For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.
Uncovering Security Performance Myths & RealitiesTom Turner, EVP, BitSightOrganizations have long struggled to find objective ways to measure and compare performance, leaving many executives to trust metrics and data points that may not be painting the clearest picture of security posture.
To highlight this issue, BitSight recently surveyed over 300 IT executives in 4 major industries to assess their confidence in their security performance. We then compared responses to our own security ratings data, which measures effectiveness across key performance areas including security events, configurations, and user behaviors.
In this webinar, BitSight EVP of Sales & Marketing Tom Turner takes a deeper look into these fidings and discusses the business implications of optimism bias.
Download this webinar to learn:
How security performance varies among Finance, Healthcare, Retail, and Energy/Utilities
Whether optimism bias exists in these industries and how it may be affecting overall security performance
Why continuous performance monitoring should be a critical component of enterprise risk management and how leading organizations are using BitSight Security Ratings to manage their cyber riskRead more >
By now you've probably heard about new ransomware threats like CryptoWall, which encrypts your data and demands payment to unlock it. These threats are delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server, they start to encrypt files throughout your network. Therefore, spotting infections quickly can limit the damage.
AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the hackers’ command and control server. How does it all work? Join us for a live demo that will show how AlienVault USM detects these threats quickly, saving you valuable clean up time by limiting the damage from the attack.
How AlienVault USM detects communications with the command and control server
How the behavior is correlated with other signs of trouble to alert you of the threat
Immediate steps you need to take to stop the threat and limit the damage
Cybersecurity is a top concern for IT professionals. Gartner expert Lawrence Orans leads an important discussion of the current cybersecurity landscape. He analyzes recent cybersecurity events, emerging threats, and how new technologies are affecting the security calculus.
Recent studies have shown that 50-70% of all attacks on information security are coming from within the organization, and often the length of time that the breach existed is unknown. There are many issues involved in closing the gaps that cause such insider incidents and strengthen the protection of data. Using the "need to know" principal, organizations can limit who has access to data. Controls that adjust given access rights to actual needs exist and should be utilized. This session will focus on how to adjust data access rights, implementing the "least privilege principal", and the use of detective and proactive risk-oriented controls.
Fully secure your network by learning how to protect against cybersecurity’s weakest link: humans. 95% of all attacks on networks were the result of “spear phishing”: attempts to steal data by masquerading as a trustworthy entity. They send an email from the “CEO” or “building manager" but once you click… it’s GAME OVER!
We will cover:
•How a phishing attack happens
•Stories from real life attacks and the lessons learned from them
•Steps you can take to protect your company
The role of the CISO is evolving - and fast. CISOs today must find innovative ways to align with the business and strategize security as a top business asset -- and those that ascend in their role will have the opportunity to play a bigger, more influential role in the years to come. In this webinar hosted by Agari, you will hear Jim Routh, Aetna CISO share real world insights into specific challenges and solutions to approach today's evolving email threats as well as key 2018 CISO research from Chris McClean, Forrester VP of Research.
When a popular product is launched, a high-stakes race begins between the offense and defense markets to find software vulnerabilities. More and more organizations are seeing that incenting security research with programs like bug bounties are an effective way to find vulnerabilities. Katie Moussouris, Chief Policy Officer of HackerOne, will reveal what the latest research shows and what it means for companies today.
About the presenter:
Katie Moussouris is the Chief Policy Officer for HackerOne, a platform provider for coordinated vulnerability response & structured bounty programs. She is a noted authority on vuln disclosure & advises lawmakers, customers, & researchers to legitimize & promote security research & help make the internet safer for everyone. Katie's earlier Microsoft work encompassed industry leading initiatives such as Microsoft's bounty programs & Microsoft Vulnerability Research. She is also a subject matter expert for the US National Body of the International Standards Organization (ISO) in vuln disclosure (29147), vuln handling processes (30111), and secure development (27034). Katie is a visiting scholar with MIT Sloan School, doing research on the vulnerability economy and exploit market. She is a New America Foundation Fellow. Katie is an ex-hacker, ex-Linux developer, and persistent disruptor. Follow her and HackerOne on Twitter http://twitter.com/k8em0 and http://twitter.com/hacker0x01
If Anthem, Sony, Home Depot, Target and Neiman Marcus can fall victim to security breaches, so can you. The bad news is - no company is immune, no matter how big or small you are. Without a proper understanding of zero-day threats, companies have no way of exposing the gaps of overhyped security solutions. These threats are very sophisticated and often leveraging previously unknown attack techniques and vulnerabilities.
Join us for a compelling webcast that will highlight critical insights combating zero-day threats - including the ability to:
• Track employee traffic at all times, in real time, irrespective of whether they are inside or outside the corporate network
• Derive intelligent insights and meaningful data for fast corrective action
• Avoid a strategy based on "alerting" you about infections - without any guarantees you will notice them
• Implement a comprehensive approach to stopping zero-day threats - based on protection, (inspecting every byte of traffic and automatically blocking threats), detection and remediation
In this insightful and data-rich webinar Jeremiah Grossman, founder of WhiteHat Security, presents findings from WhiteHat's 2015 Website Security Statistics Report.
The report, generated by examining vulns in more than 30,000 websites under WhiteHat’s Sentinel management, provides unique perspectives on the state of website security. Data by industry will be presented and accompanied by expert analysis and recommendations.
-Discover the most prevalent vulnerabilities
-Learn how many vulnerabilities are typically remediated and the average time to resolve
-Hear why the best approach is to identify specific security metrics to improve upon
-Take away valuable recommendations for measurable improvement within your application security programs
Your company can learn valuable lessons about risk strategy and incident response from what happened to Hacking Team, a firm that supplies surveillance tools to government agencies. Widely accused of helping governments spy on dissidents and journalists, Hacking Team found itself hacked with embarrassing, possibly damaging results. ESET senior security researcher Stephen Cobb explains the missteps made and the lessons to be learned during this webinar.
•How Hacking Team’s mistakes mirrored those made by Sony
•How employees’ weak passwords helped facilitate the breach
•How transparency would have helped Hacking Team’s credibility
•Why every company must review what might be exposed in a breach
Database servers are the primary targets of most data security breaches. Understanding how to effectively monitor databases can prevent data loss and significantly reduce the time to discover the risk.
Attend this webinar and learn how to:
- Detect and block active attacks
- Discover sensitive data, risks, and vulnerabilities
- Automate risk remediation
- Demonstrate consistent and complete compliance