Hi [[ session.user.profile.firstName ]]

Cloud Security Alliance: CloudBytes

  • Date
  • Rating
  • Views
  • 5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World
    5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World
    Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope Recorded: Jun 13 2019 54 mins
    The rapid adoption of cloud and mobile in the enterprise is powering the transformation of legacy IT systems to more modern technology and processes. The business benefits of speed and agility for the enterprise can’t be denied, but the challenge is that security is often not considered a part of this digital transformation. The result is new blind spots are introduced in this cloud- and mobile-first world and legacy security tools are ineffective when it comes to protecting your data.

    In this session, we will discuss the new blind spots that exist in today's cloud- and mobile-first world and 5 steps you can take to help ensure that your data is protected.

    Join this session to learn:

    - About new blind spots that exist in today’s cloud- and mobile-first world
    - Why legacy security tools are ineffective
    - 5 steps to covering these new blind spots
  • Securing Cloud Infrastructure with Cyber Exposure
    Securing Cloud Infrastructure with Cyber Exposure
    Nate Dyer, Product Marketing Director, Tenable Recorded: Jun 6 2019 61 mins
    Cloud is dramatically expanding your attack surface and introducing new visibility challenges into infrastructure security. Without foundational visibility, it’s nearly impossible to execute other cloud security programs supporting compliance, policy enforcement, and vulnerability remediation. Cyber Exposure is a cybersecurity discipline to provide visibility into traditional IT and cloud infrastructure to help you manage and measure cyber risk. Cyber Exposure allows you answer three fundamental questions in your cloud environment:
    - Where are we exposed?
    - What should we focus on first?
    - How are we reducing exposure over time?

    Join us as we demystify Cyber Exposure, show how it can help you secure cloud infrastructure, and provide best practices to help you get started on your Cyber Exposure journey.
  • CSA Study: Cloud Security Complexity
    CSA Study: Cloud Security Complexity
    Yitzy Tannenbaum, Product Marketing Manager at AlgoSec Recorded: Jun 4 2019 52 mins
    Cloud computing provides improved security, agility and flexibility. However, integrating this new service into legacy IT environments comes with great concern.

    The Cloud Security Alliance has recently surveyed over 700 IT and network security professionals from around the globe on security challenges in cloud environments. In this research, security, data loss and compliance were identified as the top 3 concerns when moving to the cloud. In the face of increasingly complex environments, cloud visibility and expertise are essential to ensuring a manageable, secure and fluent transition to a native cloud, hybrid or multi-cloud environment.

    In this webinar Yitzy Tannenbaum, Product Marketing Manager at AlgoSec will review and analyze the findings from the new CSA report “Cloud Security Complexity: Challenges in Managing Security in Native Hybrid and Multi-Cloud Environments”, including:

    • Types of cloud platforms being used by companies
    • Common challenges faced by companies when moving workloads to the cloud
    • The many stakeholder involved in cloud security
    • Methods of managing risk and vulnerabilities in the cloud environment
    • Causes of network or application outages and the amount of time it took to remediate
  • Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error
    Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error
    Aaron Zander, Head of IT, HackerOne & Gen Buckley, Senior Analyst, Security, and Compliance, Okta Recorded: May 30 2019 44 mins
    It's easy blame employees for poor password and email hygiene, but in reality, human error isn't going to go away. Every organization will always have a "Kanye" with poor operational security and weak passwords. IT and Security teams have to acknowledge the “desire paths” across the security landscape, and ensure that we not only keep up, but facilitate ease of access while maintaining our security perimeter.

    There’s no guarantee on the tech savvy nature or level of care an employee will bring to the table, so we need to move the table closer to them and provide a safe harbor where mistakes are allowed to occur. In this session Aaron Zander, Head of IT for HackerOne, and Gen Buckley, Senior Analyst for Security and Compliance at Okta, will discuss the various ways to enable a security culture without crippling your coworkers.
  • GDPR: Data breach prevention & mitigation - Lessons learned in the past year
    GDPR: Data breach prevention & mitigation - Lessons learned in the past year
    Istvan Lám, CEO, Tresorit & Daniele Catteddu, CTO, Cloud Security Alliance Recorded: May 28 2019 61 mins
    Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Protection Regulation (GDPR) on 25 May last year. However, compliance with the GDPR is not a tick box activity, it requires continuous evaluation of data flows in and outside the company.

    This webinar brings together Daniele Catteddu, Chief Technology Officer of the Cloud Security Alliance (CSA) and Istvan Lám, CEO of Cloud encryption company, Tresorit to discuss the key learnings since the GDPR entered into force with focus on data breach prevention and mitigation.

    The speakers will reflect, in particular, on the following aspects:
    - Key learnings from data breach notifications & fines imposed so far
    - Best practices for breach detection and reporting
    - Challenges regarding the assessment of the severity of personal data breaches
    - The most common types of data breaches and how to mitigate their impact
    - Assessment of real-case data breaches, determination of what went wrong, and discussion on the implications for compliance with the GDPR going forward
  • Scaling Cloud Forensics & Incident Response with OSQuery
    Scaling Cloud Forensics & Incident Response with OSQuery
    Sohini Mukherjee, Security Analyst & Andres Martinson, Sr. Security Engineer, Adobe Recorded: May 23 2019 50 mins
    An enterprise has a diverse environment (cloud instances, servers, workstations) in which to try and detect potential security incidents. The ability of an incident response team to work quickly and at necessary scale is imperative when incidents do unfortunately occur. After an initial compromise, attackers often move laterally in an environment, trying to establish a foothold and escalate privileges. While they try to remain stealthy, they almost always leave behind footprints. Detecting and analyzing these footprints quickly and accurately to scope the issue is critical.

    This webcast will explore a scalable approach developed by the Adobe security team that relies on open source tools like OSQuery. The goal was to develop techniques that can be leveraged to more quickly and easily investigate large groups infrastructure components for initial triage, basic forensic analysis, and to also help proactively detect threats. Attendees will learn about the techniques we developed that they can then go apply to their own environments to help with their incident response efforts in the cloud.
  • Eliminate Vulnerability Overload – take Nessus Scan data to the next level
    Eliminate Vulnerability Overload – take Nessus Scan data to the next level
    Robert Healey | Senior Director Marketing, Asia Pacific Recorded: May 21 2019 60 mins
    Nessus has been around for 21 years now and with over 109,000 vulnerabilities in its scan database, is the undisputed global standard tool for Vulnerability Management, that everyone uses, knows and loves. Nessus is a great tool but unfortunately in any medium or large organization, with Nessus alone, you will soon be buried in a mountain of unprioritised vulnerability data. Join this webinar to see how Predictive Prioritization from Tenable combines asset, vulnerability and threat intelligence data to enable you to reduce the number of vulns you need to address by up to 97%, while significantly improving your overall security.
  • The Rise and Fall and Rise of the Edge: Penn State & Duo on the Zero-Trust Strat
    The Rise and Fall and Rise of the Edge: Penn State & Duo on the Zero-Trust Strat
    Steve Manzuik, Director of Security Research at Duo Labs & Keith Brautigam, Director of IAM at Penn State Recorded: May 9 2019 53 mins
    In this webinar you will learn:
    - Real examples from Penn State of how network topology has gotten exponentially more complicated
    - Why attackers have shifted from systems-focused to data-focused attacks
    - What the evolution of IoT and BYOD-rich environments means for security teams

    We’ve come a long way from the days of mainframe systems and a security strategy that ended at the edge of your network perimeter. Few security teams are more familiar with this evolution than those working in higher education: between research labs and large student populations bringing in a fresh wave of their own devices every year, you’ve had a front-row seat to this network metamorphosis.

    Penn State's Director of Identity and Access Management, Keith Brautigam, and his team are addressing these new challenges by adopting a zero-trust strategy. Duo is an integral element in that strategy, checking with each new connection whether a user and device should be allowed access. In this session with Steve Manzuik, Duo Lab’s Director of Research, they will explore how the Internet of Things (IoT) is unintentionally driving this perimeter-less movement through devices such as Industrial IoT (aka IIoT), wearables, and a unique new technology that is worth exploring for its wider implications: the hearable.

    Join us for an expert discussion on why the perimeter is going the way of the dinosaur, how smart security teams are adapting, and what is coming next.
  • Extending Zero Trust to the Cloud: Real-World Business Challenges and Benefits
    Extending Zero Trust to the Cloud: Real-World Business Challenges and Benefits
    John Kindervag from Palo Alto Networks & Rob LaMagna-Reiter from FNTS Recorded: May 2 2019 61 mins
    Much has been written and spoken about Zero Trust and the principles of “never trust, always verify” as a means for enterprises to implement effective network segmentation. As the model has been embraced, Zero Trust evolved to become a strategic Cybersecurity initiative that major enterprises align to in order to prevent successful cyberattacks. However, Is it a security buzz word or a real-world effective security strategy?

    Watch as Palo Alto Networks® expert and founder of Zero Trust, John Kindervag discusses the “whys and hows” of extending a Zero Trust architecture to the public and private Cloud and Rob LaMagna-Reiter, FNTS CISO, about their successful Zero Trust cloud operation, the business drivers and strategy, and the technical and cultural challenges and achievements that have quickly delivered the business results and benefits desired.
  • The Rise of Privacy in the Cloud Era
    The Rise of Privacy in the Cloud Era
    Neil Thacker, CISO, Netskope Recorded: Apr 25 2019 62 mins
    In a globally connected world where the number of cloud applications consumed by organisations rises daily, the challenges associated with protecting data and individual’s privacy are therefore also on the rise.

    In this webcast we will look at some of the challenges associated with privacy including:
    - Understanding contractual obligations
    - Managing the geolocation of data
    - Applying data transfers mechanisms and controls

Embed in website or blog