Black Duck On-Demand Vice President & General Manager Phil Odence regularly fields open source-related questions as he speaks with tech executives and their counsel. Listen in as Phil goes through some of the most frequently asked questions and gets expert answers from Attorneys Karen Copenhaver and Mark Radcliffe. Both are well versed in the legal nuances of open source, and are able to turn their expertise into practical, actionable advice as they ably demonstrate in this webinar.
  • Talking to the Board About Cyber Risk – A Metrics-based Approach Talking to the Board About Cyber Risk – A Metrics-based Approach Ariel Evans, CEO, Innosec Live 45 mins
    The rise of attacks resulting in huge business losses have brought cyber security into the board room. Prior to the Target breach, the board of directors was not very interested in cyber security. However, things have changed, and we see more and more CISOs reporting into the CRO, CFO, or CEO and not the CIO. Put simply, if you report into the board more than once or twice a year you have to be speaking their language.

    Cyber breaches have impactful results. In 2015, Target’s CEO Gregg Steinhafel, a 35-year employee of the company with the last six at the helm, was forced to resign in light of the recent holiday-season credit-card security breach that affected 40 million customers.

    As a result, we are seeing a major shift in corporate cybersecurity policy. The board of directors is no longer interested in check box compliance. They are understanding their role much better. They are responsible to ensure that cyber controls are in place that protect business assets of the firm in alignment with their risk tolerance.
  • SOC it to Me: Building A Modern Security Operations Center SOC it to Me: Building A Modern Security Operations Center James Carder, LogRhythm CISO and VP of LogRhythm Labs Recorded: Dec 7 2016 30 mins
    A SOC is a major component of a company’s GRC operations, as well as a critical IT center. But having your own SOC means more than just employing a couple of analysts to read log files. Do you know what kind of budget and expertise you’ll need to have if you decide to build your own SOC?

    In this webcast, James Carder, LogRhythm CISO and VP of LogRhythm Labs, discusses the decision-making process you’ll need to go through before you build your own security operations center (SOC) and the impact it will have on your organization.

    You'll learn:

    •The build vs buy trade-offs for a SOC
    •The impact of a SOC on your GRC program and processes
    •A SOC’s role in meeting compliance requirements
    •Questions you should be asking before building a SOC

    Watch now to learn the factors that go into planning for, building, and maintaining a modern SOC.
  • Insider Threats and Critical Infrastructure: Vulnerabilities and Protections Insider Threats and Critical Infrastructure: Vulnerabilities and Protections Lydia Kostopoulos, PhD, Principal Consultant - Cybersecurity (Human Risk), @LKCyber Recorded: Dec 7 2016 41 mins
    As the sophistication of encryption and technical defences rises each year, so do the attacks against the people in organizations. Hence the rise in PICNIC = Problem In Chair, Not In Computer.

    This session gives an overview of the latest insider threats facing critical infrastructures and how they can compromise air-gapped networks. It provides proactive, preventative and defensive measures to manage the risk, and concludes with a discussion of the responsibilities organizations who manage critical infrastructures have to support national security, the well-being of society and economic prosperity.
  • Make 2017 a Year of Countering the Evolving Threat Landscape Make 2017 a Year of Countering the Evolving Threat Landscape Josh Goldfarb, VP, CTO - Emerging Technologies, FireEye, Inc. Recorded: Dec 7 2016 37 mins
    Tis the season of predictions looking ahead to 2017 and paying lip service to the threat landscape. Not a fan of either of those? You’re not alone. Join FireEye in this BrightTalk webinar where we’ll discuss more than just the threats that may or may not be awaiting us in 2017. We’ll discuss real attacker tactics and techniques, along with how you can actually counter the risk they present.
  • [Video Interview] The Cyber Year in Review: Troels Oerting, CISO, Barclays [Video Interview] The Cyber Year in Review: Troels Oerting, CISO, Barclays Troels Oerting, CISO, Barclays & Josh Downs, Community Manager - Information Security, BrightTALK Recorded: Dec 7 2016 21 mins
    Join this engaging session as BrightTALK conducts an in-depth interview with Troels Oerting, CISO, Barclays.

    It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Troels for his thoughts on the cyber security industry and in particular:

    - The big breaches of 2016 and lessons to be learnt
    - The current threatscape
    - The big vulnerabilities on the horizon
    - Troels's insights into how to keep your company secure in 2017

    We look forward to you joining us for the session.
  • 2017 Threat Landscape: Increased Sophistication, or More of the Same? 2017 Threat Landscape: Increased Sophistication, or More of the Same? SecureWorks Counter Threat Unit Research Team Recorded: Dec 7 2016 45 mins
    As 2016 draws to a close, security professionals worldwide will be left pondering another year of publicised breaches, vulnerabilities and threats. So what are the key takeaways and how can global security events from the past 12 months inform your plans for 2017?

    We’ve asked a panel of experts from the SecureWorks Counter Threat Unit (CTU), our highly-trained team of experienced security researchers, to paint a picture of threat actors and their tradecraft across the globe by sharing their views on 2016’s most significant security events. The panel will end the session by providing actionable insights and recommendations for organisations to factor into their security strategy in 2017.

    Join this exclusive webcast to gain CTU insight on the following topics and more:

    - eCrime trends including the rise of ransomware, business email compromise and the Mirai IoT botnet activity
    - Nation state sponsored threats and whether organisations are set up to defend against them
    - How organisations can use threat intelligence gathered in 2016 to improve security
  • Caught in the Net: Effective Defence Against Phishing Attacks Caught in the Net: Effective Defence Against Phishing Attacks Greg Maudsley, Senior Director Product Marketing, Menlo Security Recorded: Dec 7 2016 56 mins
    Phishing is serious business. It is the most common targeted method of cyber attacks, and the main perpetrators for phishing attacks are organized crime syndicates and state-affiliated actors.

    Despite multiple security defense layers and many hours and dollars spent on end-user training, phishing continues to create headaches for security administrators.

    Join this webinar to learn:
    · New phishing prevention techniques
    · How to stop ransomware, malware and drive-by-exploits enabled by email phishing
    · Updated security research findings
    · Real-life case studies for using isolation techniques to prevent phishing attacks

    Speaker Bio:
    Greg Maudsley has over 15 years of IT security experience and is responsible for strategy development and threat isolation innovations at Menlo Security. Previously, Maudsley was a product marketing leader for F5 and Juniper Networks' Junos Pulse Business Unit. His responsibilities spanned the security spectrum, including application security, anti-fraud, cloud security, DDoS prevention, DNS sec, secure access, NAC, mobile security, application delivery and WAN Optimization. Maudsley holds an MBA from Santa Clara University Leavey School of Business, and a B.S. in Physics from the University of Redlands.
  • The Threat Landscape – A Year in Review and a Look at What is Ahead The Threat Landscape – A Year in Review and a Look at What is Ahead Kevin Haley, Director Security Response, Symantec Dec 7 2016 5:00 pm UTC 45 mins
    Once again it's been a bad year for computer security. But while we are focused on the increased threats of IoT devices as the year comes to an end, a lot of other significant security events and malware threats appeared all through the year. And they all have significance for next year.

    This webcast will review the threat landscape of 2016 with a focus on what we need to remember as we move into 2017.
  • Cyber Risk Management in 2017: Challenges & Recommendations Cyber Risk Management in 2017: Challenges & Recommendations Ulf Mattsson, CTO Security Solutions at Atlantic BT Dec 7 2016 5:00 pm UTC 60 mins
    With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.

    Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.

    Viewers will learn:
    - The latest cybercrime trends and targets
    - Trends in board involvement in cybersecurity
    - How to effectively manage the full range of enterprise risks
    - How to protect against ransomware
    - Visibility into third party risk
    - Data security metrics
  • Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing Dr. Phil Tully, Sr Data Scientist & John Seymour, Data Scientist at ZeroFOX Dec 7 2016 5:00 pm UTC 45 mins
    Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

    We present a recurrent neural network that learns to tweet phishing posts targeting specific users. The model is trained using spear phishing pen-testing data, and in order to make a click-through more likely, it is dynamically seeded with topics extracted from timeline posts of both the target and the users they retweet or follow. We augment the model with clustering to identify high value targets based on their level of social engagement such as their number of followers and retweets, and measure success using click-rates of IP-tracked links. Taken together, these techniques enable the world's first automated end-to-end spear phishing campaign generator for Twitter.

    Presenters:
    - Dr. Phil Tully, Senior Data Scientist, ZeroFOX
    - John Seymour, Data Scientist, ZeroFOX
  • Quantum Threats: The Next Undefended Frontier of Cybersecurity Quantum Threats: The Next Undefended Frontier of Cybersecurity Mike Brown, CTO and Co-Founder of ISARA Corporation Dec 7 2016 6:00 pm UTC 45 mins
    Cybersecurity threats are evolving more quickly than most organizations can pivot to defend against them. The 2016 IDC report states that “worldwide spending on cybersecurity products and services [is expected] to eclipse $1 trillion for the five-year period from 2017 to 2021” but we still may not be combatting emerging threats in the right ways.

    While we’re battling against growing threats from conventional computers, quantum computers are a growing shadow on the threat landscape, and people are already starting to think about how to get ready. Quantum safe options are becoming available, and bring with them new ways of thinking about how to integrate security solutions based on fundamentally different problems. What happens to TLS? What happens to VPN? What happens to PKI? Is your business ready? What potential threats should you be evaluating in your security strategy for 2017?

    In this talk, we’ll cover the 360-degree view of becoming quantum resistant. What is a quantum computer? Why will it cause problems for your security systems? How do you use quantum safe security?! How does entering the quantum age impact common tools like TLS, VPN, and PKI, and what are the challenges they’ll face? And most importantly, when do you need to worry?
  • Exploit kits: getting in by any means necessary Exploit kits: getting in by any means necessary Scott Simkin, Senior Threat Intelligence Manager, Palo Alto Networks Dec 7 2016 6:00 pm UTC 60 mins
    By understanding the inner workings of exploit kits, you’ll be better equipped to protect your organization from them. Join Scott Simkin from Unit 42 as he breaks down how today’s attackers are automatically exploiting vulnerabilities in common systems.

    You’ll learn about:

    - Why exploit kits are increasing in popularity (hint: it’s a big business!)
    - The process for launching exploit kit campaigns
    - How to defend your organization from exploits
  • How to Prepare for the Greatest Security Threats of 2017 How to Prepare for the Greatest Security Threats of 2017 Michael Landewe, Co-Founder, Avanan Cloud Security Dec 7 2016 6:00 pm UTC 60 mins
    2016 has been a milestone year for SaaS security threats, with a 3x increase in phishing attacks, 6x increase in email malware, and a 5x increase in ransomware attacks in the first half of the year alone. Why the sudden spike? What will the greatest SaaS security threats be in 2017? And most importantly, how can you best prepare for the threats that you'll face next year? Join this informative and educational web presentation to learn how to deploy a multi-vendor, defense-in-depth approach to protect all your SaaS applications from the greatest threats in the coming year. Whether SaaS email protection, SaaS file sharing and data leakage, compliance risk or protection from compromised credentials, you'll enter the new year with all the knowledge you need to make informed decisions about SaaS security.
  • No IT security staff? No problem. Learn how to outsource your network security No IT security staff? No problem. Learn how to outsource your network security Dan Sell Dec 7 2016 7:00 pm UTC 45 mins
    Not every organization has the in-house resources needed to support IT security. Outsource your network security with SonicWall Security-as-a-Service (SECaaS). This flexible, affordable subscription-based service lets you detect and block a wide range of advanced and emerging threats, including intrusions, viruses, spyware, worms, Trojans, key loggers, rootkits, botnets and “zero-day” malware.
    Join this webcast to find out how the SonicWall SECaaS subscription-based service provides organizations of every size with the ability to:you can benefit from:

    •Meet all network security needs
    •Reduce management time
    •Eliminate upfront capital investment
    •Utilize subscription pricing for a predictable operating expense model
    •Gain valuable network reporting and expert insight
    •Have a network security professional manage it all
  • How to Get Started with Hortonworks Data Cloud for AWS How to Get Started with Hortonworks Data Cloud for AWS Jeff Sposetti Senior Director of Product Management, Cloud & Operations Dec 7 2016 7:00 pm UTC 60 mins
    Hortonworks Data Cloud for Amazon Web Services is a new product offering from Hortonworks that is delivered and sold via the AWS Marketplace. It allows you to start analyzing and processing vast amounts of data quickly. Powered by the Hortonworks Data Platform, Hortonworks Data Cloud is an easy-to-use and cost-effective solution for handling big data use cases with Apache Hadoop, Hive, and Spark.

    Join us on Dec. 7, 2016 to learn more about the product and to see a live demo by Jeff Sposetti, Senior Director of Product Management. You’ll see how to quickly deploy Apache Spark and Apache Hive clusters for processing and analyzing data in the cloud.

    The first 50 attendees will get access to $100 cloud credit for AWS!
  • Trends in Email Fraud, and How to Prevent Enterprise-Facing Email Attacks Trends in Email Fraud, and How to Prevent Enterprise-Facing Email Attacks Markus Jakobsson, Chief Scientist, Agari Dec 7 2016 7:00 pm UTC 60 mins
    Email is the most popular communication tool, as well as the entry point for up to 95% of security breaches. As cyber criminals evolve their techniques, targeted, enterprise-facing email attacks are rapidly increasing, fueled by an almost inexhaustible supply of potential victims and the tremendous profits awaiting successful fraudsters.

    This talk will provide an overview of both the technical and psychological principles these criminals take advantage of, shedding light on why traditional defenses continue to fail. We will then describe a set of new defense mechanisms that enable enterprises to stop these attacks and review the results of early experiments with these approaches, which offer a new perspective on ways to prevent email fraud.

    Presenter:
    Dr. Markus Jakobsson is a security researcher with interests in applied security, ranging from device security to user interfaces. He is one of the main contributors to the understanding of phishing and crimeware, and is currently focusing his efforts on human aspects of security and mobile security.
  • Stop Hackers with Integrated CASB & IDaaS Security Stop Hackers with Integrated CASB & IDaaS Security CloudLock: Brad Pielech - Integrations Architect, CloudLock OneLogin: Mario Tarabbia - Director of Sales Engineering Dec 7 2016 7:00 pm UTC 60 mins
    Your organization has turned to cloud platforms and applications (including SaaS, IaaS, PaaS, and even IDaaS) to meet business needs, and it’s your job to make sure those applications are both easily accessible as well as airtight. Luckily, a new set of identity and security solutions have arrived that ensure fast access and security around all your publicly accessible data,w the apps it resides on, and the users engaged.

    Find out how OneLogin’s identity and access management capabilities including single sign on (SSO), combined with CloudLock’s cloud cybersecurity solution can make users more secure and productive in the cloud, no matter the data, applications, or people they work with.

    Join OneLogin and CloudLock to learn how to:

    – Identify the top five cyber threats to your cloud environment
    – Protect against cloud security risks leveraging advanced user behavior analysis
    – Improve company-wide productivity through streamlined identity and access management
    – Easily automate your cloud access management process
    – Put it all into action quickly – managing cloud application security with a powerful IDaaS+CASB joint solution
  • Exploit Kits Don't Stop, Neither Should Your Business. Exploit Kits Don't Stop, Neither Should Your Business. Proofpoint Dec 8 2016 12:30 am UTC 60 mins
    Exploit kits don’t stop. Neither should your business with CERT Australia.

    Ransomware has one goal: to get your money. It locks away files until payment is made.
    Webinar invitation: December 8th at 11:30am AEST

    Join Chris Firman, Technical Adviser at CERT Australia and Jennifer Cheng, Director, Product at Proofpoint for a live webinar about Ransomware. They will address:

    •Ransomware evolution
    •Why ransomware is surging
    •Where it comes from
    •How acre actors bypassing common security controls
    •Should you pay or not? What to consider
    •CERT recommended migration
  • Beyond Next-Gen – Best Practices for Future-Ready Endpoint Security Beyond Next-Gen – Best Practices for Future-Ready Endpoint Security Doug Cahill, ESG; Ty Smallwood & Robert Jones, Navicent Health; Wendy Moore, Trend Micro Dec 8 2016 3:00 am UTC 60 mins
    Eliminating security gaps and providing maximum protection against today’s and tomorrow’s threats requires a new approach. Join Enterprise Security Group’s Doug Cahill, Senior Analyst, as he discusses a strategic approach to endpoint security that will transcend generations and keep pace with the shifting threat landscape and broadening attack surface area. You will also hear from real practitioners from Navicent Health—Ty Smallwood, Information Services Security Officer, and Robert Jones, IT Security Systems Analyst, outline how their organization leverages Trend Micro™ XGen™ endpoint security to effectively protect against the real-world threats they face.
  • Certified - What's New in Penetration Testing [APAC] Certified - What's New in Penetration Testing [APAC] Andrew Whitaker, Rapid7 Dec 8 2016 3:00 am UTC 60 mins
    Penetration Testing has long been used to help prevent data breaches, to understand security weaknesses on your network and to test security controls. An important and required process for many organizations, penetration testing needs to be planned for carefully.
  • It’s My Life but I no Longer Have Control Over it! It’s My Life but I no Longer Have Control Over it! Gavin Chow, Network and Security Strategist Dec 8 2016 6:00 am UTC 45 mins
    We all know that technology plays a role in our everyday life but do you know the extent of that role? Advertising tells us to spend more and more of our life online and embrace technology in our homes, cars and everywhere else a microchip can be placed.

    But nowhere is there a message about the consequences of the misuse of that technology. 2016 has seen a rise in the number of incidents involving ransomware, IoT, and simply well intentioned connectivity gone wrong. That momentum is set to continue into 2017 and beyond.

    Although past performance does not guarantee future results, this session will focus on what we have seen this year and what we expect to see in the near future.
  • Le paysage des menaces–Point sur l'année écoulée & sur ce qui nous attend demain Le paysage des menaces–Point sur l'année écoulée & sur ce qui nous attend demain Hervé Doreau, Directeur Technique – Symantec France Dec 8 2016 10:00 am UTC 60 mins
    Nous venons de vivre, une fois de plus, une année déplorable en termes de sécurité informatique. Mais bien que l'attention se concentre aujourd'hui sur les menaces toujours plus nombreuses pour les appareils IoT, l'année a été marquée par bien d'autres événements majeurs en matière de sécurité et d'attaques de malware. Et tous resteront des enjeux d'importance pour l'année à venir.

    Ce webcast passera en revue le paysage des menaces en 2016 en insistant sur les points à retenir pour 2017.

    Inscrivez-vous maintenant.
  • Helping flydubai takeoff with APIs and digital transformation Helping flydubai takeoff with APIs and digital transformation Mohammed Ahteshamuddin, Vice President IT, flydubai & Paul Crerand, Director Solution Consulting, MuleSoft Dec 8 2016 10:00 am UTC 60 mins
    IATA estimates that by 2034 there will be 7.3 billion air passengers globally, which is twice more than what we have today. Alongside economic forces and passenger demands, pressure on the aviation and travel industry remains as intense as ever.

    Since launching in 2009, flydubai has strived to remove barriers to travel and enhance connectivity between different cultures. With 90 destinations in 44 countries, flydubai has embarked on a digital transformation journey to help enhance business agility, flexibility and the customer experience.

    Join Mohammed Ahteshamuddin, Vice President IT – Customer Experience & Passenger Services System, flydubai, and Paul Crerand, Director Solution Consulting, MuleSoft, on Thursday, December 8 at 10am (GMT) for a live webinar as they share their story and best practices.
  • Application Security Within The Financial Market - An Interactive Case Study Application Security Within The Financial Market - An Interactive Case Study Arun Vohra, Services Manager Dec 8 2016 11:00 am UTC 45 mins
    With yet more cyber-attacks targeting the financial sector, it has never been more important to implement a robust application security programme within your cyber security strategy.

    Join our Live Interactive Case Study to learn how Veracode Customer Success Managers have Defined, Executed & Optimised successful AppSec programmes for our financial sector clients, and how you could use this within your organisation to help reduce the risk of a breach.”
  • Shamoon 2.0 – what you need to know now. Protecting against wiper malware Shamoon 2.0 – what you need to know now. Protecting against wiper malware Stuart Davis, Director, Mandiant Dec 8 2016 12:00 pm UTC 45 mins
    Mandiant, a FireEye company, has recently discovered the use of Shamoon malware targeting GCC based organizations. The identified malware exhibits destructive behavior on Windows based Operating systems. The malware uses a signed RawDisk driver from EldoS. Mandiant suspects the objective of the malware is to render a disk unbootable.

    Join Stuart Davis as he details what you need to know to protect against this type of malware recently seen in the Middle East.
  • Die Bedrohungslandschaft – Rückschau auf das Jahr und ein Blick in die Zukunft Die Bedrohungslandschaft – Rückschau auf das Jahr und ein Blick in die Zukunft Thomas Hemker & Candid Wueest – Symantec Security Specialist Dec 8 2016 2:00 pm UTC 60 mins
    Wieder einmal war es ein schlechtes Jahr für Computersicherheit. Doch obwohl wir uns jetzt zum Jahresende verstärkt mit der erhöhten Gefahr durch IoT-Geräte beschäftigen, gab es im vergangenen Jahr eine Vielzahl anderer signifikanter Sicherheitsvorfälle und Malware-Bedrohungen. Und sie alle haben eine Bedeutung für das kommende Jahr.

    Dieser Webcast hält eine Rückschau auf die Bedrohungslandschaft 2016 – mit Schwerpunkt auf den Dingen, die wir für 2017 im Gedächtnis behalten sollten.

    Jetzt anmelden.
  • Certified: What's New In Penetration Testing? [EMEA] Certified: What's New In Penetration Testing? [EMEA] Andrew Whitaker, Rapid7 Dec 8 2016 2:00 pm UTC 60 mins
    Penetration Testing has long been used to help prevent data breaches, to understand security weaknesses on your network and to test security controls. An important and required process for many organizations, penetration testing needs to be planned for carefully.
  • SOC it to Me: Building A Modern Security Operations Center SOC it to Me: Building A Modern Security Operations Center James Carder, LogRhythm CISO and VP of LogRhythm Labs Dec 8 2016 2:00 pm UTC 30 mins
    A SOC is a major component of a company’s GRC operations, as well as a critical IT center. But having your own SOC means more than just employing a couple of analysts to read log files. Do you know what kind of budget and expertise you’ll need to have if you decide to build your own SOC?

    In this webcast, James Carder, LogRhythm CISO and VP of LogRhythm Labs, discusses the decision-making process you’ll need to go through before you build your own security operations center (SOC) and the impact it will have on your organization.

    You'll learn:

    •The build vs buy trade-offs for a SOC
    •The impact of a SOC on your GRC program and processes
    •A SOC’s role in meeting compliance requirements
    •Questions you should be asking before building a SOC

    Watch now to learn the factors that go into planning for, building, and maintaining a modern SOC.