Hi [[ session.user.profile.firstName ]]

The State of IT Security and GRC in 2012

At this year's San Francisco BSides conference, BrightTALK gathered together thought leaders in the fields of IT security and GRC to get their perspectives on the challenges and opportunities facing their communities and industries in 2012.

After a series of enlightening interviews we've decided to bring the thought leaders back for an in-depth discussion. Join us for what will be a lively conversation among the top minds in their fields on cloud security, BYOD, PCI compliance and the GRC challenges that apply across them all.

The Panel:

Ron Ross, Computer Scientist, NIST Fellow (moderator)
Anton Chuvakin, Research Director, Gartner
Andrea Hoy, Director - International Board, ISSA International
Dr. Said Tabet, Chair of GRC-XML Project, OCEG
Recorded May 1 2012 63 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ronald Ross, NIST; Anton Chuvakin, Gartner; Andrea Hoy, ISSA; Dr. Said Tabet, OCEG
Presentation preview: The State of IT Security and GRC in 2012

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Threat Hunting - An Indepth Explaination Jul 23 2018 4:00 pm UTC 60 mins
    Lance James, Andrew Johnston and Ulf Mattsson
    Threat Hunting is a complicated and often misunderstood cybersecurity activity that if properly used can add tremendous value to your cybersecurity posture.

    In this session you will learn:
    What is Threat Hunting?
    When do I use it?
    What will it tell me?
    How do I use it?
  • Cyber Strong: Preparing the Nation’s Cyber Workforce May 18 2018 5:00 pm UTC 60 mins
    Nancy Limauro, Deputy Branch Chief & Noel Kyle, Program Lead, Cybersecurity Education & Awareness Branch at DHS
    The Nation has an ever-growing need for cybersecurity professionals who can protect our networks and infrastructure from increasing cyber threats and attacks. According to a study by the Center for Cyber Safety and Education, there will be a shortage of 1.8 million information security workers by 2022. Building a skilled and agile cybersecurity workforce to fill these positions is a national challenge.

    To address the shortage of skilled workers, it is critical for all communities to work together to coordinate cybersecurity awareness, education, training, and workforce development efforts. Current initiatives across the Federal Government help advance the cybersecurity workforce, particularly through training and professional development. The Department of Homeland Security (DHS) is leading such efforts through its Cybersecurity Education and Awareness (CE&A) Branch.

    We will also share information about our Stop. Think. Connect.™ campaign to help promote safe online behavior. Stop. Think. Connect.™ resources provide partnership opportunities to academic institutions, government agencies/departments, as well as non-profit organizations.

    Join this webinar to learn:
    1.How to find CE&A awareness, education, and workforce development resources
    2.How to use National Cybersecurity Workforce Framework (NCWF) tools
    3.How to partner with our Stop. Think. Connect.™ Campaign

    This webinar is part of ISSA's Security Education and Awareness Special Interest Group Webinar Series.

    - Nancy Limauro, DHS, Deputy Branch Chief, Cybersecurity Education & Awareness Branch
    - Noel Kyle, DHS, Program Lead, Cybersecurity Education & Awareness Branch
  • The Board’s Role: Balancing Risk and Reward Apr 24 2018 12:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF LTD
    The board's involvement is absolutely crucial for communicating cybersecurity strategies and overall cybersecurity success.
    When boards and CISOs successfully engage, organisations can take advantage of the opportunities presented by cyberspace, as well as address associated risks.

    In this webinar, Steve Durbin, Managing Director at the ISF will discuss how the board of directors should lead collaboration and security awareness across the organisation, to help IT and security teams focus on what matters the most to the business, and ensure cybersecurity is embedded into the organisations business strategy.

    About the presenter

    Steve Durbin is Managing Director at the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
  • The State of Cyber Insurance: Market Update & Trends Mar 22 2018 5:00 pm UTC 60 mins
    Susan Young, SVP & Advisor Marsh USA, Inc. E & O and Cyber Practice
    New cyber risks and threats are emerging at a pace faster than ever before. How are cyber risks evolving, and which risks can be managed through cyber insurance? 

    We’ll address these questions – and dig a bit deeper into the state of the cyber insurance market and the role of cyber insurance in your overall cyber risk management strategy.  Cyber risk can’t be eliminated – it must be managed.

    About the Speaker:
    Susan Young is a Senior Vice President and advisor with Marsh’s
    national Cyber & E&O Practice (part of Marsh’s Financial & Professional Liability Practice, FINPRO) in the Seattle office. She is primarily focused on cyber /security & privacy risk, media liability, and technology errors and omissions.
  • Using Behavioural Economics to Raise Digital Resilience Amongst Employees Mar 22 2018 9:00 am UTC 60 mins
    Robin Smith, Head of IT Security, South Yorks NHS
    This case study examines how a major NHS organisation used Richard Thaler’s Nudge strategies to redirect employee behaviour and create a culture of cyber vigilance.

    Join this webinar presentation to learn:
    - Key lessons on the value of micro-marketing
    - Lessons from cybernetics
    - The value of cyber resilience in healthcare

    About the Presenter:
    Robin Smith is a former cybersecurity lead analyst in UK Police Service. He has authored four books on cyber security and is currently working on a documentary feature examining the impact of cyber-crime on society for release in 2018. He has previously worked in UK health sector, telecommunications and was formerly a lecturer at Loughborough University in Information Risk Strategy.
  • Red vs. Blue: The Threatscape Predictions for 2018 Mar 21 2018 9:00 pm UTC 60 mins
    Adi Ashkenazy, VP Product for XM Cyber
    Analyzing cyber-attacks from last year, this session will cover leading trends, and identify potential evolution both in the defensive and offensive fields going forward. As we do so, we will explore the increasing importance of automation and the diminishing role of the human professional in large scale networks.

    About the Speaker:
    Adi Ashkenazy is the VP Product for XM Cyber, an innovative cyber security start-up developing a revolutionary breach and attack simulation solution, capable of identifying critical attack paths towards key organizational assets, while providing actionable prioritized remediation. Prior to XM Cyber, Adi served as deputy director of an elite cyber technology department in the prime minister's office in Israel, leading Israel's finest engineers and security professionals through some of the most complex cyber security challenges in the world today.
  • [Webcam Panel] Threats and Cyber Resilience Mar 21 2018 5:00 pm UTC 60 mins
    Dan Paltiel (US Bank) | Matt Wolfe (Obsidian) | Roselle Safran (Rosint Labs)
    Cybersecurity is a key priority for CISOs in 2018. What are the cyber threats CISOs should be aware of? How can we build more resilient enterprises in an age of relentless cyber attacks?

    Join this interactive panel to learn more about:
    - The latest cyber threats
    - New attack trends
    - Fighting cyber crime in an age of breaches and stolen personal information
    - Understanding your cyber risk
    - CISO priorities for 2018
  • Information Warfare: The Social Media Edition Mar 21 2018 8:00 am UTC 45 mins
    Raj Samani, Chief Scientist, McAfee
    This keynote talk by Raj Samani, Chief Scientist at McAfee, explores the recent campaigns against prominent journalists and politicians, particularly into their social media lives as a tool to support the political agendas of adversaries. Join this webinar to learn more about the steps that we as professionals must take to protect our own brands, and those of the organizations we work for.

    About the Speaker:
    Raj Samani is a McAfee Fellow and Chief Scientist at McAfee. His prior roles include VP and Chief Technology Officer, EMEA, at Intel Security/McAfee and Chief Information Security Officer for a large public-sector organization in the United Kingdom. A leading international cybercrime expert, Samani has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3/EUROPOL).

    Samani volunteers as the Cloud Security Alliance EMEA Strategy Advisor, and is on the advisory councils for Infosecurity Europe and Infosecurity Magazine. Samani has published numerous security papers and is the author of 'Applied Cyber Security and the Smart Grid'. SC Magazine named Samani as one of the Top 10 Influencers in cyber security in 2016.
  • The State of Cyber Resiliency in the Age of Attacks Mar 20 2018 3:00 pm UTC 60 mins
    Dave Klein (GuardiCore) | Troy Vennon (Columbus Collaboratory)
    Cyber threats are at the top of mind for security professionals everywhere. With high-profile breaches on the rise and valuable customer information at stake, organizations worldwide are looking for ways to train their workforce to be cyber safe and better secure an ever-growing perimeter.

    Join this panel of experts as they discuss:
    - The biggest trends in cyber crime
    - Impact of Cryptocurrencies
    - Breaches and preventing future fraud and cyber attacks
    - Advancements in security technology
    - Why security awareness training should be a key part of your overall data protection strategy

    - Dave Klein, Senior Director Security Engineering and Architecture at GuardiCore
    - Troy Vennon, Cyber Threat Engineer, Columbus Collaboratory
  • The Rise and Rise of Ransomware: Prepare and Protect Mar 20 2018 1:00 pm UTC 45 mins
    Nick Frost, Principal Consultant, ISF
    The expectation from the start of 2017 – that we hadn’t seen the back of ransomware – was justified. 2017 was plagued with global attacks such as Petya, WannaCry, Bad Rabbit and many others. Unfortunately, 2018 could be even worse.

    With ransomware continuously developing new delivery techniques, organisations must learn how to prepare and protect themselves from the threat of ransomware, but how can they do this?

    In this webinar, Nick Frost, Principal Consultant at the ISF, will explore the latest threats in ransomware and what organisations can do to minimise vulnerabilities to reduce risks of an attack.

    About the presenter:

    Nick is currently the Principal Researcher for the Information Security Forum (ISF) Ltd. He has more than 15 years’ experience designing and implementing a risk-based approach to securing information. He has developed leading solutions for evaluating risk across both internal and supplier environments.
  • Learn about Cybersecurity Training for Military Vets Mar 1 2018 11:00 pm UTC 60 mins
    Maxwell Shuftan-CyberTalent Program Director, SANS Institute and Jessica Gulick CEO of Katzcy Consulting
    Join the SANS Institute and Katzcy for an insightful presentation about the SANS CyberTalent Academy opportunities. This academy is designed to help qualified veterans in Maryland and Chicago - area receive training and certifications to quickly and effectively launch careers in cybersecurity. The Immersion Academy is an intensive, accelerated program designed for completion in a matter of months, depending upon program selected. The program is at NO COST to the selected veterans who attend and includes training and certification.

    Come listen to learn:
    • What the selection process includes and important application tips
    • Understand what kind of training is provided (length and format)
    • How this training academy and related certifications can help your career

    Speaker Bio:
    Maxwell Shuftan
    CyberTalent Program Director, SANS Institute

    Max leads the CyberTalent division of the SANS Institute, the most trusted and the largest provider of information security training and certification in the world. In this role, he directs business development and stakeholder engagement to support the various SANS CyberTalent programs and develop strategic partnerships. He also oversees CyberTalent program operations and staff management. SANS CyberTalent helps organizations address their cybersecurity workforce development needs through initiatives such as the VetSuccess and Women's Immersion Academies as well as the Assessment tools. Max has worked in the public affairs and stakeholder engagement arena of cybersecurity for the past eight years, working with Government, corporate, and not-for-profit organizations, most recently as a Vice President at Cambridge Global Advisors, a homeland security strategic advisory services firm.
  • Tracking Hackers - AI cybersecurity for APIs Feb 27 2018 7:00 pm UTC 45 mins
    Bernard Harguindeguy, CEO, ElasticBeam
    What do oBike, a bicycle rental company, Instagram, and the IRS have in common? Answer -- hackers used APIs to access their customers sensitive information forcing these organizations to announce breaches. Although these API attacks were exposed, most API-based attacks go undetected these days – particularly attacks that used compromised credentials.

    This webinar will discuss API cyberattack examples and the techniques used by hackers to breach APIs. It will also review how AI-based security ​solutions can effectively stop these attacks and provide deep visibility into your API sessions for forensic and compliance reporting. Topics covered in this webinar include:
    - API cyberattack trends
    - Review of recent API attacks
    - How to monitor and protect your API activity
    - How to detect and block API attacks on your data/apps (live demo)
    - How to deliver reports with detailed traffic insight for any API
    - Best practices for securing APIs
  • How to get started with Security Automation and Orchestration Feb 27 2018 6:00 pm UTC 45 mins
    Kumar Saurabh, CEO & Co-founder of LogicHub
    Security Automation can significantly improve investigations, reduce tedious busy work, and strengthen defenses. However, it is not always clear where to start, and which use cases to apply automation to.

    In this webinar, we will provide a primer and discuss best practices. Topics discussed will include:
    - What is security automation and orchestration?
    - Different automation models
    - Examples of how automation has helped others
    - Assessing your automation readiness
    - Steps to get started - picking your first use cases

    The discussion will be led by Kumar Saurabh, a 15 year veteran of Security Operations, and CEO & Co-founder of LogicHub.
  • GDPR: Brace for Impact or Not? Feb 22 2018 6:00 pm UTC 60 mins
    Lance James | Mark Rasch | Martyn Hope | David Morris
    The GDPR compliance date is fastly approaching and many companies will not be compliant. What will this mean for them, what can they do over the remaining time left and what will the impact mean?

    Join this panel of world-class experts:

    Lance James: Chief Scientist at Flashpoint, internationally renowned Cybersecurity Specialist who has advised Boards and CISO’s at a wide range of government and F-500 organizations. Frequent lecturer and speaker.

    Mark Rasch: Chief Legal and Compliance Partner for Digital Risk Management & GDPR. Former Chief Security Evangelist for Verizon Enterprise Solutions, Chief Privacy Officer at SAIC and Led U.S. Department of Justice’s Cyber Crime Unit.

    Martyn Hope: Founder of the EU-GDPR Institute.

    In this session you will learn:
    - What will happen if I'm not Compliant by May 25, 2018
    - Where do I Begin to start my compliance effort
    - Who should I trust to advise me through my compliance program

    If you are a CISO, Board Member, Compliance Officer, Data Privacy Officer or anyone tasked with GDPR , this is a must see discussion of world-class panelists who are experts and have first hand knowledge and expereince.
  • GDPR and Security: De-Identifying Personal Data Feb 22 2018 4:00 pm UTC 60 mins
    Ashwin Chaudhary, President of Accedere
    Anonymization and Pseudonymization are ways GDPR recommends to De-Identify personal data. By making it impossible or impractical to connect personal data to an identifiable person, data controllers and processors may be able to do the processing and storage of personal data outside the scope of the GDPR.

    Join this webinar to learn the GDPR requirements for managing personal information and digital identity.
  • Practical Approach to GDPR Feb 22 2018 1:00 pm UTC 60 mins
    Tarun Samtani, Group GDPR Lead for Vectura Group Plc, & SkyePharma
    We all know that the EU General Data Protection Regulation (GDPR) will bring a massive change in the way businesses operate and handle personal data. This short discussion will give you to tips to jumpstart your GDPR programme and some easy approaches to take to achieve success in a short space of time.

    1) GDPR short summary
    2) Focus on the goals not vendors
    3) ICO & Data subject expectations - May 2018 onwards
    4) GDPR practical approach
    5) Takeaways

    About the Presenter:
    Tarun Samtani is the Group GDPR Lead for Vectura Group Plc, & SkyePharma. Tarun holds over 18+ years of experience across various sectors like Telecommunications, ISP's, Financial Services, Gambling, Retail and most recently Pharmaceuticals. Tarun has worked across UK, Europe, Asia & Middle East on different assignments. He has a wealth of experience in Cyber security & Data privacy and is passionate about securing business information landscape. During the course of his career Tarun has been involved in the strategy & planning, design, architecture and implementation of a significant number of information security programmes.
  • GDPR's influence on security Feb 22 2018 11:00 am UTC 45 mins
    Rob Shapland
    Will GDPR have the desired effect? Will it increase security, or see companies regularly hit with catastrophic fines for poor compliance.
  • GDPR Is Coming - Is Your Organization Ready? Key Steps to Help You Prepare Feb 21 2018 1:00 pm UTC 60 mins
    Amar Singh (Cyber Management Alliance) | Guy Cohen (Privitar) | Punit Bhatia (Author)
    On May 25 the long-awaited General Data Protection Regulation (GDPR) will go into effect across Europe. GDPR is the biggest overhaul of data protection laws in more than two decades. How prepared is your organization for GDPR?

    Join this interactive panel of experts as they discuss:
    - What is GDPR?
    - Why should you be GDPR-compliant?
    - How to achieve compliance?
    - Steps your organization should take today to prepare for GDPR
    - Other GDPR considerations

    - Amar Singh, Founder, Cyber Management Alliance
    - Guy Cohen, Strategy and Policy Lead, Privitar
    - Punit Bhatia, Author of "Be Ready for GDPR"
  • GDPR - Security at the Service of Privacy Recorded: Feb 20 2018 62 mins
    Michelle Dennedy (Cisco) | Ariel Silverstone (Data Protectors) | Paul Rosenzweig (Red Branch Consulting)
    The General Data Protection Regulation (GDPR), a key legislation covering privacy rights, data security, data control, and governance, is going into effect in May 2018. As organizations are scrambling to achieve GDPR compliance before the May 25th deadline, some are still not clear on the exact GDPR requirements.

    Join this panel of experts as they discuss:
    - The regulatory landscape in 2018
    - What GDPR means for you and your organization
    - GDPR requirements around data collection and governance, exposure and breach disclosure, identity and privacy
    - Evaluating your cyber risk
    - Last minute changes your organization needs to make
    - Failure to comply & fines
    - Recommendations for achieving compliance and other regulation on the horizon.

    - Michelle Dennedy, VP & Chief Privacy Officer at Cisco
    - Ariel Silverstone, Managing Partner, Data Protectors
    - Paul Rosenzweig, Principal at Red Branch Consulting
  • Threat Hunting Series: Rethinking Persistency Recorded: Feb 20 2018 41 mins
    Adi Ashkenazy, VP Product for XM Cyber
    In this episode of the Threat Hunting series, Adi Ashkenazy will follow some of the approaches hackers use to counter the methods of defenders trying to remove them from their target networks. Adi Ashkenazy will also discuss the evolution of persistency in cyber-attacks, and focus on modern and predicted trends.

    About the Speaker:
    Adi Ashkenazy is the VP Product for XM Cyber, an innovative cyber security start-up developing a revolutionary breach and attack simulation solution, capable of identifying critical attack paths towards key organizational assets, while providing actionable prioritized remediation. Prior to XM Cyber, Adi served as deputy director of an elite cyber technology department in the prime minister's office in Israel, leading Israel's finest engineers and security professionals through some of the most complex cyber security challenges in the world today.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The State of IT Security and GRC in 2012
  • Live at: May 1 2012 5:00 pm
  • Presented by: Ronald Ross, NIST; Anton Chuvakin, Gartner; Andrea Hoy, ISSA; Dr. Said Tabet, OCEG
  • From:
Your email has been sent.
or close