Learning from WikiLeaks

John Dasher, Senior Director Data Protection, McAfee
WikiLeaks has repeatedly published extremely confidential, classified U.S government documents obtained from U.S. government personnel who were not authorized to release the information. WikiLeaks is now threatening to disclose incriminating documents regarding a major U.S. bank. With the focus shifting to businesses, there is a new urgency to address information security within organizations. At risk are emails, documents, databases and internal websites that are critical to your business and your reputation. Routine security policies are usually insufficient should someone with legitimate access decide to go rogue. All that’s needed is intent, access to sensitive data, and a cheap thumb drive. Attend and learn how WikiLeaks happened; why it is relevant to your organization and easy steps that you can take to protect your sensitive information.
Feb 3 2011
46 mins
Learning from WikiLeaks
More from this community:

IT Security

  • Live and recorded (5260)
  • Upcoming (138)
  • Date
  • Rating
  • Views
  • Join Tom Kellerman, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who need to develop and implement a comprehensive cyber security strategy. Tom will highlight critical information including 2015 cyber threat trends and how risk management strategies have changed.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
    • And more...
  • A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.

    If a security device produces an alert in the forest, who’s there to hear it?

    The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.

    You will learn:
    1.How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
    2.Why next generation sandboxing and full-system emulation are the keys to combatting evasive malware threats
    3.The expertise needed to accurately identify and diagnose the threat once the alert is received
    4.How to ensure your organization has the ability to respond effectively to the incident and close all the backdoors a threat actor may have opened
  • 2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • Join Tom Kellermann, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who are ready to take the reins of a real and effective plan to secure their organization, their data, and their careers against targeted attacks.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
  • The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Cutting down on the time taken to complete complex document review cycles allows the modern lawyer to operate at the pace required by their industry.

    Join our webinar to learn top tips for shortening these review cycles without losing document integrity and risking corruption. We’ll also cover what technologies are available to provide a quick and accurate way to improve document review efficiency.
  • FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • Channel
  • Channel profile
  • Finding the Right Data Loss Prevention Solution for E-Discovery Recorded: Sep 13 2011 35 mins
    Organizations face a problem with the growing universe of digital information as it is considered to be business communications and must be preserved according to the same industry-specific regulations governing the retention and discovery of emails and more traditional forms of electronic communications. This poses a number of fundamental problems for organizations, their stakeholders, attorneys, IT professionals and compliance personnel as they try to balance the cost, burden and need for electronically stored information.

    Attend this webcast and learn about the special demands of litigation and discovery, requirements for preservation of relevant information, appropriate disposal of data that is irrelevant or no longer required
    and the role of DLP in the management of ESI, e-Discovery and data protection.
  • Making Data Loss Prevention Effective by Overcoming Uncertainty Recorded: May 12 2011 61 mins
    Protecting data can be tricky. It has many different forms, resides in many different locations, is subject to an increasing number of regulations but most importantly, it changes constantly. How can DLP solutions keep pace? Suffering from the "garbage in, garbage out" syndrome more than other security solutions, effective data protection places exacting requirements on IT. Join our data protection experts to hear their thoughts on how to make DLP solutions effective within this complex landscape.
  • Applying the "Quick Wins" DLP Methodology Recorded: May 11 2011 49 mins
    With all the latest breaches in the headlines, protecting sensitive data is now critical for all types of organizations. Yet deployment of data protection like DLP often seems daunting on the surface. Learn how to achieve rapid benefits while setting yourself up for a long-term deployment with the simple "Quick Wins" process developed by industry thought-leader Rich Mogull and his team at Securosis.
  • Learning from WikiLeaks Recorded: Feb 3 2011 46 mins
    WikiLeaks has repeatedly published extremely confidential, classified U.S government documents obtained from U.S. government personnel who were not authorized to release the information. WikiLeaks is now threatening to disclose incriminating documents regarding a major U.S. bank. With the focus shifting to businesses, there is a new urgency to address information security within organizations. At risk are emails, documents, databases and internal websites that are critical to your business and your reputation. Routine security policies are usually insufficient should someone with legitimate access decide to go rogue. All that’s needed is intent, access to sensitive data, and a cheap thumb drive. Attend and learn how WikiLeaks happened; why it is relevant to your organization and easy steps that you can take to protect your sensitive information.
  • Delivering Better Healthcare through Data Protection Recorded: Nov 3 2010 49 mins
    In 2010, the emphasis on cost control in healthcare continues. The HITECH Act of 2009 incentivizes healthcare providers to move to electronic health records (EHR) systems but that comes with increased risk of data breaches. According to the Los Angeles Times, roughly 150 people (from doctors and nurses to technicians and billing clerks) have access to at least part of a patient's records during a hospitalization. Of the 385 organizations hit with data breaches so far this year, 113 were in healthcare! As regulations governing the handling of data get tougher, healthcare IT organizations must take action to protect devices and prevent data loss. Data Loss Prevention and encryption solutions help you deliver better healthcare while controlling costs. Attend and learn how you can pass audits with confidence; reduce the complexity and cost of protecting your data and create a safe environment for physicians to freely exchange information.
  • Take the Doubt out of PCI with Data Loss Prevention Recorded: Sep 23 2010 40 mins
    Securing cardholder data is the cornerstone of complying with PCI DSS regulations. Protecting your customer's private data is also essential to protecting the reputation of your business and its brand. IT's role in achieving this goal is critical as the increasing complexity in multiple regulations creates a need for increasingly complex solutions. McAfee believes that a simple approach is better. Having the right tools reduces complexity and creates insight into real-world data use that has previously been hard to achieve. This webcast will discuss the best practices and technologies used by leading merchants to reduce the burden of achieving and sustaining PCI DSS compliance. The goal is to save you time and money by showing you how to appropriately apply solutions that offer the features you need to succeed.
  • Quick Wins with DLP - How to Make DLP Work for You Recorded: May 25 2010 49 mins
    When used properly, Data Loss Prevention (DLP) provides rapid identification and assessment of data security issues not available with any other technology. However, when not optimized, two common criticisms of DLP are 1) its complexity and 2) the fear of false positives. Security professionals often worry that DLP is expensive and will fail to deliver the expected value.

    A little knowledge and some planning go a long way towards a fast, simple, and effective deployment. By taking some straightforward best practice steps, you can realize significant immediate value and security gains without negatively impacting your productivity or wasting valuable resources.

    In this webcast you will learn how to:
    * Establish a flexible incident management process
    * Integrate with major infrastructure components
    * Assess broad information usage
    * Set a foundation for future focused efforts and policy tuning

    You will also hear how Continuum Health Partners safeguards highly sensitive patient data with McAfee DLP 9. Join us for this informative presentation.

    Presenters:
    Rich Mogull, Analyst & CEO, Securosis, L.L.C., Mark Moroses, Assistant CIO, Continuum Health Partners, and John Dasher, Senior Director, Data Protection, McAfee
Stories and Solutions focusing on Data Protection
Today, your data is constantly at risk of loss and exposure. The Internet itself, increasing numbers of easily lost or stolen mobile devices, and even insiders pose real threats. This channel will offer information around strong encryption, authentication, data loss prevention, and policy-driven security controls to help you prevent unauthorized access to your sensitive information.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Learning from WikiLeaks
  • Live at: Feb 3 2011 6:00 pm
  • Presented by: John Dasher, Senior Director Data Protection, McAfee
  • From:
Your email has been sent.
or close
You must be logged in to email this